Change to the /root home directory.
# truecrypt -c data
Volume type:
1) Normal
2) Hidden
Select [1]:
Choose 1)
Encryption algorithm:
1) AES
2) Serpent
3) Twofish
4) AES-Twofish
5) AES-Twofish-Serpent
6) Serpent-AES
7) Serpent-Twofish-AES
Twofish-Serpent
Select [1]:
Hash algorithm:
1) RIPEMD-160
2) SHA-512
3) Whirlpool
Select [1]:
Filesystem:
1) FAT
2) None
Select [1]:
Choose 2) so because you will use ext3 as the file system.
Enter password:
You may get this warning if the password is too short.
WARNING: Short passwords are easy to crack using brute force techniques!
We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? (y=Yes/n=No) [No]: yes
Re-enter password:
Enter keyfile path [none]:
Please type at least 320 randomly chosen characters and then press Enter:
ipk;k;f,/,pljfdopsfdsk;s ;k;lfdk;salk;fkdo0opmcv.,mouk980909358onmsmdlnmcosd8u0dfs9870978g09sjdlnmdlnfglskiu9780378joln
nnjfdsl98098080sjdslmlmdf.mfsaldkjlkjdfsddddjfo9843lsdkjlfnmsd,.jflisjdluif09erwui0dsfuolsdjlmcskdciu9o8u
0943ulsmndflmsd.,mflsdjflsjdfldksjlakdjfopiue09843u0984u39incvlsmncv,mnsalkjf0o43u909u0349804398fd
s0ajfolkjslcmasldkjfj4309809ucvljsalcmsldjfo43u8909ud0asucvlsdj
The TrueCrypt volume has been successfully created.
# truecrypt -t /root/data –filesystem=none
# truecrypt -l
1: /root/data /dev/mapper/truecrypt1 -
# truecrypt -t –volume-properties
Slot: 1
Volume: /root/data
Virtual Device: /dev/mapper/truecrypt1
Mount Directory:
Size: 9.8 MB
Type: Normal
Read-Only: No
Hidden Volume Protected: No
Encryption Algorithm: AES
Primary Key Size: 256 bits
Secondary Key Size (XTS Mode): 256 bits
Block Size: 128 bits
Mode of Operation: XTS
PKCS-5 PRF: HMAC-RIPEMD-160
Volume Format Version: 2
Embedded Backup Header: Yes
mkfs.ext3 /dev/mapper/truecrypt1
mke2fs 1.41.3 (12-Oct-2008)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
2496 inodes, 9984 blocks
499 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=10223616
2 block groups
8192 blocks per group, 8192 fragments per group
1248 inodes per group
Superblock backups stored on blocks:
8193
Writing inode tables: done
Creating journal (1024 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 37 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
# truecrypt -d /root/data
# mkdir encrypted
# ls
data encrypted
# truecrypt /root/data /root/encrypted
Enter password for /root/data:
Enter keyfile [none]:
Protect hidden volume? (y=Yes/n=No) [No]:
# cp /etc/*.conf /root/encrypted
# ls encrypted/
adduser.conf hdparm.conf ltrace.conf sysctl.conf
ca-certificates.conf host.conf mke2fs.conf syslog.conf
debconf.conf inetd.conf nsswitch.conf ts.conf
deluser.conf kernel-img.conf pam.conf ucf.conf
e2fsck.conf ld.so.conf popularity-contest.conf updatedb.conf
fuse.conf logrotate.conf resolv.conf vsftpd.conf
gai.conf lost+found sensors.conf xinetd.conf
df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/wk-root 27850940 1297192 25138992 5% /
tmpfs 126644 0 126644 0% /lib/init/rw
varrun 126644 288 126356 1% /var/run
varlock 126644 0 126644 0% /var/lock
udev 126644 2784 123860 3% /dev
tmpfs 126644 0 126644 0% /dev/shm
/dev/sda5 241116 18734 209934 9% /boot
/dev/mapper/truecrypt1 9663 1268 7896 14% /root/encrypted