Realcrypt: Mandriva’s Truecrypt – Howto Part 1

16 01 2008

Truecrypt was rebranded Realcrypt on Mandriva to get around a licensing issue. This howto will apply to Truecrypt on any Linux distro, the only difference is the naming, so change it accordingly if you aren’t using Mandriva.

The howto will guide you through creating a normal volume with Realcrypt, formating it with ext3 so we can take advantage of unix file ownership allowing us to write to the volume as a normal user, mounting and un-mounting the volume. To keep things as simple as possible we’re going to work from the base of our home directory, you can modify the location, file names etc after you have an understanding of the process.

[All user inputs are identified by bold red font and comments are marked with “##” as well as being in bold black font in the following sections]

[altoptions@desktop1 ~]$ sudo realcrypt -c
Volume type:
1) Normal
2) Hidden
Select [1]: 1

Enter file or device path for new volume: volume.tc
Filesystem:
1) FAT
2) None
Select [1]: 2

Enter volume size (bytes – size/sizeK/sizeM/sizeG): 100M

Hash algorithm:
1) RIPEMD-160
2) SHA-1
3) Whirlpool
Select [1]:##the default is 1 – just hit <enter>

Encryption algorithm:
1) AES
2) Blowfish
3) CAST5
4) Serpent
5) Triple DES
6) Twofish
7) AES-Twofish
8) AES-Twofish-Serpent
9) Serpent-AES
10) Serpent-Twofish-AES
11) Twofish-Serpent
Select [1]: 8

Enter password for new volume ‘volume.tc’:## enter your desired password
Re-enter password:## re-enter your desired password

Enter keyfile path [none]:## just hit <enter> we haven’t created a keyfile

RealCrypt will now collect random data.

Is your mouse connected directly to computer where RealCrypt is running? [Y/n]: ## hit <enter>

Please move the mouse randomly until the required amount of data is captured…
Mouse data captured: 100%

Done: 99.91 MB Speed: 7.08 MB/s Left: 0:00:00
Volume created.

********************************************************************************

We’ve now created an unformated volume, we’re going to map the volume so that we can format it with ext3 in the next section.

********************************************************************************
[altoptions@desktop1 ~]$ sudo realcrypt -i
Enter volume path: volume.tc
Enter mount directory [none]:##Hit <enter>
Protect hidden volume? [y/N]:##Hit <enter>
Enter keyfile path [none]:##Hit <enter>
Enter password for ‘/home/altoptions/volume.tc’:##Enter the Password you chose and hit <enter>

********************************************************************************

Let’s check to make sure the volume was mapped. Issue the command below and you should see a similar output

*******************************************************************************

[altoptions@desktop1 ~]$ sudo realcrypt -l
/dev/mapper/realcrypt0 /home/altoptions/volume.tc

********************************************************************************

Now we’ll format the volume with ext3

********************************************************************************
[altoptions@desktop1 ~]$ sudo mkfs.ext3 /dev/mapper/realcrypt0
mke2fs 1.40.2 (12-Jul-2007)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
25688 inodes, 102396 blocks
5119 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=67371008
13 block groups
8192 blocks per group, 8192 fragments per group
1976 inodes per group
Superblock backups stored on blocks:
8193, 24577, 40961, 57345, 73729

Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 25 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

********************************************************************************

Now that we’ve formated the volume we’ll create a directory in which we’ll mount the volume, then mount the volume, create a directory, and then take ownership of that directory. In the forth command below replace altoptions:altoptions with your user:group.
********************************************************************************

[altoptions@desktop1 ~]$ mkdir safe
[altoptions@desktop1 ~]$ sudo mount /dev/mapper/realcrypt0 safe
[altoptions@desktop1 ~]$ sudo mkdir safe/my_safe
[altoptions@desktop1 ~]$ sudo chown altoptions:altoptions safe/my_safe

********************************************************************************

Now we’ll change directories and check the ownership

[altoptions@desktop1 ~]$ cd safe
[altoptions@desktop1 safe]$ ls -l
total 13
drwx—— 2 root root 12288 2008-01-16 10:58 lost+found/
drwxr-xr-x 2 altoptions altoptions 1024 2008-01-16 10:59 my_safe/

********************************************************************************

You’ve now successfully created a normal volume, formated the volume, created the safe directory to be the mount point, mounted the volume and created a directory within it that we took ownership of so that we can write to the volume as a normal user. While mounted, you can use your file browser and create/copy any data like you would in any normal directory.

