Notices

Ok - I just wanted to draw attention to the fact I have now fixed the truecrypt package. It has been languishing in extras-testing for a while and needs some testers/votes! It was originally ported by Nathanael Anderson, but was rejected for promotion due to some technical issues with the package.

http://maemo.org/packages/package_in...t/6.3a-maemo4/

I had planned to update the fuse libraries to the latest versions, and possibly bring the dev package to fremantle - but I haven't got around to it yet (took a while for me to be granted maintainership).

Glad to see this! Thanks for putting in the work!

Haven't installed it yet. Seems wrong that it's in a Fremantle repository but is listed as a maemo4 deb. (I'm on an N800 myself.)

Is there an easy guide for us command-line-only-by-rote types?

The maemo4 bit is just the 4th version of the maemo package; it's for the latest Maemo.

Here's a quick start guide for encrypting an SD card. Run all of this as root in xterm:

INITIALISATION

1) Back up your SD card contents (if any), as the card will be erased. Also, check that /dev/mmcblk1 is indeed your SD card device (should be on N900s; the output of 'mount' can be helpful here).

2) Umount the card, if it is mounted:

3) Initialise the card as a truecrypt device:

Accept the defaults when prompted, except:

- Filesystem (select None) -- you could choose FAT if you want to use the card with Windows / other systems too, but you'd need truecrypt set up on the other machines too.

- Password / keyfile - you can choose any combination of a password and a keyfile. A keyfile can be any file and may increase security somewhat, but if you lose it, or it becomes corrupted, you're stuck.

There'll then be a long wait (dependent on disk size) while the device is prepared.

4) Map drive and init filesystem (basically: puts the glue in place for truecrypt to translate between the encrypted data on disk and the plaintext contents) SKIP THIS IF YOU CREATED A FAT FILESYSTEM:

Next, check the output of:

This should list the mapped device. Verify that it is on /dev/loop0. This device represents the the plaintext version of the disk. When you read/write to it, truecrypt magically translates to/from the encrypted version in /dev/mmcblk1.

Now create a Linux ext3 filesystem on the disk:

Finally, unmap the device:

**** DAY TO DAY OPERATION ****

1) Map and mount the drive:

-k "" skips the keyfile prompt (omit it if you are using a keyfile)

You can now put your private files in /media/mmc1; they will be encrypted.

2) When you're done with the files, unmount/unmap to make them inaccessible:

You might want to put these in an a script/alias of some sort to save keystrokes.

To make your contacts/photos/whatnot secure, you could symlink some of the directories under /home/user into /media/mmc1; Encrypting /home might be possible, but it'll require some juggling.

Also - you can create a container inside a filesystem object instead of using a disk device. Just specify a filename in place of /dev/mmcblk1

the best thing you could ever do with truecrypt on n900!

1. http://info.maplin.co.uk/Module.aspx?ModuleNo=222549
2. http://www.expansys.com/d.aspx?i=197717
3. http://www.techgravy.net/2009/05/usb...isk-in-pc.html

Any chance of a Diablo version?

I'll see what I can do.

I hesitantly and gratefully ask: Any progress?

Sorry for the delay.

Unfortunately, it seems that truecrypt requires gcc 4.x, which isn't currently available on diablo. Unless someone wants to do the porting work to bring a newer gcc to diablo, or hack out the gcc 3 unfriendly bits from truecrypt, it's a no-go I'm afraid.

It's great you got back to me (us), though. Thanks for looking into it!