Disk Encryption With TrueCrypt

By Juliet Kemp (Send Email)
Posted May 18, 2009


Continuing on last week's coverage of computer security, TrueCrypt is open source disk encryption software for Linux, Windows and Mac OSX. There are Linux binaries available for OpenSuSE (.rpm) and Ubuntu (.deb); otherwise you can install from source.

Tip of the Trade: TrueCrypt, open source disk encryption software for Linux, Windows and Mac OS X, makes it easy to tighten security. Among its many useful features is the ability to create a hidden encrypted volume inside a standard encrypted one.

TrueCrypt has several useful features, including the ability to create a hidden encrypted volume inside a standard encrypted one. In a situation where you're forced to reveal your password, that hidden volume can't be identified (as it looks the same as the random data you get anyway on an encrypted volume). Encryption/decryption is handled on-the-fly. Although there is a slowdown, it isn't prohibitive.

It's also possible to access the same encrypted partition/volume on multiple OSes, as long as they have TrueCrypt installed and are able to read the filesystem used on the disk. (So you still can't get at your ext3 filesystem on Windows!) This is particularly useful for encrypting the USB drive you might carry around in your pocket.

The current version of TrueCrypt requires the use of sudo. If you need multiple users to be able to access the volume, add this line to /etc/sudoers:

%truecrypt ALL=(root) NOPASSWD:/usr/bin/truecrypt
then add the relevant users to the truecrypt group. These users will be able to execute the truecrypt command as root but nothing else.

The documentation is comprehensive, including some interesting technical details. Unfortunately, as yet it can't encrypt the Linux OS (it does do this for Windows systems), so for Linux it's data-only encryption at present.

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.