Difference between revisions of "Tcplay"

From ArchWiki
Jump to: navigation, search
m (Installation: fix link to tcplay: pkg has been moved to community today)
(7 intermediate revisions by 2 users not shown)
Line 15: Line 15:
  
 
== Installation ==
 
== Installation ==
Install {{Ic|tcplay-git}} from the AUR.
+
Install {{Pkg|tcplay}} or {{AUR|tcplay-git}} from the AUR.
  
 
== Encrypting a file as a virtual volume ==
 
== Encrypting a file as a virtual volume ==
Line 21: Line 21:
 
Invoke  
 
Invoke  
  
   # losetup -f
+
   $ losetup -f
  
 
to find the first unused loopback device; in this example, {{Ic|/dev/loop0}}.
 
to find the first unused loopback device; in this example, {{Ic|/dev/loop0}}.
Create a new volume {{Ic|test.tc}}, 20M in size for instance, in the working
+
 
 +
{{Note|As of udev 181-5, the {{Ic|loop}} device module is no longer auto-loaded.}}
 +
 
 +
Create a new container {{Ic|foo.tc}}, 20M in size for instance, in the working
 
directory:
 
directory:
  
   # dd if=/dev/zero of=test.tc bs=1 count=0 seek=20M
+
   # dd if=/dev/zero of=foo.tc bs=1 count=0 seek=20M
   # losetup /dev/loop0 test.tc
+
   # losetup /dev/loop0 foo.tc
 
   # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS
 
   # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS
  
 
Enter a secure password for the volume, and confirm the query to overwrite
 
Enter a secure password for the volume, and confirm the query to overwrite
{{Ic|test.tc}} with the new volume. tcplay will then write random data into the
+
{{Ic|foo.tc}} with the new volume. tcplay will then write random data into the
 
volume. Map the volume and create a filesystem on it in order to mount
 
volume. Map the volume and create a filesystem on it in order to mount
  
   # tcplay -m test.tc -d /dev/loop0
+
   # tcplay -m foo.tc -d /dev/loop0
   # mkfs.ext4 /dev/mapper/test.tc
+
   # mkfs.ext4 /dev/mapper/foo.tc
   # mount /dev/mapper/test.tc /mnt/truecrypt/
+
   # mount /dev/mapper/foo.tc /mnt/truecrypt/
  
 
To unset the container,
 
To unset the container,
  
 
   # umount /mnt/truecrypt
 
   # umount /mnt/truecrypt
   # dmsetup remove test.tc
+
   # dmsetup remove foo.tc
 
   # losetup -d /dev/loop0
 
   # losetup -d /dev/loop0
  
==Related links==
+
==Mounting an existing container for a user==
 +
 
 +
Consider {{Ic|/dev/loop0}} the first unused loop device, {{Ic|foo.tc}} the
 +
TrueCrypt container, {{Ic|/home/you/truecrypt/}} the desired mount point. The
 +
user {{Ic|you}} in this example has {{Ic|uid=1000}} and {{Ic|gid=100}}. The
 +
steps for mounting the container as a virtual volume are:
 +
 
 +
# Associate loop device with the container
 +
# Map the container to the loop device
 +
# Mount the container in the filesystem
 +
 
 +
The following commands perform the above actions.
 +
 
 +
  # losetup /dev/loop0 foo.tc
 +
  # tcplay -m foo.tc -d /dev/loop0
 +
  # mount -o nosuid,uid=1000,gid=100 /dev/mapper/foo.tc /home/you/truecrypt/
 +
 
 +
To reverse them:
 +
 
 +
  # umount /home/you/truecrypt/
 +
  # dmsetup remove foo.tc
 +
  # losetup -d /dev/loop0
 +
 
 +
== See also ==
 +
 
 
* [http://leaf.dragonflybsd.org/cgi/web-man?command=tcplay&section=8 Manual page for tcplay]
 
* [http://leaf.dragonflybsd.org/cgi/web-man?command=tcplay&section=8 Manual page for tcplay]
 
* [http://jasonwryan.com/blog/2013/01/10/truecrypt/ Jason Ryan: Replacing TrueCrypt]
 
* [http://jasonwryan.com/blog/2013/01/10/truecrypt/ Jason Ryan: Replacing TrueCrypt]

Revision as of 13:14, 13 December 2013

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary end

tcplay is a free (BSD-licensed), pretty much fully featured (including multiple keyfiles, cipher cascades, etc.) and stable TrueCrypt implementation.

Source: github project home

Installation

Install tcplay or tcplay-gitAUR from the AUR.

Encrypting a file as a virtual volume

Invoke

 $ losetup -f

to find the first unused loopback device; in this example, /dev/loop0.

Note: As of udev 181-5, the loop device module is no longer auto-loaded.

Create a new container foo.tc, 20M in size for instance, in the working directory:

 # dd if=/dev/zero of=foo.tc bs=1 count=0 seek=20M
 # losetup /dev/loop0 foo.tc
 # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS

Enter a secure password for the volume, and confirm the query to overwrite foo.tc with the new volume. tcplay will then write random data into the volume. Map the volume and create a filesystem on it in order to mount

 # tcplay -m foo.tc -d /dev/loop0
 # mkfs.ext4 /dev/mapper/foo.tc
 # mount /dev/mapper/foo.tc /mnt/truecrypt/

To unset the container,

 # umount /mnt/truecrypt
 # dmsetup remove foo.tc
 # losetup -d /dev/loop0

Mounting an existing container for a user

Consider /dev/loop0 the first unused loop device, foo.tc the TrueCrypt container, /home/you/truecrypt/ the desired mount point. The user you in this example has uid=1000 and gid=100. The steps for mounting the container as a virtual volume are:

  1. Associate loop device with the container
  2. Map the container to the loop device
  3. Mount the container in the filesystem

The following commands perform the above actions.

 # losetup /dev/loop0 foo.tc
 # tcplay -m foo.tc -d /dev/loop0
 # mount -o nosuid,uid=1000,gid=100 /dev/mapper/foo.tc /home/you/truecrypt/

To reverse them:

 # umount /home/you/truecrypt/
 # dmsetup remove foo.tc
 # losetup -d /dev/loop0

See also