Encrypting a container file using dm-crypt / cryptsetup instead of TrueCrypt
There are many users who use TrueCrypt (http://www.truecrypt.org) to encrypt our data backups for added security. To us, TrueCrypt was one of the best tools available. However, with the latest update on the TrueCrypt website, the developers have stated that those using TrueCrypt should migrate to BitLocker. It is rather ironical that TrueCrypt being a cross-platform tool, should suggest an alternative only for Microsoft Windows users.
TrueCrypt offered is a tool of choice because convenience it offered over dm-crypt or cryptsetup. However, this has now turned back a full circle resulting in use of dm-crypt or cryptsetup to go about encrypting container files with it.
Here are the steps to create a container file that can be used to hold your data backups encrypted. First of all, open a terminal window.
| 1 | Create a container file of about 6 gb $ dd if=/dev/zero of=/home/user/TCDM/TCDMData count=12000000 <enter>This gives creates a file of about 6 gb. This is the container file to hold the data files. |
| 2 | Check the loop device that you can use$ sudo /sbin/losetup -f <enter>This should return the device name like /dev/loop0 if available. Use it for the next step. |
| 3 | Mount the loop device$ sudo /sbin/losetup /dev/loop0 /home/user/TCDM/TCDMData <enter> |
| 4 | First time, format the container$ sudo /sbin/cryptsetup luksFormat /dev/loop0 <enter>Type a caps YES and enter your passphrase. This is the passphrase to be used each time you want to open the container file. |
| 5 | Open the container file each time you want to use it$ sudo /sbin/cryptsetup luksOpen /dev/loop0 c1 <enter>Enter your passphrase to unlock it. To open the encrypted container file, this step is performed each time. |
| 6 | Create the file system on the container for the first time$ sudo /sbin/mkfs.vfat /dev/mapper/c1 <enter>Here we have created a VFAT file system. You can create a ext4 file system too. |
| 7 | Mount the container each time you want to use it. Mounted it into /mnt$ sudo mount /dev/mapper/c1 /mnt <enter>Peform whatever commands you need to on the volume you just mounted.When done, you can follow the next steps below to unmount it. |
| 8 | Unmount container-dev. Done each time.$ sudo umount /dev/mapper/c1 <enter> |
| 9 | Close the container device. Done each time$ sudo /sbin/cryptsetup luksClose c1 <enter> |
| 10 | Release the loop device. Done each time$ sudo /sbin/losetup -d /dev/loop0 <enter> |
askmeaboutlinux 