Truecrypt Install Question
 

I have thought about installing TrueCrypt on all my systems but the question that I have is, will I need to start with a formatted and blank hdd, install TrueCrypt and then install OS. Or can I keep my current install and just install TrueCrypt. Also during the encryption, how much freespace is needed while the disk is encrypting? Reason I has is one disk only has 300mb free, with possibly less space soon.

Another question, any suggestions for using TrueCrypt with NFS/Samba Volumes?

Now after I get this installed just need to figure out how to integrate the encrypt/decrypt into kscreensaver so that when I lock kde session the drives get encrytped and unmounted and then mounted and decrypted when I unlock session. This would only be for my non system disks. Same goes for login/logoff.

And yes to answer the question, I'm paranoid so I want to encrypt everything, even the unimportant stuff.

I've been using TrueCrypt for several years. I think it's great. I use it to encrypt all of my data but not my system files. In order to do this you can keep your current system installation and encrypt separate data partitions. In order to keep things simple I encrypt a partition and mount it on /home. That has all of the user account home directories and user data.

TrueCrypt is designed to encrypt an entire partition, not individual files. In that regard it is very different from Microsoft Encrypted File System, for example.

All encryption and decryption is done in RAM on the fly. You do not need any additional disk space to hold files in some intermediate state.

If you only have 300 MB free you may want to invest in an additional disk.

If you currently have only one partition on the disk then I would recommend that you back up your data, repartition the disk, and create a separate partition for /home.

This is discussed in the TrueCrypt user manual. Basically you have to mount an unencrypted file share, create a file in the file share to hold an image of a file system, encrypt that and mount it on the client computer.

The good part of this is that the data is encrypted while it is traveling over the network between the file server and the client. All of the encryption/decryption is done on the client computer. The files are never decrypted on the file server.

This method prevents multiple access of files on the server. When one TrueCrypt container file is mounted on a client it cannot be mounted on any other client computers.

The alternative is to have TrueCrypt installed on the file server and do the encryption/decryption on the file server. The the files in the container or encrypted partition can be accessed by more than one computer but the data is sent over the network in unencrypted form.

This isn't very practical. Basically the encrypted partition would be mounted while you are logged in. You could create some kind of setup where the mounted volumes would be unmounted when a screensaver is started but it would require you to enter the password for the encrypted partition when you came back to use the computer.

Me too.

Read the TrueCrypt user manual available at the TrueCrypt site, then install it and play around with it.

What about if I want to encrypt the system to? Will I need to do a reinstall of system? Or can I install truecrypt without a reinstall. I have been thinking of moving to ext4 since I am currently running ext3 but don't want to have to go through having to re-setup all my customization. I have yet to write any scripts that customizes my machine the way I like after install, I need to write some.

The music and videos I'm not too worried about but I am paranoid like I say. Besides Plausible Deniability will help my case if the RIAA decides I'm a threat, thus preventing self-incrimination. It's amazing how easy you can forget your password at just the right time. ;) In fact when you think about it, everyone in this country should be doing it to protect themselves... All those 10 - 15 yrs old downloading pirated stuff on family computer not realizing consequences.

... encrypt the system too, not to.

As I said, read the user manual.

http://www.truecrypt.org/docs/?s=hid...erating-system

TrueCrypt only supports encrypting the system partition on Windows.

http://www.truecrypt.org/docs/?s=sys...n-supported-os

How does whole disk encryption via encrypted lvm stand up against truecrypt? Of course the whole point that I am trying to do have the these system not broadcast to the world the the contents are encrypted, but for this question, how does Linux Disk Envryption via LVM stand up against truecrypt.