To continue on the howto example a little further in konsole, we’ll change to the my_safe directory we created and took ownership of and create a file named test.txt. We’ll no longer need to use ‘sudo’ as ownership of the directory is now our normal user account.

********************************************************************************

[altoptions@desktop1 safe]$ cd my_safe
[altoptions@desktop1 my_safe]$ touch test.txt
[altoptions@desktop1 my_safe]$ ls -l
total 0
-rw-r–r– 1 altoptions altoptions 0 2008-01-16 11:00 test.txt

********************************************************************************

To un-mount the volume, we’ll need to change directory out of the mounted volume which we did in the above step, then un-mount the volume, and then double check that no volumes are mapped.

********************************************************************************

[altoptions@desktop1 my_safe]$ cd ~
[altoptions@desktop1 ~]$ sudo umount /dev/mapper/realcrypt0
[altoptions@desktop1 ~]$ sudo realcrypt -d
[altoptions@desktop1 ~]$ sudo realcrypt -l
No volumes mapped
[altoptions@desktop1 ~]$

********************************************************************************

We’re done with the creation process, when you want to map and mount the volume to use it regularly the process would be as follows

********************************************************************************

[altoptions@desktop1 ~]$ sudo realcrypt -i
Enter volume path: volume.tc
Enter mount directory [none]: safe
Protect hidden volume? [y/N]:##Hit <enter>
Enter keyfile path [none]:##Hit <enter>
Enter password for ‘/home/altoptions/volume.tc’:##Enter the password you chose
[altoptions@desktop1 ~]$

********************************************************************************

Once you’re done using the volume, dismount and unmap it.

********************************************************************************

[altoptions@desktop1 ~]$ sudo realcrypt -d

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

That’s it for part 1 of the Howto, in part 2 we’ll look at creating and using a keyfile as well as the process of creating and using a hidden volume .

Continue to Part 2 of the Howto 


 

This work is licensed under a
Creative Commons Licence.

Blogged with Flock

Tags: , , , ,

Advertisements

Actions

Information

4 responses

19 01 2008
Realcrypt: Mandriva’s Truecrypt - Howto Part 2 « alt options

[…] 19 01 2008 Now that we’ve gone over the basics of using Realcrypt [or Truecrypt] in Part 1 of the Howto, we’ll move on to discover the true genius of a hidden volumes in Part 2. Using […]

20 01 2008
Realcrypt: Mandriva’s Truecrypt - Howto Summary « alt options

[…] Mandriva’s Truecrypt – Howto Summary 20 01 2008 Hopefully Part 1 and Part 2 of the Howto have given you a fairly good base and you have a comfortable understanding […]

31 07 2008
Sam

I went through all these steps, was able to create and mount the normal encrypted partition and even put a few files there.

Then I changed directory to a place on another partition and tried to realcrypt -d, but it said the device was in use and couldn’t be unmounted. I was no longer even logged in as the user that put the files on the encrypted partition. I closed all my konsole windows just to be sure and opened a new one, but it still wouldn’t let me unmount.

Finally I did a reboot. Then when I tried to realcrypt -i and mount it again, it said no such file or directory. :(

22 10 2008
clothier

I tried this before and my skills were not sufficient to get it working in spite of your excellent guide. The good news is that now installs from Mandriva 2008.1 source, with a GUI. For duds like myself, it’s a big relief. Cheers and thanks again.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: