Downloading and installing Truecrypt (step by step)
Posted: 21 Aug 2015, 18:08
as the title says.
Porteus User Forum
https://forum.porteus.org/
Code: Select all
guest@porteus:/root$ su root
Password:
root@porteus:~# usm -u all (this will update the packages database)
root@porteus:~# usm -g dnscrypt
The following items were found.
Choose an number to confirm.
ctrl+c to quit
1) dnscrypt-proxy-1.4.1-x86_64-1sl.txz (just answer 1)
...
...
Multiple packages were detected.
Would you like to merge the packages into one module? [y/n]
...
Code: Select all
# encrypting a blockdevice:
# <disk> mean a disk partition for example /dev/sdb1. Be carefull all data will lost on this partition.
cryptsetup luksFormat /dev/<disk>
# open the blockdevice
# or better you generate a virtual decrypted block-device from /dev/<disk> that are called: /dev/mapper/<mappername>
# <mappername> is a induvidial name that you have thought.
cryptsetup open --type luks /dev/<disk> <mappername>
# generate a ext4 filesystem
mkfs.ext4 /dev/mapper/<mappername>
# and close it.
cryptsetup close <mappername>
truecrypt-1:7.1a-2-i686.pkg.tar.xz.html > device-mapper > systemdKnallKopf wrote:@ Bogomips
Since when need TrueCrypt systemd ?
Sometimes, a named dependency still is not obligatory as in: program won't run without it...Bogomips wrote:@ Bogomips
Since when need TrueCrypt systemd ?
truecrypt-1:7.1a-2-i686.pkg.tar.xz.html > device-mapper > systemd
CipherShedTrueCrypt will not die
TrueCrypt.ch is the gathering place for all up-to-date information. Unfortunately TrueCrypt.org is dead. But, we (the pure-privacy people) will help organize a future.
[...]
In Development
Two teams, CipherShed and VeraCrypt, are currently leading the TrueCrypt replacement initiative. And that is very good news. We work with both teams for the better of the community.
All I know is that that a menu entry is created which launches a GUI. Having no prior experience with this program, was not able to proceed further and test the above conjecture. Easily fixed now, as there is nothing to stop you from downloading the tar containing both modules, and given previous experience with Truecrypt, activate both systemd and truecrypt, and then just truecrypt alone, and see how it goes. (Having separate modules, have allowed for this eventuality ) Would be interested to know the answer to that one. As they say, the proof of the pudding is in the eating.Rava wrote:Sometimes, a named dependency still is not obligatory as in: program won't run without it...Bogomips wrote:@ Bogomips
Since when need TrueCrypt systemd ?
truecrypt-1:7.1a-2-i686.pkg.tar.xz.html > device-mapper > systemd
Like I said it is ages since I last used it, but now that you said the above, I indeed do recall some issues with tc when activating it with something missing... Cannot recall what was missing, but I included that missing part cause it did influence the was I wanted to use tc... also, technically itself ran without the dependency...Bogomips wrote:All I know is that that a menu entry is created which launches a GUI. Having no prior experience with this program, was not able to proceed further and test the above conjecture.
Do you mean yourself with that, or me? Cause I would try it running as pure 64 bit, or when not available, not run it at all...Bogomips wrote:P.S. Download a 32 bit iso and launch Porteus from iso, in 64 bit case.
You did not answered to my question?francois wrote:@kira:
What type of use do you intend for data encryption?
There is stock on porteus os some encryption possibilities. See: panel menu > system > porteus setting center > lock icon > Encrypt a folder of file.
Not... really, technically the place where tc lives is all the places you still find the 7.1a version.
So, yeah, with the we just have to read all of http://blog.cryptographyengineering.com ... eport.html and then know if tc 7.1a still can be used...istruecryptauditedyet.com wrote:Update Apr 2, 2015: Phase II complete. TrueCrypt has been audited.
Update Feb 18, 2015: Matthew posted an update on the Phase II cryptanalysis today. The Phase I audit report is available on the Open Crypto Audit Project site, and a verified source and download archive for TrueCrypt v. 7.1a can be found on our GitHub mirror. We'll be posting further news @opencryptoaudit on Twitter in the months ahead.
So, yeah, according to the TL;DR and considering none of us would run tc from Windoze anyway: it is okay to be used!Matthew Green / blog.cryptographyengineering.com wrote:You can find the full report over at the Open Crypto Audit Project website. Those who want to read it themselves should do so. This post will only give a brief summary.
The TL;DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.
That doesn't mean Truecrypt is perfect. The auditors did find a few glitches and some incautious programming -- leading to a couple of issues that could, in the right circumstances, cause Truecrypt to give less assurance than we'd like it to.
For example: the most significant issue in the Truecrypt report is a finding related to the Windows version of Truecrypt's random number generator (RNG), which is responsible for generating the keys that encrypt Truecrypt volumes. This is an important piece of code, since a predictable RNG can spell disaster for the security of everything else in the system.
The Truecrypt developers implemented their RNG based on a 1998 design by Peter Guttman that uses an entropy pool to collect 'unpredictable' values from various sources in the system, including the Windows Crypto API itself. A problem in Truecrypt is that in some extremely rare circumstances, the Crypto API can fail to properly initialize. When this happens, Truecrypt should barf and catch fire. Instead it silently accepts this failure and continues to generate keys.
This is not the end of the world, since the likelihood of such a failure is extremely low. Moreover, even if the Windows Crypto API does fail on your system, Truecrypt still collects entropy from sources such as system pointers and mouse movements. These alternatives are probably good enough to protect you. But it's a bad design and should certainly be fixed in any Truecrypt forks.
In addition to the RNG issues, the NCC auditors also noted some concerns about the resilience of Truecrypt's AES code to cache timing attacks. This is probably not a concern unless you're perform encryption and decryption on a shared machine, or in an environment where the attacker can run code on your system (e.g., in a sandbox, or potentially in the browser). Still, this points the way to future hardening of any projects that use Truecrypt as a base.
Truecrypt is a really unique piece of software. The loss of Truecrypt's developers is keenly felt by a number of people who rely on full disk encryption to protect their data. With luck, the code will be carried on by others. We're hopeful that this review will provide some additional confidence in the code they're starting with.