Cheap VPS & Xen Server

Residential Proxy Network - Hourly & Monthly Packages

Protect Your Files With TrueCrypt 5.1a On Debian Etch (GNOME)


This document describes how to set up TrueCrypt 5.1a on Debian Etch (GNOME). Taken from the TrueCrypt page: “TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).”

One important change in version 5 is that it is not longer affected by changes to the Linux kernel.

This howto is a practical guide without any warranty – it doesn’t cover the theoretical backgrounds. There are many ways to set up such a system – this is the way I chose.

 

1 Preliminary Note

I used a standard Debian Etch r3 system for this howto – there were no extra repositories added.

 

2 Needed Packages

Let’s install some needed packages (root privileges are needed).

apt-get install build-essential libfuse-dev fuse-utils pkg-config libgtk2.0-dev

 

3 FUSE Kernel Module

Now we have to load the FUSE kernel module (root privileges needed):

modprobe fuse

To make sure that the FUSE kernel module will be loaded automatically on boot you have to add it to the modules list (root privileges needed).

vi /etc/modules

Add the following two lines to the file.

#FUSE for TrueCrypt
fuse

 

4 WxWidgets

The wxWidgets source code is needed to build the TrueCrypt executable – so let’s download it (do this as user, not as root!).

cd ~/Desktop/
wget http://kent.dl.sourceforge.net/sourceforge/wxwindows/wxGTK-2.8.7.tar.gz
tar xvfz wxGTK-2.8.7.tar.gz

 

5 TrueCrypt

5.1 Get It

Open http://www.truecrypt.org/downloads.php within your preferred browser and click on the corresponding link to get to the download page for the source code.

tc1

Select “Mac OS X / Linux (.tar.gz)” from the drop-down menu, read the license agreement and accept it if you agree with it. Now click on “Download” …

tc2

… and save the file.

tc3

Next unpack the file. You can do this on the desktop …

tc4

… or from the command line (do this as user, not as root!).

cd ~/Desktop/
tar xvfz TrueCrypt\ 5.1a\ Source.tar.gz

 

5.2 Compile It

Now we compile the TrueCrypt executable (do this as user, not as root!).

cd ~/Desktop/truecrypt-5.1a-source/
make WX_ROOT=~/Desktop/wxGTK-2.8.7 wxbuild
make

Ignore the warning “gsockgtk.cpp:134: warning: ´wxDummyGsockVar´ defined but not used” – that’s nothing important.

At this point switch to the root account and copy the TrueCrypt executeable to the right place.

su –
%root_password%
cp /home/%your_username%/Desktop/truecrypt-5.1a-source/Main/truecrypt /usr/local/bin/

After that switch back to your user account, copy the user manual to the desktop and delete the remaninig .tar.gz files and the unpacked source files.

exit
cd ~/Desktop/
cp truecrypt-5.1a-source/Release/Setup\ Files/TrueCrypt\ User\ Guide.pdf ~/Desktop/
rm -Rf truecrypt-5.1a-source TrueCrypt\ 5.1a\ Source.tar.gz wxGTK-2.8.7 wxGTK-2.8.7.tar.gz

6 TrueCrypt Group

First we have to create a group that we’ll use within the sudo configuration in the next step. All users that belong to this group will be able to use TrueCrypt at full volume. The settings for users and groups are available in the GNOME desktop menu.

tc5

Enter the root password.

tc7

7 Sudo

We have to adjust the sudo configuration to make sure that all members of the group “truecrypt” are allowed to use it (needed to mount crypted files/devices). Open the sudo configuration (root privileges needed) via:

visudo

Add the following line to the file …

%truecrypt ALL=(root) NOPASSWD:/usr/local/bin/truecrypt

… and save the changes (CTRL+X respectively STRG+X for German users).

 

8 GNOME Launcher

Let’s create a launcher in the GNOME menu to ease the access to TrueCrypt (root privileges needed).

vi /usr/share/applications/truecrypt.desktop

The content should look like this:

[Desktop Entry]
Encoding=UTF-8
Name=TrueCrypt
Name[de]=TrueCrypt
Name[en_CA]=TrueCrypt
Name[en_GB]=TrueCrypt
Comment=TrueCrypt v5.1a
Comment[de]=TrueCrypt v5.1a
Comment[en_CA]=TrueCrypt v5.1a
Comment[en_GB]=TrueCrypt v5.1a
Exec=truecrypt
Icon=/usr/share/icons/Nuvola/scalable/stock/gtk-dialog-authentication.svg
Terminal=false
Type=Application
Categories=GNOME;Application;System;
StartupNotify=true

9 Access TrueCrypt

You can now use the launcher to access the TrueCrypt gui. Please note that it’s also possible to use TrueCrypt via the command line.

tc8

tc9

Additionally you’ll see a TrueCrypt icon in the upper panel (even if you close the gui) where you can show/hide the gui, mount/dismount volumes and adjust a few settings.

tc10

Please have a look at the user manual on your desktop to find out how to use TrueCrypt.

 

Debian: http://www.debian.org/
TrueCrypt: http://www.truecrypt.org/

Comments

comments