Comments on Protect Your Files With TrueCrypt 5.1a On Debian Etch (GNOME)
Protect Your Files With TrueCrypt 5.1a On Debian Etch (GNOME) This document describes how to set up TrueCrypt 5.1a on Debian Etch (GNOME). Taken from the TrueCrypt page: "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc)."
6 Comment(s)
Comments
The TrueCrypt project seems to have deleted the 5.1a source referenced in this article. The 6.1 source that is now the "stable" source does not compile using the instructions here.
I suggest ignoring the advice in this and any howto to delete source zip archives ever, if you want to be able to recover at a future time, and carefully backup the materials to rebuild whatever platform you are using.
Since this encrypts your data beyond any recovery, this becomes even more important as you will never decipher this w/o TrueCrypt. You can of course build up some platform to recover if TrueCrypt is around, but 10 years down the line that may not be the case, so keep a copy around with your encrypted data archive.
To follow up, the 6.1 source does not build without some help.
There is an additional dependency from the addition of PKCS11 to the code somewhere. The header files supposed to be compatable with the following site, however you will have to try several versions to get them to work.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11
A single comment was located indicating that this problem was introduced in 6.1, but no official fix was found.
The resulting code seems to work and produced some properly encrypted volumes with testing so far.
This is a problem with the truecrypt package, so will not be resolved by going to a later debian release (lenny?) when it arrives, unless someone picks this up and maintains a debian version and resolves the problem properly
dont forget to add fuse to /etc/modules #Truecrypts needs fuse fuse
dont forget to add fuse to /etc/modules #Truecrypts needs fuse fuse
Running this ugly script (or using it as a manual) might leave you with a compiled version of truecrypt!! #!/bin/sh BASE_DIR=`pwd` #make a dir for PKCS mkdir PKCS cd $BASE_DIR/PKCS wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/cryptoki.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/ct-kip.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/opt-pkcs11.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20a3.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20a3d3.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t-consolidated-d1.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h.org cd $BASE_DIR #download wxKGT-2.8.7 and untar it wget http://kent.dl.sourceforge.net/sourceforge/wxwindows/wxGTK-2.8.7.tar.gz tar xvzf wxGTK-2.8.7.tar.gz #download latest truecrypt 6.1 tgz and place it in the folder you are in. tar xvzf TrueCrypt\ 6.1\ Source.tar.gz # Go to truecrypt source cd $BASE_DIR/truecrypt-6.1-source # let's compile the bugger make NOGUI=1 PKCS11_INC=$BASE_DIR/PKCS WX_ROOT=$BASE_DIR/wxGTK-2.8.7 wxbuild make NOGUI=1 PKCS11_INC=$BASE_DIR/PKCS WX_ROOT=$BASE_DIR/wxGTK-2.8.7 WXSTATIC=1 $BASE_DIR/truecrypt-6.1-source/Main/truecrypt --version echo "If the line above displays the correct truecrypt version you'll find the executable in" echo "If you got an error xychix whishes you al the best, don't call me!" echo $BASE_DIR/truecrypt-6.1-source/Main/ #now you'll find a truecrypt binairy in the Main folder, you can copy this whereever you want. I'd copy it to /usr/bin/
Hi,
Thanks for the script :)
After formatting to usefull form and installing:
apt-get install libfuse-dev
I finally compiled correctly TrueCrypt ;)