From ArchWiki
Revision as of 21:44, 22 February 2013 by Holomorph (talk | contribs)
Jump to: navigation, search

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary end

tcplay is a free (BSD-licensed), pretty much fully featured (including multiple keyfiles, cipher cascades, etc.) and stable TrueCrypt implementation.

This implementation supports mapping (opening) both system and normal TrueCrypt volumes, as well as opening hidden volumes and opening an outer volume while protecting a hidden volume. There is also support to create volumes, including hidden volumes, etc.

Since tcplay uses dm-crypt, it makes full use of any available hardware encryption/decryption support once the volume has been mapped.

It is based solely on the documentation available on the TrueCrypt website, many hours of trial and error and the output of the Linux' TrueCrypt client. As it turns out, most technical documents on TrueCrypt contains mistakes, hence the trial and error approach.

Source: github project home


Install tcplay-git from the AUR.

Encrypting a file as a virtual volume


 # losetup -f

to find the first unused loopback device; in this example, /dev/loop0. Create a new volume, 20M in size for instance, in the working directory:

 # dd if=/dev/zero bs=1 count=0 seek=20M
 # losetup /dev/loop0
 # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS

Enter a secure password for the volume, and confirm the query to overwrite with the new volume. tcplay will then write random data into the volume. Map the volume and create a filesystem on it in order to mount

 # tcplay -m -d /dev/loop0
 # mkfs.ext4 /dev/mapper/
 # mount /dev/mapper/ /mnt/truecrypt/

To unset the container,

 # umount /mnt/truecrypt
 # dmsetup remove
 # losetup -d /dev/loop0

Related links