Mounting encrypted file/volume in gui?

Support & Help Requests
#1

Since the demise(?) of TrueCrypt I have been using the “built in” encryption features of Linux (dm-crypt, cryptsetup, luks) in a number of ways. On my servers I have fill disk encryption of data drives which I automagically decrypt on bootup with /etc/crypttab and a key file. Prior to this I decrypted and mounted the drives as needed with scripts. I also have removable media such as flash drives and USB connected external hard drives which are also encrypted. Mate (and Gnome before it) will prompt me for the passphrase upon connecting such a device and then, provided I provide the correct passphrase, mount the device as if by magic. This leaves one situation which TrueCrypt handled seamlessly and which I have not found a convenient “native” procedure.

In TrueCrypt I created a container/file sized to fit on a DVD. I would open and mount the container with Truecrypt, copy data to it, close it and then write the file to DVD. Worked great. I can do the same thing with cryptsetup/luks/mount etc. but the process is a bit tedious. I guess I could enhance my existing scripts to make them more general purpose and interactive. However…

Am I overlooking something in Mate which can decrypt and mount an encrypted file/volume interactively in a similar way to the way encrypted removable media is handled?

TIA,

Ken

#2

VeraCrypt. You can get it from the Software Boutique under the Accessories pane.
It was the open source alternative to TrueCrypt then and it’s its successor now.

#3

Thanks marfig,

I am somewhat familiar with VeraCrypt and have played with it a little. I believe it handles its own encryption and not dm-crypt/cryptsetup/luks. But I could be wrong. I believe I have it installed on a virtual machine somewhere on my system. Let me see if I can open a native Linux encrypted file.

Ken

#4

VeraCrypt does not seem to want to open my sample file. I get the message:

Operation failed due to one or more of the following"

  • Incorrect password
  • Incorrect Volume PIM number
  • Incorrect PRF (hash)
  • Not a valid volume

I suspect it is the last one. I will do some more research/testing.

Ken

#5

Maybe I misunderstood your initial question, but you use VeraCrypt just as you would TrueCrypt. That is, you only decrypt volumes created in VerCrypt. Not volumes created with other applications.

#6

Thanks again marfig,

Sorry for any confusion. I will probably use VeraCrypt to access old archived TrueCrypt volumes as it has that option. As for the native Linux volumes… still looking.

I am also reading Applied Cryptography by Bruce Schneier. My head hurts :grinning:

Ken