#Using truecrypt code
It is distributed without cost, and has source code available, although under a restrictive licence.
#Using truecrypt software
TrueCrypt is a software application used for real-time on-the-fly encryption. $ ecryptfs-rewrap-passphrase ~/.Using ACOS5/CryptoMate in TrueCrypt Using ACOS5/CryptoMate in TrueCrypt To do that, I believe what you want to do is something like this (untested):
#Using truecrypt password
To do that, you'll need to change the password used for the wrapped passphrase file. Your question implies that you want to use a different password for the encrypted files for some reason. Most people want the encrypted directory to mount automatically for convenience: the files are still encrypted until they login with their password. Presumably, your wrapped-passphrase file was wrapped using your standard login password when you used the setup wizard. Those complications (and the fact that ecryptfs is slower) are part of why people like block-level encryption like TrueCrypt, but I do appreciate the flexibility of ecryptfs. but that's out of scope for this question. $ sudo echo "tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0" > /etc/fstab I did this (turns /tmp into a ram risk that could spool to swap - so swap should be encrypted or this is risky):
You may also want to encrypt /tmp for similar reasons. Note that you'll want to make sure your swap space is encrypted as well, lest the OS spool data to that (this breaks hibernation, though, and maybe "sleep" as well, don't know.) Read up on "ecryptfs-setup-swap" for more. If you actually deleted your wrapped passphrase (as opposed to renaming or moving), you'll have to recreate your Private directory. I then run a script that pops up a term window that runs ecryptfs-mount-private which asks for the password to unwrap the wrapped-passphrase file, as you describe. a gnome session script unmount it when you truly "log out" of the machine, but i'm the only user, so I don't worry about that.) if you go to a vterm and log in and then log out, suddenly the directory is gone. ecryptfs/auto-mount file (I also removed the auto-umount file because it unmounts the directory on session logout - e.g. To disable automatic mounting, the method I used is to remove the. You can even symlink the wrapped passphrase file to some other location, say a removable SD card, so you can remove the card and thus disable the encrypted directory. Removing the wrapped passphrase file will cause it not to mount when you log in, but only because it will also make your Private directory cryptographically inaccessible - the wrapped-passphrase file is the "real" passcode that your typed-in passphrase/password decrypts so that the system can in turn decrypt your files. I am not an eCryptFS expert, to say the least, and I don't use gnome, but I set something like this up.
#Using truecrypt how to
What I would like is for, at Gnome startup, for it to ask me for my (or root) password and my passphrase similar to what Truecrypt does now for me.īut, still have to figure out how to get a simple mount or ecryptfs-mount-private to work without hassle before getting there. So, I researched some and see that removing ~/.ecryptfs/wrapped-passphrase disables that capability.īut now ecryptfs-mount-private says "ERROR: Encrypted private directory is not setup properly" - bad.Īlso doing "sudo mount -t ecryptfs ~/.Private ~.Private" makes me answer all the same questions as ecryptfs-setup-private - I even created a file ~/.ecryptfsrc with appropriate stuff in it - no workee. Unfortunately, it mounts automatically at login - bad. Installed it, created my ~/.Private and ~/Private filesystems with ecryptfs-setup-private and it works.
The way I use Truecrypt is when Gnome starts I get a prompt (/etc/gdm3/*Session files) along with a script to mount my Truecrypt filesystem. Working well, but I have discovered ecryptfs and am considering using it becuz it doesn't require a fixed size file or filesystem. The idea is a stranger getting into my system cannot see any of those files, including Chrome cache, passwords, etc. I have been using Truecrypt with a 32gb filesystem to keep important, personal, private files in.
0 kommentar(er)
