LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 03-13-2005, 04:54 PM   #1
rpz
Member
 
Registered: Mar 2005
Posts: 126

Rep: Reputation: 15
TrueCrypt for linux?


I'm in the process of encrypting my external hard drive and all my USB memory keys. I found a nice open source program called TrueCrypt that works well enough for me, but unfortunately its windows only. I know it is possible to encrypt disk images in linux and mount them as virtual filesystems, but what I want is compatibility with both Windows and Linux, otherwise it would be rather pointless as I'm dualbooting.
I realize truecrypt is not easily portable to linux because it's a driver (I think). But on the other hand, I think a simple user-space program would be all that's needed since the disk image should be decrypted when read from (like a pipe or something). So, to my question:
Is there anything that will decrypt a TrueCrypt disk image in Linux?
If not, is there any other open source disk encryption program that works with both linux and windows? HAL integration would be excellent (I think the LUKS project has it, but I'm not sure).
 
Old 03-13-2005, 06:08 PM   #2
jtshaw
Senior Member
 
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Blog Entries: 1

Rep: Reputation: 66
I don't know about windows compatibility, but using dm-crypt you can setup encrypted swap partitions and encrypted partitions.
 
Old 03-13-2005, 10:09 PM   #3
rpz
Member
 
Registered: Mar 2005
Posts: 126

Original Poster
Rep: Reputation: 15
From what I've read, dm-crypt is basically the same as a crypto loop device, which I read a tutorial about (but naturally forgot the link to :/), but it seems to be a better method from what I'm reading. Anyway, that approach has no equivalent in Windows, from what I know. But then I read that TrueCrypt partitions have no header (except for maybe some random data, I don't know for sure). Anyway, that got me thinking, wouldn't the end result be the same if I e.g. made a FAT partition in an image file and encrypted with TrueCrypt?
One of the nice things about USB memory is that it can be used to move data between computers. Solutions like dm-crypt is probably very good for fixed storage like hard drives. When using removable storage, putting entries in fstab is not really a good idea (what if you're not even root on that machine? assuming the encryption software is installed, of course). Anyway, if dm-crypt is the best program around It'll have to do...

Another thing, does anyone have experience with EncFS? What are the security considerations, how reliable is it and so on? I guess this question applies to any disk encryption program: Which methods can deal with unclean unmounts? External storage is extra vulnerable since you could accidentally unplug it. I've read somewhere that encrypted disks are sensitive to this...
 
Old 03-15-2005, 09:21 AM   #4
rpz
Member
 
Registered: Mar 2005
Posts: 126

Original Poster
Rep: Reputation: 15
Is there really no existing cross-platform solution for disk encryption? This would be a true killer app! Everyone owning a dual-booting laptop computer would want it. The only thing I've seen so far is LUKS, but that seems to be in very early development.
 
Old 03-15-2005, 09:47 AM   #5
jtshaw
Senior Member
 
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Blog Entries: 1

Rep: Reputation: 66
Well, part of the problem is there are not really any cross-platform file systems. Windows doesn't have any file systems that support a traditional unix permissions model and Windows doesn't have the ability to read any of the unix/linux file systems. You best bet is probably to keep an archive of pgp encrypted files or something like that.
 
Old 03-15-2005, 10:08 AM   #6
rpz
Member
 
Registered: Mar 2005
Posts: 126

Original Poster
Rep: Reputation: 15
FAT32 works with both systems. I know permissions is a problem, and another problem is the case-sensitivity in filenames, but that's what everyone that needs dual-booting has to live with, encryption or not. Dual-booting is my only solution (as I need to do some Win32 programming).
My problem is that I don't want to encrypt individual files. I want a solution where all my personal files (documents, mail, etc) is encrypted on the fly. I want to enter a password at boot-time and then be able to forget about it. Encrypted files is too much hassle (which, imho, is the biggest problem with security today).
Anyway, I found something called BestCrypt (www.jetico.com). It's a commercial product. Has anyone got experience with this program? It looks good "on the paper" except for that it is not free and open source. I prefer TrueCrypt, but unless there is some linux equivalent I might be forced to use BestCrypt. But I hope for a better option. What about the previously mentioned dm-crypt? Is there anything on Windows that will mount it?
 
Old 03-15-2005, 10:17 AM   #7
AxeZ
Member
 
Registered: Sep 2002
Location: Novi Sad, Vojvodina
Distribution: Slackware, FreeBSD
Posts: 386

Rep: Reputation: 32
Encripting individual files with gnupg for example is enough for both windows and Linux instead of encrypting whole filesystem.
 
Old 03-15-2005, 11:07 AM   #8
rpz
Member
 
Registered: Mar 2005
Posts: 126

Original Poster
Rep: Reputation: 15
Encrypting individual files is not what I'm looking for, as previously pointed out. To minimize damage in the unfortunate event that my laptop should get stolen, I want to encrypt ALL personal files stored on it.
Is it possible to create a disk image that is mountable in read/write in both operating systems and then encrypt the disk image on the fly with a file encrypting software? I guess this is how TrueCrypt works but since its format is not compatible with any linux encryption software (to the best of my knowledge), it does not suit my needs.
 
