realcrypt"

Installation Instructions

yum install realcrypt

What is realcrypt?

The RealCrypt application in the RPM Fusion repo is an encryption application based on TrueCrypt, freely available at http://www.truecrypt.org/. It differs from TrueCrypt in only the following ways:

* The name TrueCrypt is changed to RealCrypt throughout the application, as requested by the TrueCrypt License. * All original graphics are replaced with entirely original new ones, as requested by the TrueCrypt License. * A small patch allows alternative optimization flags to those specified in the original buildsystem to be used during compilation, and the binary package is compiled using Fedora's standard optimization flags.

* Additional support scripts and configuration files are included that allow the application to run through consolehelper. This simply means that you can attempt to run the application as a regular user, and it will prompt you for the administrator password and then launch the application with administrator privileges. * A menu entry for the application is added

It does not differ from TrueCrypt in any other respect; in particular, no code relating to actual encryption or decryption is modified. Nevertheless, the TrueCrypt License requires that we ask you to report any and all bugs you find to [https://bugzilla.rpmfusion.org/ RPM Fusion's Bugzilla] and not to the TrueCrypt project.

Creating a New Volume that can be mounted by a normal user

RealCrypt has a GUI, but in order to create a volume that can be mounted by ordinary users, you have to use the coomand line.

All actions are performed as 'root'

[user1@desktop1 ~]$ realcrypt -t -c

Volume type:

1) Normal

2) Hidden

Select [1]: 1

Enter file or device path for new volume: volume.tc

Filesystem:

1) FAT

2) None

Select [1]: 2

Enter volume size (bytes - size/sizeK/sizeM/sizeG): 100M

Hash algorithm:

1) RIPEMD-160

2) SHA-1

3) Whirlpool

Select [1]:##the default is 1 - just hit <enter>

Encryption algorithm:

1) AES

2) Blowfish

3) CAST5

4) Serpent

5) Triple DES

6) Twofish

7) AES-Twofish

8) AES-Twofish-Serpent

9) Serpent-AES

10) Serpent-Twofish-AES

11) Twofish-Serpent

Select [1]: 8

Enter password for new volume ‘volume.tc’:## enter your desired password

Re-enter password:## re-enter your desired password

Enter keyfile path [none]:## just hit <enter> we haven’t created a keyfile

RealCrypt will now collect random data.

Is your mouse connected directly to computer where RealCrypt is running? [Y/n]: ## hit <enter>

Please move the mouse randomly until the required amount of data is captured…

Mouse data captured: 100%

Done: 99.91 MB Speed: 7.08 MB/s Left: 0:00:00

Volume created.

We’ve now created an unformated volume, we’re going to map the volume so that we can format it with ext3 in the next section.

[user1@desktop1 ~]$ realcrypt -t --mount --file-system=none volume.tc

Enter mount directory [none]:##Hit <enter>

Protect hidden volume? [y/N]:##Hit <enter>

Enter keyfile path [none]:##Hit <enter>

Enter password for ‘/home/user1/volume.tc’:##Enter the Password you chose and hit <enter>

Let’s check to make sure the volume was mapped. Issue the command below and you should see a similar output

[user1@desktop1 ~]$ realcrypt -t -l

/dev/mapper/realcrypt1 /home/user1/volume.tc

Now we’ll format the volume with ext3

[user1@desktop1 ~]$ mkfs.ext3 /dev/mapper/realcrypt1

mke2fs 1.40.2 (12-Jul-2007)

Filesystem label=

OS type: Linux

Block size=1024 (log=0)

Fragment size=1024 (log=0)

25688 inodes, 102396 blocks

5119 blocks (5.00%) reserved for the super user

First data block=1

Maximum filesystem blocks=67371008

13 block groups

8192 blocks per group, 8192 fragments per group

1976 inodes per group

Superblock backups stored on blocks:

8193, 24577, 40961, 57345, 73729

Writing inode tables: done

Creating journal (4096 blocks): done

Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 25 mounts or

180 days, whichever comes first. Use tune2fs -c or -i to override.

Now that we’ve formated the volume we’ll create a directory in which we’ll mount the volume, then mount the volume, create a directory, and then take ownership of that directory. In the forth command below replace user1:user1 with your user:group.

[user1@desktop1 ~]$ mkdir safe

[user1@desktop1 ~]$ mount /dev/mapper/realcrypt1 safe

[user1@desktop1 ~]$ mkdir safe/my_safe

[user1@desktop1 ~]$ chown user1:user1 safe/my_safe

Now we’ll change directories and check the ownership

[user1@desktop1 ~]$ cd safe

[user1@desktop1 safe]$ ls -l

total 13

drwx—— 2 root root 12288 2008-01-16 10:58 lost+found/

drwxr-xr-x 2 user1 user1 1024 2008-01-16 10:59 my_safe/

You’ve now successfully created a normal volume, formated the volume, created the safe directory to be the mount point, mounted the volume and created a directory within it that we took ownership of so that we can write to the volume as a normal user. While mounted, you can use your file browser and create/copy any data like you would in any normal directory. To continue on the howto example a little further in konsole, we’ll change to the my_safe directory we created and took ownership of and create a file named test.txt. We’ll no longer need to use ’sudo’ as ownership of the directory is now our normal user account.

[user1@desktop1 safe]$ cd my_safe

[user1@desktop1 my_safe]$ touch test.txt

[user1@desktop1 my_safe]$ ls -l

total 0

-rw-r–r– 1 user1 user1 0 2008-01-16 11:00 test.txt

To un-mount the volume, we’ll need to change directory out of the mounted volume which we did in the above step, then un-mount the volume, and then double check that no volumes are mapped.

[user1@desktop1 my_safe]$ cd ~

[user1@desktop1 ~]$ umount /dev/mapper/realcrypt0

[user1@desktop1 ~]$ realcrypt -d

[user1@desktop1 ~]$ realcrypt -l

No volumes mapped

[user1@desktop1 ~]$

We’re done with the creation process, when you want to map and mount the volume to use it regularly the process would be as follows

[user1@desktop1 ~]$ realcrypt -t –mount –filesystem=ext3 volume.tc

Enter mount directory [none]: safe

Protect hidden volume? [y/N]:##Hit <enter>

Enter keyfile path [none]:##Hit <enter>

Enter password for ‘/home/user1/volume.tc’:##Enter the password you chose

[user1@desktop1 ~]$

Once you’re done using the volume, dismount and unmap it.

[user1@desktop1 ~]$ realcrypt -d