Edit Info Other
Login

realcrypt"

Differences between revisions 3 and 4
Revision 3 as of 2009-07-12 01:08:55
Size: 6828
Comment:
Revision 4 as of 2009-07-12 01:14:01
Size: 6833
Comment:
Deletions are marked like this. Additions are marked like this.
Line 13: Line 13:
Line 14: Line 15:
Line 17: Line 19:
Line 174: Line 177:
Now that we’ve formated the volume we’ll create a directory in which we’ll mount the volume, then mount the  Now that we’ve formated the volume we’ll create a directory in which we’ll mount the volume, then mount the

Installation Instructions

yum install realcrypt

What is realcrypt?

The RealCrypt application in the RPM Fusion repo is an encryption application based on TrueCrypt, freely available at http://www.truecrypt.org/. It differs from TrueCrypt in only the following ways:

* The name TrueCrypt is changed to RealCrypt throughout the application, as requested by the TrueCrypt License.

* All original graphics are replaced with entirely original new ones, as requested by the TrueCrypt License.

* A small patch allows alternative optimization flags to those specified in the original buildsystem to be used during compilation, and the binary package is compiled using Fedora's standard optimization flags.

* Additional support scripts and configuration files are included that allow the application to run through consolehelper. This simply means that you can attempt to run the application as a regular user, and it will prompt you for the administrator password and then launch the application with administrator privileges.

* A menu entry for the application is added

It does not differ from TrueCrypt in any other respect; in particular, no code relating to actual encryption or decryption is modified. Nevertheless, the TrueCrypt License requires that we ask you to report any and all bugs you find to [https://bugzilla.rpmfusion.org/ RPM Fusion's Bugzilla] and not to the TrueCrypt project.


Creating a New Volume that can be mounted by a normal user

RealCrypt has a GUI, but in order to create a volume that can be mounted by ordinary users, you have to use the coomand line.

All actions are performed as 'root'

[user1@desktop1 ~]$ realcrypt -t -c

Volume type:

1) Normal

2) Hidden

Select [1]: 1

Enter file or device path for new volume: volume.tc

Filesystem:

1) FAT

2) None

Select [1]: 2

Enter volume size (bytes - size/sizeK/sizeM/sizeG): 100M

Hash algorithm:

1) RIPEMD-160

2) SHA-1

3) Whirlpool

Select [1]:##the default is 1 - just hit <enter>

Encryption algorithm:

1) AES

2) Blowfish

3) CAST5

4) Serpent

5) Triple DES

6) Twofish

7) AES-Twofish

8) AES-Twofish-Serpent

9) Serpent-AES

10) Serpent-Twofish-AES

11) Twofish-Serpent

Select [1]: 8

Enter password for new volume ‘volume.tc’:## enter your desired password

Re-enter password:## re-enter your desired password

Enter keyfile path [none]:## just hit <enter> we haven’t created a keyfile

RealCrypt will now collect random data.

Is your mouse connected directly to computer where RealCrypt is running? [Y/n]: ## hit <enter>

Please move the mouse randomly until the required amount of data is captured…

Mouse data captured: 100%

Done: 99.91 MB Speed: 7.08 MB/s Left: 0:00:00

Volume created.

We’ve now created an unformated volume, we’re going to map the volume so that we can format it with ext3 in the next section.

[user1@desktop1 ~]$ realcrypt -t --mount --file-system=none volume.tc

Enter mount directory [none]:##Hit <enter>

Protect hidden volume? [y/N]:##Hit <enter>

Enter keyfile path [none]:##Hit <enter>

Enter password for ‘/home/user1/volume.tc’:##Enter the Password you chose and hit <enter>

Let’s check to make sure the volume was mapped. Issue the command below and you should see a similar output

[user1@desktop1 ~]$ realcrypt -t -l

/dev/mapper/realcrypt1 /home/user1/volume.tc

Now we’ll format the volume with ext3

[user1@desktop1 ~]$ mkfs.ext3 /dev/mapper/realcrypt1

mke2fs 1.40.2 (12-Jul-2007)

Filesystem label=

OS type: Linux

Block size=1024 (log=0)

Fragment size=1024 (log=0)

25688 inodes, 102396 blocks

5119 blocks (5.00%) reserved for the super user

First data block=1

Maximum filesystem blocks=67371008

13 block groups

8192 blocks per group, 8192 fragments per group

1976 inodes per group

Superblock backups stored on blocks:

8193, 24577, 40961, 57345, 73729

Writing inode tables: done

Creating journal (4096 blocks): done

Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 25 mounts or

180 days, whichever comes first. Use tune2fs -c or -i to override.

Now that we’ve formated the volume we’ll create a directory in which we’ll mount the volume, then mount the volume, create a directory, and then take ownership of that directory. In the forth command below replace user1:user1 with your user:group.

[user1@desktop1 ~]$ mkdir safe

[user1@desktop1 ~]$ mount /dev/mapper/realcrypt1 safe

[user1@desktop1 ~]$ mkdir safe/my_safe

[user1@desktop1 ~]$ chown user1:user1 safe/my_safe

Now we’ll change directories and check the ownership

[user1@desktop1 ~]$ cd safe

[user1@desktop1 safe]$ ls -l

total 13

drwx—— 2 root root 12288 2008-01-16 10:58 lost+found/

drwxr-xr-x 2 user1 user1 1024 2008-01-16 10:59 my_safe/

You’ve now successfully created a normal volume, formated the volume, created the safe directory to be the mount point, mounted the volume and created a directory within it that we took ownership of so that we can write to the volume as a normal user. While mounted, you can use your file browser and create/copy any data like you would in any normal directory. To continue on the howto example a little further in konsole, we’ll change to the my_safe directory we created and took ownership of and create a file named test.txt. We’ll no longer need to use ’sudo’ as ownership of the directory is now our normal user account.

[user1@desktop1 safe]$ cd my_safe

[user1@desktop1 my_safe]$ touch test.txt

[user1@desktop1 my_safe]$ ls -l

total 0

-rw-r–r– 1 user1 user1 0 2008-01-16 11:00 test.txt

To un-mount the volume, we’ll need to change directory out of the mounted volume which we did in the above step, then un-mount the volume, and then double check that no volumes are mapped.

[user1@desktop1 my_safe]$ cd ~

[user1@desktop1 ~]$ umount /dev/mapper/realcrypt0

[user1@desktop1 ~]$ realcrypt -d

[user1@desktop1 ~]$ realcrypt -l

No volumes mapped

[user1@desktop1 ~]$

We’re done with the creation process, when you want to map and mount the volume to use it regularly the process would be as follows

[user1@desktop1 ~]$ realcrypt -t –mount –filesystem=ext3 volume.tc

Enter mount directory [none]: safe

Protect hidden volume? [y/N]:##Hit <enter>

Enter keyfile path [none]:##Hit <enter>

Enter password for ‘/home/user1/volume.tc’:##Enter the password you chose

[user1@desktop1 ~]$

Once you’re done using the volume, dismount and unmap it.

[user1@desktop1 ~]$ realcrypt -d