Notices


Reply
Thread Tools
Posts: 7 | Thanked: 19 times | Joined on Jul 2010
#1
Ok - I just wanted to draw attention to the fact I have now fixed the truecrypt package. It has been languishing in extras-testing for a while and needs some testers/votes! It was originally ported by Nathanael Anderson, but was rejected for promotion due to some technical issues with the package.

http://maemo.org/packages/package_in...t/6.3a-maemo4/

I had planned to update the fuse libraries to the latest versions, and possibly bring the dev package to fremantle - but I haven't got around to it yet (took a while for me to be granted maintainership).
 

The Following 6 Users Say Thank You to Cydex For This Useful Post:
Posts: 1,950 | Thanked: 1,174 times | Joined on Jan 2008 @ Seattle, USA
#2
Glad to see this! Thanks for putting in the work!

Haven't installed it yet. Seems wrong that it's in a Fremantle repository but is listed as a maemo4 deb. (I'm on an N800 myself.)

Is there an easy guide for us command-line-only-by-rote types?
 
Posts: 7 | Thanked: 19 times | Joined on Jul 2010
#3
Originally Posted by GeraldKo View Post
Glad to see this! Thanks for putting in the work!

Haven't installed it yet. Seems wrong that it's in a Fremantle repository but is listed as a maemo4 deb. (I'm on an N800 myself.)
The maemo4 bit is just the 4th version of the maemo package; it's for the latest Maemo.

Originally Posted by GeraldKo View Post
Is there an easy guide for us command-line-only-by-rote types?
Here's a quick start guide for encrypting an SD card. Run all of this as root in xterm:

INITIALISATION

1) Back up your SD card contents (if any), as the card will be erased. Also, check that /dev/mmcblk1 is indeed your SD card device (should be on N900s; the output of 'mount' can be helpful here).

2) Umount the card, if it is mounted:

Code:
umount /media/mmc1
3) Initialise the card as a truecrypt device:

Code:
truecrypt -c --random-source=/dev/urandom /dev/mmcblk1
Accept the defaults when prompted, except:

- Filesystem (select None) -- you could choose FAT if you want to use the card with Windows / other systems too, but you'd need truecrypt set up on the other machines too.

- Password / keyfile - you can choose any combination of a password and a keyfile. A keyfile can be any file and may increase security somewhat, but if you lose it, or it becomes corrupted, you're stuck.

There'll then be a long wait (dependent on disk size) while the device is prepared.

4) Map drive and init filesystem (basically: puts the glue in place for truecrypt to translate between the encrypted data on disk and the plaintext contents) SKIP THIS IF YOU CREATED A FAT FILESYSTEM:

Code:
truecrypt --filesystem=none /dev/mmcblk1
Next, check the output of:

Code:
truecrypt -l
This should list the mapped device. Verify that it is on /dev/loop0. This device represents the the plaintext version of the disk. When you read/write to it, truecrypt magically translates to/from the encrypted version in /dev/mmcblk1.

Now create a Linux ext3 filesystem on the disk:

Code:
/sbin/mkfs.ext3 /dev/loop0
Finally, unmap the device:

Code:
truecrypt -d /dev/mmcblk1
**** DAY TO DAY OPERATION ****

1) Map and mount the drive:

Code:
truecrypt -k "" --protect-hidden=no /dev/mmcblk1 /media/mmc1
-k "" skips the keyfile prompt (omit it if you are using a keyfile)

You can now put your private files in /media/mmc1; they will be encrypted.

2) When you're done with the files, unmount/unmap to make them inaccessible:

Code:
truecrypt -d /dev/mmcblk1
You might want to put these in an a script/alias of some sort to save keystrokes.

To make your contacts/photos/whatnot secure, you could symlink some of the directories under /home/user into /media/mmc1; Encrypting /home might be possible, but it'll require some juggling.

Last edited by Cydex; 2010-07-16 at 22:13.
 

The Following 4 Users Say Thank You to Cydex For This Useful Post:
Posts: 7 | Thanked: 19 times | Joined on Jul 2010
#4
Also - you can create a container inside a filesystem object instead of using a disk device. Just specify a filename in place of /dev/mmcblk1
 

The Following 2 Users Say Thank You to Cydex For This Useful Post:
Posts: 44 | Thanked: 11 times | Joined on Oct 2009 @ UK, Manchester
#5
 
Posts: 1,950 | Thanked: 1,174 times | Joined on Jan 2008 @ Seattle, USA
#6
Any chance of a Diablo version?
 

The Following User Says Thank You to GeraldKo For This Useful Post:
Posts: 7 | Thanked: 19 times | Joined on Jul 2010
#7
Originally Posted by GeraldKo View Post
Any chance of a Diablo version?
I'll see what I can do.
 

The Following User Says Thank You to Cydex For This Useful Post:
Posts: 1,950 | Thanked: 1,174 times | Joined on Jan 2008 @ Seattle, USA
#8
Originally Posted by GeraldKo View Post
Any chance of a Diablo version?
Originally Posted by Cydex View Post
I'll see what I can do.
I hesitantly and gratefully ask: Any progress?
 
Posts: 7 | Thanked: 19 times | Joined on Jul 2010
#9
Originally Posted by GeraldKo View Post
I hesitantly and gratefully ask: Any progress?
Sorry for the delay.

Unfortunately, it seems that truecrypt requires gcc 4.x, which isn't currently available on diablo. Unless someone wants to do the porting work to bring a newer gcc to diablo, or hack out the gcc 3 unfriendly bits from truecrypt, it's a no-go I'm afraid.
 

The Following 2 Users Say Thank You to Cydex For This Useful Post:
Posts: 1,950 | Thanked: 1,174 times | Joined on Jan 2008 @ Seattle, USA
#10
Originally Posted by Cydex View Post
Sorry for the delay.

Unfortunately, it seems that truecrypt requires gcc 4.x, which isn't currently available on diablo. Unless someone wants to do the porting work to bring a newer gcc to diablo, or hack out the gcc 3 unfriendly bits from truecrypt, it's a no-go I'm afraid.
It's great you got back to me (us), though. Thanks for looking into it!
 
Reply


 
Forum Jump


All times are GMT. The time now is 02:42.