TrueCrypt is an open source encryption application, it has an ability to create hidden encrypted containers and file systems/volumes, it is portable and cross platform compatible. It allows to use cascading cyphers and encrypts/decrypts files on the fly. Be sure to read the FAQ and documentation before fully committing your files to TrueCrypt.
- install via yum:
sudo yum install fuse fuse-devel wx_Base wx_GTK wx_GTK-devel
- download source code package:
http://www.truecrypt.org/downloads2
tar -zxvf TrueCrypt\ 6.2a\ Source.tar.gz
cd truecrypt-6.2a-source
- Download RSA Security Inc. PKCS #11 Cryptographic Token Interface files
wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h
wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h
wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h
- build package
make
- copy binary to /usr/bin
cd Main
sudo chown root:root truecrypt && sudo cp truecrypt /usr/bin
- copy icon files to icon repository
cd ../Resources/Icons
sudo chown root:root * && sudo cp * /usr/share/icons
One last order of business is to setup your sudoers file to so that TrueCrypt does not complain about requiring tty for sudo command needed to mount encrypted volumes. There are 2 ways of doing that:
1. The less secure way — disable requiretty globally by adding an exclamation mark in front of requretty,
# Defaults specification
#
# Disable "ssh hostname sudo ", because it will show the password in clear.
# You have to run "ssh -t hostname sudo ".
#
Defaults !requiretty
2. The more secure way especially for multi-user environments — create user alias called WHEELUSERS, assign users to this user alias:
## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem
User_Alias WHEELUSERS = max
– Create a defaults entry for user alias disabling requiretty.
# Defaults specification
#
# Disable "ssh hostname sudo ", because it will show the password in clear.
# You have to run "ssh -t hostname sudo ".
#
Defaults requiretty
# added for truecrypt requiretty complaint
Defaults:WHEELUSERS !requiretty
Video below is a walk through of creating a TrueCrypt desktop short-cut and creation of encrypted container.
3 responses so far ↓
1 Mike from ND // Aug 23, 2009 at 12:03 pm
Your tutorial is very nice. However, truecrypt has some real issues with licenses. Fedora tried to get them to reword their license because it is not open source despite what they claim. So I watch out they may embed something into their software someday or make it pay based . Any ways Fedora, Ubuntu and Suse won’t put this in their packages because of that. Fedora has went so far as to warn people not to even install it after they must of had an argument with truecrypt they black listed them recommended all users to avoid this software. Lastly with Fedora 11 you can Encrypt your whole drive at once which is nice built into the OS on install. Only problem is going from Linux to Windows their is not easy or well known way to do this other then truecrypt. The linux people are going to have to come up with alternatives but right now they only have file based encryption or only linux based as far as I could tell unless you can do it with LiveCDs or something.
2 Teleston // Oct 21, 2009 at 2:15 am
Excellent, very well written instructions!
Congratulations.
3 Brian // Feb 9, 2010 at 9:37 am
Excellent instructions. I followed along and had Truecrypt up and running on Fedora 12 in no time. Thanks!
Leave a Comment