From Mageia wiki
Jump to: navigation, search


THIS PAGE IS A DRAFT

It requires improvements. If you want to improve it, simply log in and click on the Edit tab.

Please remove this {{Draft}} template, when you're sure the page is complete and correct.


Drakconf multiflag.png
Other languages

Deutsch ; English ; Français ;


caption

Presentation

VeraCrypt is a free licensed utility software used for on-the-fly encryption (OTFE). It is developed by the French company IDRIX1 and allows to create an encrypted virtual disk in a file or a partition. The entire storage device requires authentication before mounting the virtual disk.

  • Cross-platform: Linux, Windows 10/8/7/Vista/XP, Mac OS X
  • It is based upon, and replaces Truecrypt which is no longer maintained (It is possible to use archives or volumes created with TrueCrypt, and convert them to VeraCrypt format for simplified use).
  • Version 1.23 of Veracrypt supports filesystems of type: NTFS, FAT, exFAT, Linux Ext2, Ext3 and Ext4.


Official website : veracrypt.fr


The software is open-source and free but it is still distributed under specific license to the publisher. Note that the Linux version cannot use language packages at the moment (it is possible with Windows and Mac), the interface is therefore in English.


Main Features:

  • Creates an encrypted virtual disk in a file and mounts it as a real disk.
  • Encrypts an entire partition or storage device such as a USB flash drive or hard drive.
  • Encryption is automatic, real-time (on-the-fly) and transparent.
  • Parallelization and pipelining allow data to be read and written as quickly as if the reader had not been encrypted.
  • Encryption can be accelerated by hardware on modern processors.
  • Allows plausible denial, in case an opponent forces you to reveal the password.
  • Hidden volume (steganography) and hidden operating system.
  • More information about the features of VeraCrypt can be found in the documentation.


See also: https://en.wikipedia.org/wiki/VeraCrypt


Alternatives on linux:

dm-crypt/LUKS

encfs + Cryptkeeper

eCryptFS

Installation

Mageia 7

Veracrypt is available in the repositories. Install it from the Software Manager.

Configuration on Mageia 7

In order to mount the encrypted filesystem, the user running Veracrypt must have root privilege. If the user already has sudo privilege, nothing more is required.

To set up a user with sudo privilege, specifically to run Veracrypt without additional authentication, the file /etc/sudoers must be edited. The username and hostname are needed for the edit.

  1. The user_name of the currently logged in user is obtained by the command: whoami
  2. The computer_name, 'localhost' by default, is obtained by the command: hostname

The recommended method of modifying the file /etc/sudoers is to use the visudo command. It provides locking against concurrent edits and also prevents errors by checking the syntax of the file before saving. Therefore, as root, run visudo. (visudo will use your configured editor. If none is configured, it defaults to using vi. Commands for vi may be found here: available here

In the file sudoers look for the following line:

## The COMMANDS section may have other options

So just below this line:

root ALL=(ALL) ALL

add this:

user_name computer_name=(root) NOPASSWD:/usr/bin/veracrypt

substituting user_name and computer_name as appropriate.

Mageia 6

VeraCrypt is available in the repositories, so you can simply install it from the Software Manager.

Installation on Mageia 6

Configuration

Once you have created an "encrypted container file", you will need to mount the volume so you can use it.

This is where you will see the following message: Administrator privileges required
Enter your user password or administrator password

We now need to edit the file /etc/sudoers

Using the console - as root - navigate to /etc/

cd /etc/

Use VI to open the sudoers file:

vi sudoers

To use VI you will need to know the commands available here

In the file sudoers look for the following line:

## The COMMANDS section may have other options

So just below this line:

root ALL=(ALL) ALL

add this:

user_name computer_name=(root) NOPASSWD:/usr/bin/veracrypt

The user_name is obtained by the command:

whoami

and computer_name, 'localhost' by default, is obtained by the command:

hostname

All that's left is to restart the computer.


copy of the tutorial available here: veracrypt-installation-sur-mageia

Mageia 5

VeraCrypt is not available in Mageia 5 repositories.