treki
Premium
- Registriert
- 24. Januar 2011
- Beiträge
- 1.591
- Reaktionspunkte
- 409
- Punkte
- 253
Hab mich schon oft genervt, dass man die Konsolenversion von Truecrypt nur nach langem suchen findet.
Hier die Linux x64 Console Version:
Weiss nicht, ob ich die richtige Sektion erwischt habe. Sonst bitte verschieben
Ergänzend dazu mein privates Tutorial hier (für Wheezy):
Hier die Linux x64 Console Version:
Sie müssen registriert sein, um Links zu sehen.
Weiss nicht, ob ich die richtige Sektion erwischt habe. Sonst bitte verschieben
Ergänzend dazu mein privates Tutorial hier (für Wheezy):
Code:
aptitude install fuse fuse-utils libdevmapper
download wget https://enigmabox.net/truecrypt/truecrypt-7.1a-linux-console-x64.tar.gz
Extract
To extract the setup file, run
tar xfvz truecrypt-7.1a-linux-console-x64.tar.gz
Again substituting the version number and architecture type if necessary. Don't worry about where to extract it to: anywhere is fine as the installer will handle the installation path automatically.
Install
Again substituting the version and architecture (last time, I promise), run:
./truecrypt-7.1a-linux-console-x64.tar.gz
And you'll be guided through the installation. At first, you should see:
TrueCrypt 7.1a Setup
____________________
Installation options:
1) Install truecrypt_7.1a_console_amd64.tar.gz
2) Extract package file truecrypt_7.1a_console_amd64.tar.gz and place it to /tmp
To select, enter 1 or 2:
Enter 1, and then press Enter to read the terms and conditions. Hold down your Space key for a while, if, like most people, you are not actually intent on reading them. (Enter will also work, but Space goes page by page instead of line by line).
Type y to accept the terms, and then press Enter. You'll be told about the prerequisites.
Requirements for Running TrueCrypt:
FUSE library and tools
device mapper tools
Press Enter to continue.
Which should already be installed on Ubuntu and Debian systems.
Now you'll see a message about how to uninstall TrueCrypt (The words "Uninstalling TrueCrypt" may be a bit misleading – but don't worry, they're just instructions for how to uninstall should you want to do so). Press Enter to exit the installer. TrueCrypt is now installed on your system.
Usage
create a volume
To interactively create a new encrypted volume, use the command:
truecrypt -c /path/to/volume/directory/volumename
For example, to create a new volume called "mysecrets" in your home directory, run
truecrypt -c /home/mysecrets
Note that the "mysecrets" will be created – it should not be an existing file. You can use any file extension that you want or omit it. Note that TrueCrypt will not create the subpath, so make sure the full subpath exists (in this example, /home/) and that the file does not (in this example, mysecrets)
You'll be asked whether you want to create a "Normal" volume or a "Hidden" one. In this example, we'll be creating a "Normal" one. A Hidden volume is in essence two TrueCrypt volumes inside each other. These are very useful if someone uses physical force or blackmail to make you open a TrueCrypt volume or give them your password. With a hidden volume, you can pretend to comply, while in reality only giving them access to the outer volume. This is unlikely to be an issue for the average user.
Enter 1 to create a normal volume, and choose a size. e.g., enter:
100M
To create a volume of 100 Megabytes. Use, for example, 5G to create a 5 Gigabyte volume, or 100K to create a 100 Kilabyte volume. Think of this volume as a separate storage device, such as a flash drive: whatever size you assign in this step will be its fixed capacity. The larger it is, the longer it will take to create, as it needs to encrypt the entire volume before use, though this isn't a huge factor as, on my system, creating a volume of 1GB only took a couple of seconds. If you just want to store a few text files (for example, I store all my passwords in a text file inside a TrueCrypt volume) then a few MB will be more than adequate. You cannot create a volume bigger than your storage capacity.
Pick an encryption method. We'll go with entering 1 again, to have our volume encrypted by AES, and 1 for the next input as well to choose RIPEMD-160 as our hashing algorithm. Any of the three encryption methods and hashing methods is sufficient. For the slightly paranoid, there are options such as Serpent-Twofish-AES which encrypts the volume using AES, encrypts the output of this (with a different key) with Twofish, and the output of this with Serpent. This means that if any of the three encryption methods is "broken" (that is, a way is found to easily decrypt without the key), then your volume is still safe (unless all three are "broken"). Each of the three encryption methods has an article on Wikipedia, so have a look at these to see the latest attack attempts against each. All seem secure for the time being.
You can then pick from a number of file systems. Pick FAT (2) for the best compatibility, if you intend on accessing the volume from other systems. Now pick a password – remember that brute-forcing the password is the only vaguely feasible way for other people to access your files, so pick a long password (recommended more than 20 characters) for security. For this demo we'll go with 1234 as a password. Don't try this at home.
Enter 1234, confirm with another Enter that you're happy with the password of fewer than 20 characters, and re-enter it for confirmation. You'll now be prompted for a keyfile path. In this example we will not be using a keyfile, which means that we can access our volume in the future using just the password. Keyfiles are more secure than passwords. You can pick an image, a text file, or any other file you want, and you'll have to use this file every time you want to access your volume. While this is much more secure than a regular password, it does mean that if you ever lose you keyfile or if it becomes corrupted, you will no longer be able to access your TrueCrypt volume (see here for more about keyfiles and how to use them).
Now for the fun bit. Mash your keyboard as randomly as possible, entering at least 320 characters. TrueCrypt will use this to create Entropy. Humans are generally terrible at doing anything random – remember to include as many different keys as possible. You can read about the random number generator method used here.
Press Enter and your volume will have been created.
mounting a volume
To mount it, use the command:
nicht mit root (useradd USER, passwd USER
apt-get install sudo
in etc/sudoers USER ALL=(root) NOPASSWD: /usr/bin/truecrypt
truecrypt --mount /home/secret
Press Enter to accept the default mount directory (on Ubuntu /media/truecrypt1/), enter your password, and press Enter twice more for the other defaults (no key file, no protect hidden volume).
Your encrypted volume is now mounted. Just like a mounted flash drive, you can copy files to and from it while it is mounted, but after dismount they are inaccessible. Move files to your volume with commands such as:
mv secrettextfile.txt /media/truecrypt1/
dismounting a volume
To dismount the volume use:
truecrypt -d
Which will dismount all mounted volumes. If you get the error
Error: umount: /media/truecrypt1: device is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
Then it is very likely that it is simply your terminal that is keeping the device busy. If you have your terminal open in the location of your volume, change out with
cd ..
And run truecrypt -d again.
Zuletzt bearbeitet:
