One of the difficult issues that you must face is that on reboot you must interact in order to mount the truecrypt volume. You will need to enter a password or hit enter to mount if you have used a key only. Either way it will not be automatic. This means that either as a normal user or as root someone will need to be present to interact if the machine is booted, it will not be automatic. The only way around this is to write a script that contains the password, which is not a great idea.
Mount and Umount as root
If the volumes you are using are used by the root user you will need to do two things; unmount properly and mount properly when you boot.
Edit root’s .bash_logout script and add this line to properly unmount all truecrypt volumes.
truecrypt -d
To automatically remount the volume on boot you will need to edit the /etc/rc.local file and add this to the end of the file:
truecrypt -k “” -p=my_password_here –protect-hidden=no –mount /protect/encrypt.tc /media/truecrypt3
If this security issue is not acceptable then you will need to be present when it reboots to be able to enter a password to mount the encrypted volume. Here is the information you would use requiring a password to be entered.
truecrypt -k “” –protect-hidden=no –mount /protect/encrypt.tc /media/truecrypt3
{ 1 trackback }