LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 06-08-2009, 10:49 AM   #1
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Rep: Reputation: 31
Truecrypt Install Question


I have thought about installing TrueCrypt on all my systems but the question that I have is, will I need to start with a formatted and blank hdd, install TrueCrypt and then install OS. Or can I keep my current install and just install TrueCrypt. Also during the encryption, how much freespace is needed while the disk is encrypting? Reason I has is one disk only has 300mb free, with possibly less space soon.

Another question, any suggestions for using TrueCrypt with NFS/Samba Volumes?

Now after I get this installed just need to figure out how to integrate the encrypt/decrypt into kscreensaver so that when I lock kde session the drives get encrytped and unmounted and then mounted and decrypted when I unlock session. This would only be for my non system disks. Same goes for login/logoff.

And yes to answer the question, I'm paranoid so I want to encrypt everything, even the unimportant stuff.
 
Old 06-08-2009, 12:19 PM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
Quote:
Originally Posted by richinsc View Post
I have thought about installing TrueCrypt on all my systems but the question that I have is, will I need to start with a formatted and blank hdd, install TrueCrypt and then install OS. Or can I keep my current install and just install TrueCrypt.
I've been using TrueCrypt for several years. I think it's great. I use it to encrypt all of my data but not my system files. In order to do this you can keep your current system installation and encrypt separate data partitions. In order to keep things simple I encrypt a partition and mount it on /home. That has all of the user account home directories and user data.

TrueCrypt is designed to encrypt an entire partition, not individual files. In that regard it is very different from Microsoft Encrypted File System, for example.

Quote:
Originally Posted by richinsc View Post
Also during the encryption, how much freespace is needed while the disk is encrypting? Reason I has is one disk only has 300mb free, with possibly less space soon.
All encryption and decryption is done in RAM on the fly. You do not need any additional disk space to hold files in some intermediate state.

If you only have 300 MB free you may want to invest in an additional disk.

If you currently have only one partition on the disk then I would recommend that you back up your data, repartition the disk, and create a separate partition for /home.

Quote:
Originally Posted by richinsc View Post
Another question, any suggestions for using TrueCrypt with NFS/Samba Volumes?
This is discussed in the TrueCrypt user manual. Basically you have to mount an unencrypted file share, create a file in the file share to hold an image of a file system, encrypt that and mount it on the client computer.

The good part of this is that the data is encrypted while it is traveling over the network between the file server and the client. All of the encryption/decryption is done on the client computer. The files are never decrypted on the file server.

This method prevents multiple access of files on the server. When one TrueCrypt container file is mounted on a client it cannot be mounted on any other client computers.

The alternative is to have TrueCrypt installed on the file server and do the encryption/decryption on the file server. The the files in the container or encrypted partition can be accessed by more than one computer but the data is sent over the network in unencrypted form.

Quote:
Originally Posted by richinsc View Post
Now after I get this installed just need to figure out how to integrate the encrypt/decrypt into kscreensaver so that when I lock kde session the drives get encrytped and unmounted and then mounted and decrypted when I unlock session. This would only be for my non system disks. Same goes for login/logoff.
This isn't very practical. Basically the encrypted partition would be mounted while you are logged in. You could create some kind of setup where the mounted volumes would be unmounted when a screensaver is started but it would require you to enter the password for the encrypted partition when you came back to use the computer.

Quote:
Originally Posted by richinsc View Post
And yes to answer the question, I'm paranoid so I want to encrypt everything, even the unimportant stuff.
Me too.

Read the TrueCrypt user manual available at the TrueCrypt site, then install it and play around with it.

Last edited by stress_junkie; 06-08-2009 at 12:25 PM.
 
Old 06-08-2009, 01:03 PM   #3
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by stress_junkie View Post
I've been using TrueCrypt for several years. I think it's great. I use it to encrypt all of my data but not my system files. In order to do this you can keep your current system installation and encrypt separate data partitions. In order to keep things simple I encrypt a partition and mount it on /home. That has all of the user account home directories and user data.

What about if I want to encrypt the system to? Will I need to do a reinstall of system? Or can I install truecrypt without a reinstall. I have been thinking of moving to ext4 since I am currently running ext3 but don't want to have to go through having to re-setup all my customization. I have yet to write any scripts that customizes my machine the way I like after install, I need to write some.

Code:
Filesystem            Size  Used Avail Use% Mounted on
/dev/hda2              28G   13G   14G  49% /
tmpfs                 1.5G     0  1.5G   0% /lib/init/rw
udev                   10M  104K  9.9M   2% /dev
tmpfs                 1.5G     0  1.5G   0% /dev/shm
/dev/hda3             156G   99G   49G  67% /home
/dev/hdb1             151G  143G  333M 100% /media/videos
//SERVER/SHARE    184G  149G   26G  86% /media/data
//SERVER/SHARE    184G  167G  7.8G  96% /media/Music
The music and videos I'm not too worried about but I am paranoid like I say. Besides Plausible Deniability will help my case if the RIAA decides I'm a threat, thus preventing self-incrimination. It's amazing how easy you can forget your password at just the right time. In fact when you think about it, everyone in this country should be doing it to protect themselves... All those 10 - 15 yrs old downloading pirated stuff on family computer not realizing consequences.
 
Old 06-08-2009, 07:32 PM   #4
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
Quote:
Originally Posted by richinsc View Post
What about if I want to encrypt the system to?
... encrypt the system too, not to.

As I said, read the user manual.

http://www.truecrypt.org/docs/?s=hid...erating-system

TrueCrypt only supports encrypting the system partition on Windows.

http://www.truecrypt.org/docs/?s=sys...n-supported-os

Last edited by stress_junkie; 06-08-2009 at 07:49 PM.
 
Old 06-16-2009, 08:08 AM   #5
richinsc
Member
 
Registered: Mar 2007
Location: Utah
Distribution: Gentoo Linux (3.0.6-gentoo)
Posts: 222

Original Poster
Rep: Reputation: 31
How does whole disk encryption via encrypted lvm stand up against truecrypt? Of course the whole point that I am trying to do have the these system not broadcast to the world the the contents are encrypted, but for this question, how does Linux Disk Envryption via LVM stand up against truecrypt.
 
  


Reply

Tags
truecrypt


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Truecrypt 5.0 install problems. checkmate3001 Linux - Software 12 11-27-2011 05:25 AM
Truecrypt Permissions dauphinfay Linux - Software 2 02-13-2009 06:57 AM
truecrypt koker Grafpup 1 01-03-2008 10:55 AM
Problems with truecrypt Cereal765 Linux - Software 4 03-13-2007 01:59 PM
cannot install truecrypt on SUSE 9.3 izquierdista Linux - Security 5 12-12-2005 06:07 AM


All times are GMT -5. The time now is 11:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration