Back to article
Protect Your Linux Data With TrueCrypt
Secure Cross-Platform Encryption
May 22, 2009
Continuing on last week's coverage of computer security, TrueCrypt is open source disk encryption software for Linux, Windows and Mac OSX. There are Linux binaries available for OpenSuSE (.rpm) and Ubuntu (.deb); otherwise you can install from source.
TrueCrypt has several useful features, including the ability to create a hidden encrypted volume inside a standard encrypted one. In a situation where you're forced to reveal your password, that hidden volume can't be identified (as it looks the same as the random data you get anyway on an encrypted volume). Encryption/decryption is handled on-the-fly. Although there is a slowdown, it isn't prohibitive.
It's also possible to access the same encrypted partition/volume on multiple OSes, as long as they have TrueCrypt installed and are able to read the filesystem used on the disk. (So you still can't get at your ext3 filesystem on Windows!) This is particularly useful for encrypting the USB drive you might carry around in your pocket.
The current version of TrueCrypt requires the use of sudo. If you need multiple users to be able to access the volume, add this line to /etc/sudoers:
then add the relevant users to the truecrypt group. These users will be able to execute the truecrypt command as root but nothing else.
The documentation is comprehensive, including some interesting technical details. Unfortunately, as yet it can't encrypt the Linux OS (it does do this for Windows systems), so for Linux it's data-only encryption at present.
Article courtesy of Serverwatch