Old 03-15-2005, 11:29 AM   #9
rpz
Member
 
Registered: Mar 2005
Posts: 126

Original Poster
Rep: Reputation: 15
Here is another software that is supposed to work with linux
http://www.ce-infosys.com.sg/CeiNews_FreeCompuSec.asp
However, only a tiny number of kernels are supported... And still, open source is preferred.
 
Old 03-16-2005, 05:48 PM   #10
stevious
LQ Newbie
 
Registered: Dec 2004
Posts: 3

Rep: Reputation: 0
Quote:
Originally posted by rpz
Anyway, I found something called BestCrypt (www.jetico.com). It's a commercial product. Has anyone got experience with this program? It looks good "on the paper" except for that it is not free and open source. I prefer TrueCrypt, but unless there is some linux equivalent I might be forced to use BestCrypt. But I hope for a better option. What about the previously mentioned dm-crypt? Is there anything on Windows that will mount it?
I can answer part of that question. I've been using BestCrypt in Linux only (no dual boot systems, sorry) and it works just fine. I have not tested accessing a BestCrypt container in Windows that was created while booted in Linux, or vice-versa, so I can't speak to that. Although BestCrypt works OK, I'll be switching to TrueCrypt when the Linux version is released, as I don't trust closed-source encryption software.

Please post your experiences with BestCrypt in a dual-boot environment, if you please.
 
Old 03-19-2005, 07:20 AM   #11
vanGeorg
LQ Newbie
 
Registered: Mar 2005
Posts: 2

Rep: Reputation: 0
I've been looking for an encryption solution for both Linux and Windows for a long time. I kept using BestCrypt, and I can say that it worked well on both OS. The only annoying restriction is that you can not use container files larger than 2 GB on the Linux side. Recently I came across FreeOTFL (OTFL = On The Fly Encryption) on http://www.freeotfe.org/ and it seems that this program could turn out to be the one thing I'm looking for. It's a Windows program with Linux losetup compatibility, so if you use an encrypted FAT32 file system, you should be able to access it from Linux as well using the standard loop encryption mechanism. I didn't try it yet, though, because it's still considered a test version. If anyone gains any experience, please let me know!
 
Old 03-19-2005, 02:58 PM   #12
rpz
Member
 
Registered: Mar 2005
Posts: 126

Original Poster
Rep: Reputation: 15
I tried FreeOFTL, and it works OK, although I don't trust it completely. It doesn't support the default algorithms used by cryptsetup either (I think it was the MAC that needed to be changed to md5 or something like that -- I'm not sure about how this affects security).
It's a pity that the excellent TrueCrypt software is not compatible with cryptsetup files. That would've been THE solution to all crypto problems. I'm hoping for a fix in future releases Truecrypt is also FAST. Very fast. I tried using cryptsetup and I got like 6 MB/sec, while in TrueCrypt I got more like 30 MB/sec (using the same algo, aes256) (well, on different computers, but they had basically the same specs).
 
Old 03-20-2005, 06:13 AM   #13
vanGeorg
LQ Newbie
 
Registered: Mar 2005
Posts: 2

Rep: Reputation: 0
Thanks for your information!

I looked at the TrueCrypt website after reading your comment and I think we got reason for hope - "Linux Version" is the first issue listed under "Future" (http://truecrypt.sourceforge.net/future.php). So I guess I'll wait for that as well... taking extreme care of my laptop so long .
 
Old 05-19-2006, 08:19 AM   #14
JZL240I-U
Senior Member
 
Registered: Apr 2003
Location: Germany
Distribution: openSuSE 13.1 / 12.3_64-KDE, Ubuntu 14.04, Fedora 20, Mint 17, Chakra
Posts: 3,655

Rep: Reputation: Disabled
Umm, I dunno whether that's still of interest but TrueCrypt (now) does have a linux command line counterpart. See http://www.truecrypt.org/
 
Old 05-19-2006, 09:05 AM   #15
haertig
Senior Member
 
Registered: Nov 2004
Distribution: Debian, Ubuntu, LinuxMint, Slackware, SysrescueCD
Posts: 1,998

Rep: Reputation: 302Reputation: 302Reputation: 302Reputation: 302
TrueCrypt DOES work on both Linux and Windows. I use is on both. The encrypted containers are transferrable between systems. There is no GUI for Linux yet (planned for the future). But really, how hard can it be to run the three basic operations from the command line? Create a volume, mount it, unmount it. Up until the latest release (came out a month or two ago), you had to create your volumes on Windows but then you could mount them on Linux. The newest version allows Linux creation, so Windows does not figure into the mix anymore (except you can transfer volumes between OS'es if you want).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Errors Installing Truecrypt hamstereater Linux - Software 4 12-02-2008 01:59 AM
link dies intermittently-seemingly at random- between win<->linux not linux<->linux?? takahaya Linux - Networking 10 03-09-2007 10:37 PM
triple boot linux/linux/linux No Windows involved toastermaker Linux - Newbie 12 03-02-2006 10:40 PM
Truecrypt: Kernel module not loaded Synatic Linux - Software 4 01-21-2006 02:43 PM
Truecrypt problem. No available loopback interface white scorpion Linux - Security 4 11-28-2005 07:33 AM


All times are GMT -5. The time now is 06:22 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration