Create Encrypted Files on Ubuntu 8.10

by Mike on December 22, 2008

in Encryption

Change to the /root home directory.

# truecrypt -c data
Volume type:
1) Normal
2) Hidden
Select [1]:

Choose 1)

Encryption algorithm:
1) AES
2) Serpent
3) Twofish
4) AES-Twofish
5) AES-Twofish-Serpent
6) Serpent-AES
7) Serpent-Twofish-AES
8) Twofish-Serpent
Select [1]:

Hash algorithm:
1) RIPEMD-160
2) SHA-512
3) Whirlpool
Select [1]:

Filesystem:
1) FAT
2) None
Select [1]:

Choose 2) so because you will use ext3 as the file system.

Enter password:

You may get this warning if the password is too short.

WARNING: Short passwords are easy to crack using brute force techniques!

We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? (y=Yes/n=No) [No]: yes

Re-enter password:

Enter keyfile path [none]:

Please type at least 320 randomly chosen characters and then press Enter:
ipk;k;f,/,pljfdopsfdsk;s ;k;lfdk;salk;fkdo0opmcv.,mouk980909358onmsmdlnmcosd8u0dfs9870978g09sjdlnmdlnfglskiu9780378joln
nnjfdsl98098080sjdslmlmdf.mfsaldkjlkjdfsddddjfo9843lsdkjlfnmsd,.jflisjdluif09erwui0dsfuolsdjlmcskdciu9o8u
0943ulsmndflmsd.,mflsdjflsjdfldksjlakdjfopiue09843u0984u39incvlsmncv,mnsalkjf0o43u909u0349804398fd
s0ajfolkjslcmasldkjfj4309809ucvljsalcmsldjfo43u8909ud0asucvlsdj

The TrueCrypt volume has been successfully created.

# truecrypt -t /root/data –filesystem=none

# truecrypt -l
1: /root/data /dev/mapper/truecrypt1 -
# truecrypt -t –volume-properties
Slot: 1
Volume: /root/data
Virtual Device: /dev/mapper/truecrypt1
Mount Directory:
Size: 9.8 MB
Type: Normal
Read-Only: No
Hidden Volume Protected: No
Encryption Algorithm: AES
Primary Key Size: 256 bits
Secondary Key Size (XTS Mode): 256 bits
Block Size: 128 bits
Mode of Operation: XTS
PKCS-5 PRF: HMAC-RIPEMD-160
Volume Format Version: 2
Embedded Backup Header: Yes

mkfs.ext3 /dev/mapper/truecrypt1
mke2fs 1.41.3 (12-Oct-2008)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
2496 inodes, 9984 blocks
499 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=10223616
2 block groups
8192 blocks per group, 8192 fragments per group
1248 inodes per group
Superblock backups stored on blocks:
8193

Writing inode tables: done
Creating journal (1024 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 37 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

# truecrypt -d /root/data

# mkdir encrypted
# ls
data  encrypted
# truecrypt /root/data /root/encrypted
Enter password for /root/data:
Enter keyfile [none]:
Protect hidden volume? (y=Yes/n=No) [No]:
# cp /etc/*.conf /root/encrypted
# ls encrypted/
adduser.conf          hdparm.conf      ltrace.conf              sysctl.conf
ca-certificates.conf  host.conf        mke2fs.conf              syslog.conf
debconf.conf          inetd.conf       nsswitch.conf            ts.conf
deluser.conf          kernel-img.conf  pam.conf                 ucf.conf
e2fsck.conf           ld.so.conf       popularity-contest.conf  updatedb.conf
fuse.conf             logrotate.conf   resolv.conf              vsftpd.conf
gai.conf              lost+found       sensors.conf             xinetd.conf

df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/wk-root   27850940   1297192  25138992   5% /
tmpfs                   126644         0    126644   0% /lib/init/rw
varrun                  126644       288    126356   1% /var/run
varlock                 126644         0    126644   0% /var/lock
udev                    126644      2784    123860   3% /dev
tmpfs                   126644         0    126644   0% /dev/shm
/dev/sda5               241116     18734    209934   9% /boot
/dev/mapper/truecrypt1    9663      1268      7896  14% /root/encrypted

Previous post:

Next post: