TrueCrypt is a phenomenal open-source disk encryption software that runs on Windows or Linux. Unfortunately, the installer doesn’t work so well on Ubuntu Edgy, so I’ve created this article to help walk you through the process.
First, download the source code from the downloads page, because the Ubuntu debian package is compiled for 586 instead of 686 kernel, so we’ll have to build it ourself.
Copy the downloaded file into whatever location you’d like. The next step is to install some required software for the build process to execute. You may have some or all of these installed on your machine already.
sudo apt-get install build-essential dmsetup gawk linux-source linux-headers-`uname -r`
Note: Make sure that the ` character is the one below the tilde ~ key.
Now that we’ve installed the prerequisites, we’ll need to do a small amount of setup before it will work properly. Note that the exact version of the kernel may be different on your machine, but you are using tab completion anyway, right? =)
sudo bunzip2 linux-source-2.6.17.tar.bz2
sudo tar xvf linux-source-2.6.17.tar
sudo ln -s linux-source-2.6.17 linux
sudo make -d -C linux modules_prepare
The last step will send a whole lot of stuff flying by…. eventually it may prompt you to select yes on a question or two. This step is necessary because you’ll probably get an error later on otherwise.
Change directory back to the download directory, and now we’ll extract the source code, which contains both windows and linux source…
tar xzvf truecrypt-4.2a-source-code.tar.gz
Since Truecrypt installs a kernel module, you will have to run the build script in superuser mode.
This should have run successfully without errors at this point. Now we can launch the installation script, now that we know everything has been built successfully.
geek@ubuntuServ:~/truecrypt-4.2a/Linux$ sudo ./install.sh
Checking installation requirements…
Testing truecrypt… Done.
Install binaries to [/usr/bin]:
Install man page to [/usr/share/man]:
Install user guide and kernel module to [/usr/share/truecrypt]:
Allow non-admin users to run TrueCrypt [y/N]: Y
Installing kernel module… Done.
Installing truecrypt to /usr/bin… Done.
Installing man page to /usr/share/man/man1… Done.
Installing user guide to /usr/share/truecrypt/doc… Done.
Installing backup kernel module to /usr/share/truecrypt/kernel… Done.
At this point, Truecrypt is successfully installed. If you are already familiar, you can get back to work. If not, here’s a couple of common use scenarios.
Creating a Truecrypt volume
Creating a truecrypt volume can be as simple as running truecrypt -c <filename>, but there are some options you can use on the command line if you would prefer:
geek@ubuntuServ:~$ truecrypt –size 200MB –type normal –encryption AES –hash RIPEMD-160 –filesystem FAT -c myvolume.tc
Enter password for new volume ‘myvolume.tc’:
Enter keyfile path [none]:
TrueCrypt will now collect random data.
Is your mouse connected directly to computer where TrueCrypt is running? [Y/n]:
Please type at least 320 randomly chosen characters and then press Enter:
Mount a TrueCrypt volume
You should create a directory to mount the Truecrypt volume in. I named mine tcmount
truecrypt -u myvolume.tc tcmount
Note: You must use the -u option in order to mount the volume in user mode so that you will have write access to it.
Dismount a TrueCrypt volume
truecrypt -d <mountpoint>
Check to see if the TrueCrypt volume is mounted
geek@ubuntuServ:~$ df -m Filesystem 1M-blocks Used Available Use% Mounted on /dev/sda1 7698 1835 5472 26% / varrun 78 1 78 1% /var/run varlock 78 0 78 0% /var/lock procbususb 10 1 10 1% /proc/bus/usb udev 10 1 10 1% /dev devshm 78 0 78 0% /dev/shm /dev/mapper/truecrypt0 20 1 20 1% /home/geek/tcmount
I mounted the volume in a directory called tcmount, and you can see it at the bottom of the list
Mounting a volume on a USB stick
You can mount a volume on a USB stick just as easily as mounting a regular volume. Just supply the full path to the truecrypt volume on the USB stick and a mount point directory of your choice.
truecrypt -u /media/usbdisk/myvol.tc tcmount
Programmer by day, geek by night, The Geek, also known as Lowell Heddings, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on Google+ if you'd like.
- Published 12/22/06