From ArchWiki
Revision as of 22:09, 22 February 2013 by Holomorph (talk | contribs)
Jump to: navigation, search

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary end

tcplay is a free (BSD-licensed), pretty much fully featured (including multiple keyfiles, cipher cascades, etc.) and stable TrueCrypt implementation.

Source: github project home


Install tcplay-git from the AUR.

Encrypting a file as a virtual volume


 # losetup -f

to find the first unused loopback device; in this example, /dev/loop0. Create a new container, 20M in size for instance, in the working directory:

 # dd if=/dev/zero bs=1 count=0 seek=20M
 # losetup /dev/loop0
 # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS

Enter a secure password for the volume, and confirm the query to overwrite with the new volume. tcplay will then write random data into the volume. Map the volume and create a filesystem on it in order to mount

 # tcplay -m -d /dev/loop0
 # mkfs.ext4 /dev/mapper/
 # mount /dev/mapper/ /mnt/truecrypt/

To unset the container,

 # umount /mnt/truecrypt
 # dmsetup remove
 # losetup -d /dev/loop0

Mounting an existing container for a user

Consider /dev/loop0 the first unused loop device, the TrueCrypt container, /home/you/truecrypt/ the desired mount point. The user you in this example has uid=1000 and gid=100. The steps for mounting the container as a virtual volume are:

  1. Associate loop device with the container
  2. Map the container to the loop device
  3. Mount the container in the filesystem

The following commands perform the given actions and reverse them.

 # losetup /dev/loop0
 # tcplay -m -d /dev/loop0
 # mount -o nosuid,uid=1000,gid=100 /dev/mapper/ /home/you/truecrypt/
 # umount /home/you/truecrypt/
 # dmsetup remove
 # losetup -d /dev/loop0

Related links