[url]https://www.idrix.fr/Root/content/category/7/32/60/[/url]
Here is a complete step-by-step guide to set up and use Veracrypt for linux :
[url]http://www.linuxandubuntu.com/home/encr ... -truecrypt
[/url]
I followed instructions using Mintpup, and got the installation right, resulting in an encrypted file container. Keep in mind that, like any other file, you can delete it.
Download page :
[url]https://veracrypt.codeplex.com/wikipage?title=Downloads[/url]
From website :
[i]VeraCrypt picks up from where TrueCrypt left and it adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks.
VeraCrypt also solves many vulnerabilities and security issues found in TrueCrypt. It can load TrueCrypt volume and it offers the possibility to convert TrueCrypt containers and non-system partitions to VeraCrypt format.[/i]
Beginner's Tutorial here :
[url]https://veracrypt.codeplex.com/wikipage ... 20Tutorial[/url]
Online documentation (PDF available) here :
[url]https://veracrypt.codeplex.com/documentation[/url]
System requirements :
■Linux 32-bit and 64-bit versions with kernel 2.6 and newer.
The setup process for Linux might not be as easy as for Windows. Advanced Puppy users could shed a light on how to set up VeraCrypt.
Hidden or freely visible volume encryption is also possible with VeraCrypt, either a partition or all your USB device.
Note :
Only keeping an encrypted partition on your USB flash drive seems a good compromise between security and availability. Keep confidential information on your encrypted partition and everyday stuff on an another unencrypted partition, this way you don't need to use VeraCrypt every single time to mount your USB flash drive.
To encrypt volume, here is a how-to :
[url]https://www.maketecheasier.com/create-e ... +Easier%29[/url]
Further reading :
[url]https://www.ghacks.net/2018/09/14/verac ... re-review/[/url]
VeraCrypt
-
friendofjane
- Posts: 15
- Joined: Thu 29 Nov 2012, 23:54
- Location: europe
Hi,
I'm considering to change all my containers from truecrypt (TC) to veracrypt (VC).
Some days ago I installed the veracrypt on my puppy precise 5.7.1 frugal on usb-stick.
Installation is easy. You launch veracrypt-1.16-setup-gui-x86 in a terminal, it installs VC to /usr/bin.
Test it by calling VC in a terminal, it should work.
Then I made a program menu entry in menu->Utilities with MenuEntryMaker.
To see the new program in the menu you have to relaunch the X-Server!
(I didn't know that, I retried to make a menu entry and had finally 3 inserts of VC in my program menu...)
Next I took a TC-container to convert it into a VC-container.
The conversion is very easy: you mount the TC-volume with VC, you have to put a cross in the box "Truecrypt compatibility".
Than you have the choice:
1) change the volume password or
2) change the Header key derivation algorithm.
I choose n° 2 because I wanted to keep my password.
You add some random data by moving the mouse. Click OK and wait. Be patient, it may take some minutes. That's all.
Test: mount the volume with VC without putting a cross in the "Truecrypt" box and it should mount.
Test 2: mount the volume with TC or with VC under TC mode doesn't work any more: now the volume is a VC volume!
Please note that VC-volumes take more time to mount than TC-volumes which mount allmost instantly. With VC it takes 5 to 20 secondes to mount, up to 30 sec if the processor is slow, but you win 10 to 100 times more security with regard to brute force attacks.
The GUI is nearly the same, so the use of VC is easy if you know TC.
I did the same installation on an OpenSuse PC with no problem.
I didn't test the windows version.
Feature wish
I would appreciate a feature existing for windows: the possitbility to encrypt the system partition of an installed windows OS. I did it with TC on a win 7 laptop, it's really comfortable (it took 10 or 12 hours and works fine)
Having this feature for linux, ie encrypt an existing linux system partition with VC would be really nice. It's probably difficult to develop such a feature because there are so many different distributions ?
Personal
In the first time after the strange stop of the TC maintenance without any explanations I was suspicious concerning the TC-fork VC. Now I won confidence. The company IDRIX is in Paris (France), their webserver too, - so there won't be NSA letters to force the company installing backdoors in VC. The cryptography research is worldwide public research, the source code is obtainable.
I hope that security audits will follow.
I'm considering to change all my containers from truecrypt (TC) to veracrypt (VC).
Some days ago I installed the veracrypt on my puppy precise 5.7.1 frugal on usb-stick.
Installation is easy. You launch veracrypt-1.16-setup-gui-x86 in a terminal, it installs VC to /usr/bin.
Test it by calling VC in a terminal, it should work.
Then I made a program menu entry in menu->Utilities with MenuEntryMaker.
To see the new program in the menu you have to relaunch the X-Server!
(I didn't know that, I retried to make a menu entry and had finally 3 inserts of VC in my program menu...)
Next I took a TC-container to convert it into a VC-container.
The conversion is very easy: you mount the TC-volume with VC, you have to put a cross in the box "Truecrypt compatibility".
Than you have the choice:
1) change the volume password or
2) change the Header key derivation algorithm.
I choose n° 2 because I wanted to keep my password.
You add some random data by moving the mouse. Click OK and wait. Be patient, it may take some minutes. That's all.
Test: mount the volume with VC without putting a cross in the "Truecrypt" box and it should mount.
Test 2: mount the volume with TC or with VC under TC mode doesn't work any more: now the volume is a VC volume!
Please note that VC-volumes take more time to mount than TC-volumes which mount allmost instantly. With VC it takes 5 to 20 secondes to mount, up to 30 sec if the processor is slow, but you win 10 to 100 times more security with regard to brute force attacks.
The GUI is nearly the same, so the use of VC is easy if you know TC.
I did the same installation on an OpenSuse PC with no problem.
I didn't test the windows version.
Feature wish
I would appreciate a feature existing for windows: the possitbility to encrypt the system partition of an installed windows OS. I did it with TC on a win 7 laptop, it's really comfortable (it took 10 or 12 hours and works fine)
Having this feature for linux, ie encrypt an existing linux system partition with VC would be really nice. It's probably difficult to develop such a feature because there are so many different distributions ?
Personal
In the first time after the strange stop of the TC maintenance without any explanations I was suspicious concerning the TC-fork VC. Now I won confidence. The company IDRIX is in Paris (France), their webserver too, - so there won't be NSA letters to force the company installing backdoors in VC. The cryptography research is worldwide public research, the source code is obtainable.
I hope that security audits will follow.
Distro: Ubuntu Tahr 64 6.0.5 on usb stick
With no reasoning behind it, I just don't trust VeraCrypt. I think it's because they all of sudden took TrueCrypt over in the middle of its controversy and all of a sudden, hey we fixed it all and here....
I hope that I'm wrong but something seemed funny about that. Meanwhile, I think the TrueCrypt audit showed no major security flaws. Am I right with this?
I hope that I'm wrong but something seemed funny about that. Meanwhile, I think the TrueCrypt audit showed no major security flaws. Am I right with this?
-
bark_bark_bark
- Posts: 1885
- Joined: Tue 05 Jun 2012, 12:17
- Location: Wisconsin USA
-
mcradventures
- Posts: 10
- Joined: Wed 25 Jan 2017, 08:09
I can't get Truecrypt or Veracrypt working on Slacko or Tahr. I can install them and create containers, but can't mount them. Would be nice to be able to use one or the other, but barring that, would be nice to have some kind of encrypted containers. Running Puppy from a laptop makes me uneasy when there is no (easy?) current way that I'm aware of to encrypt my private files outside of the save file. I hear gpg can be used, but I have no idea how to use it to encrypt whole folders full of hundreds of files easily.
What if you check "Don't use kernel cryptographic services" in Preferences -> System Integration?mcradventures wrote:I can't get Truecrypt or Veracrypt working on Slacko or Tahr. I can install them and create containers, but can't mount them.
Greetings!
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]
[b][color=green]Omnia mea mecum porto.[/color][/b]
-
mcradventures
- Posts: 10
- Joined: Wed 25 Jan 2017, 08:09
Thank you! That worked and just tried Veracrypt and it made and mounted the container.SFR wrote:What if you check "Don't use kernel cryptographic services" in Preferences -> System Integration?mcradventures wrote:I can't get Truecrypt or Veracrypt working on Slacko or Tahr. I can install them and create containers, but can't mount them.
Greetings!
Personal Iterations Multiplier
PIM is used by volumes even if the creator of the volume did not specify a value. It is an optional component that improves security: it adds another step to the authentication process similarly to two-factor authentication. The main difference is that the PIM value is fixed and not generated on the fly when requested. An attacker needs to know the master password and the PIM, if not set to default, to breach the encryption successfully and access the content of the drive or partition.
The how-to : https://www.ghacks.net/2018/11/26/how-t ... pt-volume/
The how-to : https://www.ghacks.net/2018/11/26/how-t ... pt-volume/
Puppy-Universal VeraCrypt -- easily obtained
Hi All,
Although I usually boot into Xenialpup64, I maintain and use several Puppy versions. Looked at Xenialpup's requirements on its Ubuntu Repo and among them was 'fuse?'. Maybe some others. But running several Puppies, both 32 & 64 bit, I decided to see if a 'Universal' version for Puppy was possible. [My 64-bit OSes use their respective compatibility SFSes].
https://pkgs.org/'s search box did not find any 'veracrypt' builds for Ubunut or debian. But there were several for Slackware including one for Slacko 14.0, the basis for my second most frequently used Puppies. So I downloaded veracrypt-1.23-i486-1alien.tgz, used UExtract to decompress it, and ran dir2sfs on the resulting folder.
[By the way, you can just Right-Click the tgz, then select install. That works as well. But only for the Puppy into which you've installed it].
Checking with ListDynamicDependencies, ldd, and starting it via a terminal revealed neither problems nor missing dependencies in either Slacko 5.7.x nor Xenialpup64. Under Xenialpup64, following the instructions here, https://www.veracrypt.fr/en/Beginner%27 ... orial.html I was able to create and use an veracrypt volume.
Note, the instructions appear to have been for an 'earlier?' version. For example, Step 2 shows the possible volumes as identified by letters, while my versions shows them identified as numbers. And two steps in the instructions appear to have been combined in the GUI. But, you should be able to use the instructions as a guide as each explains its purpose and the choices you have.
Note 2, Veracrypt can be added to Rox's Right-Click>SendTo menu --a GUI for your password will then appear and providing that will mount the volume. But you will still have to file browse thru /mnt --where an icon named veracrypt1 appeared, even though I had chosen* the 10th "volume". Clicking it opened the volume. To unmount the Volume, veracrypt was called via menu entry.
*Well, I guess it ignored my choice. Although I had select the 10th, from veracrypt's initial GUI, the volume I created appears in the 1st position. FWIW, I had chosen the 10th position under the misguided guess that --there being 8 hard-drive partitions (among 2 hard-drives) and booting from a USB-Stick-- earlier positions might somehow conflict.
Don't you hate it when applications know more than you.
Although I usually boot into Xenialpup64, I maintain and use several Puppy versions. Looked at Xenialpup's requirements on its Ubuntu Repo and among them was 'fuse?'. Maybe some others. But running several Puppies, both 32 & 64 bit, I decided to see if a 'Universal' version for Puppy was possible. [My 64-bit OSes use their respective compatibility SFSes].
https://pkgs.org/'s search box did not find any 'veracrypt' builds for Ubunut or debian. But there were several for Slackware including one for Slacko 14.0, the basis for my second most frequently used Puppies. So I downloaded veracrypt-1.23-i486-1alien.tgz, used UExtract to decompress it, and ran dir2sfs on the resulting folder.
[By the way, you can just Right-Click the tgz, then select install. That works as well. But only for the Puppy into which you've installed it].
Checking with ListDynamicDependencies, ldd, and starting it via a terminal revealed neither problems nor missing dependencies in either Slacko 5.7.x nor Xenialpup64. Under Xenialpup64, following the instructions here, https://www.veracrypt.fr/en/Beginner%27 ... orial.html I was able to create and use an veracrypt volume.
Note, the instructions appear to have been for an 'earlier?' version. For example, Step 2 shows the possible volumes as identified by letters, while my versions shows them identified as numbers. And two steps in the instructions appear to have been combined in the GUI. But, you should be able to use the instructions as a guide as each explains its purpose and the choices you have.
Note 2, Veracrypt can be added to Rox's Right-Click>SendTo menu --a GUI for your password will then appear and providing that will mount the volume. But you will still have to file browse thru /mnt --where an icon named veracrypt1 appeared, even though I had chosen* the 10th "volume". Clicking it opened the volume. To unmount the Volume, veracrypt was called via menu entry.
*Well, I guess it ignored my choice. Although I had select the 10th, from veracrypt's initial GUI, the volume I created appears in the 1st position. FWIW, I had chosen the 10th position under the misguided guess that --there being 8 hard-drive partitions (among 2 hard-drives) and booting from a USB-Stick-- earlier positions might somehow conflict.
Don't you hate it when applications know more than you.