I was planning put /home folder on truecrypt volume. So as per your comment, the only way I can do it is mount it from script at boot time. Is that correct?Originally Posted by MontanaMax
Just Give Me the Beans!
I was planning put /home folder on truecrypt volume. So as per your comment, the only way I can do it is mount it from script at boot time. Is that correct?
A Carafe of Ubuntu
Thanks for the guide, I managed to get it all up and running on Edgy AMD64 by compiling from source.
Here's a few additions to your guide:
- When compiling from source don't forget to change the permissions on truecrypt to allow normal users to mount drives:
Code:chmod u+s /usr/bin/truecrypt
- To make an ext3 container, rather than FAT:
- Set the format type to None when creating the container.
- Mount the container:
Code:truecrypt /home/ian/encrypted_files.tc
- Check which device your container is mounted as:
Code:ian@hannah:/var/home/ian$ truecrypt -vl /dev/mapper/truecrypt0: Volume: /home/ian/encrypted_files.tc Type: Normal Size: 1073741312 bytes Encryption algorithm: AES Mode of operation: LRW Read-only: No Hidden volume protected: No
- Now format the device:
Code:sudo mkfs.ext3 /dev/mapper/truecrypt0
- You can now mount the formatted container as per usual:
Note do NOT use the -u option for ext3 drives.Code:sudo truecrypt /home/ian/encrypted_files.tc /home/ian/encrypted
- You will now have to change the permissions of the mount point. You only need to do this once (it survives a reboot):
Ian.Code:sudo chmod ian.users -R /home/ian/encrypt
A Carafe of Ubuntu
Good info, Ian. There is a problem creating large ext2/3 containers. Anything over a few GB will hard lock the system. According to posts at the Truecrypt forum this is a kernel issue. The workaround is to:
export MKE2FS_SYNC=10
Then create filesystem normally.
See http://forums.truecrypt.org/viewtopic.php?t=4205
Tea Glorious Tea!
is it possible to open a container created under linux on a windows machine?
lex1
Grande Half-n-Half Cinnamon Ubuntu
yes
Spilled the Beans
In case it is of interest to any of you, I have written a small shell script which can be used to automatically mount/unmount a truecrypt volume with a GUI-like interface... I have attached it to this message.
I realized that if you're not logged in, you can't access the attachment, so for those of you who don't want to log in...
Code:#!/bin/bash # script to mount/unmount a truecrypt volume under GNOME # this script assumes that it will be run by a user, and that the truecrypt binary has had its # permissions set to SUID root. (i.e. from a root shell, type "chmod u+s /usr/bin/truecrypt") # A launcher should be created which runs this script from an icon on the desktop or panel. # Make sure to specify the script's absolute path in the launcher # Using this script could be a security hazard -- someone could maliciously modify the script # to get your encrypted-volume password. Use it at your own risk... # ------------- CHANGE THE FOLLOWING VARIABLES AS NEEDED ----------------- # location of truecrypt binary TC=/usr/bin/truecrypt # file containing an encrypted volume ENCRYPTEDFILE=/home/johndoe/secretvolume.tc # where to mount the volume MOUNTPOINT=/media/truecrypt # ------------------------------------------------------------------------ function update_volismounted { VOLISMOUNTED=`$TC -l|grep $ENCRYPTEDFILE` } update_volismounted if [ "$VOLISMOUNTED" ]; then # unmount the volume $TC -d $ENCRYPTEDFILE update_volismounted if [ "$VOLISMOUNTED" ]; then # open file-browser zenity --error --text="truecrypt volume mounted at $MOUNTPOINT could not be unmounted." else zenity --info --text="Successfully unmounted truecrypt volume $ENCRYPTEDFILE" fi else # mount the volume gksu -p --message "Please enter your truecrypt password for $ENCRYPTEDFILE" | $TC -u $ENCRYPTEDFILE $MOUNTPOINT update_volismounted if [ "$VOLISMOUNTED" ]; then # open file-browser nautilus $MOUNTPOINT else zenity --error --text="Mounting of truecrypt volume failed." fi fi
Last edited by edgimar; January 21st, 2007 at 02:45 PM. Reason: added code as non-attachment
Just Give Me the Beans!
I have used truecrypt to create ext3 contains as big as 250GB and never saw this issue. Maybe I am just lucky! Thanks for the info though.
Gee! These Aren't Roasted!
If the only reason TrueCrypt won't be included in Ubuntu is that it's not GPL, lets start mailing the makers of TrueCrypt to publish it under GPL. With enough requests from people and also donations I'm confident they'd change to GPL.
First Cup of Ubuntu
Thanks for the guide. I was able to finally figure out how to mount my NTFS partition created in WinXP.
truecrypt --filesystem ntfs-3g /dev/sda1 /home/daz/tcmnt
Just Give Me the Beans!
This sounds like a great idea. Maybe somebody could create a template for an email everybody interested could send over to the good people at Truecrypt?
_____________
Kabron Kline
_____________
Posting Permissions
Adv Reply
Bookmarks