ObjectiveInstall VeraCrypt and encrypt a drive.
DistributionsThis guide will work on nearly any Linux distribution.
RequirementsA working install of one of the supported distributions with root privileges.
- # - requires given linux command to be executed with root privileges either directly as a root user or by use of
- $ - given linux command to be executed as a regular non-privileged user
IntroductionTrueCrypt was known as a gold standard in filesystem encryption. It was known for providing excellent encryption options, including hidden encrypted volumes. That's something the LUKS can't do. TrueCrypt has been abandoned, but it's been forked into VeraCrypt.
VeraCrypt is the successor to TrueCrypt, and it can do everything that its parent could. VeraCrypt is still under active development with the latest encryption standards being supported.
Veracrypt is available from the developer's website in the form of a series of runner scripts. Go ahead and download the Linux tarball. Open the tarball on your system when the download completes. The tarball contains a series of scripts to install either the GUI or command line version VeraCrypt for both 32bit and 64bit systems. Run the right GUI one for you. It's much easier to work with graphically.
$ sudo ./veracrypt-1.22-setup-gui-x64The installer is kind of ugly, but just agree and install VeraCrypt. It's a basic installer.
Create An Encrypted File Container
After you click the button to begin the volume creation process, a new window will open up to walk you through setting up your new volume.
VeraCrypt supports two different types of volumes. One is a virtual volume that you can create anywhere. It looks and behaves like a file to the rest of your system, but VeraCrypt can open it and access the files stored within it. The other option encrypts an actual partition or device. This guide will focus on encrypted containers. The process for a drive is very similar.
Ext4is a safe bet for Linux systems. VeraCrypt will also ask on the next screen if you do only plan to use your drive on Linux.
Mount A DriveOnce your drive is formatted, it's ready to use. In order to use your drive, you're going to need to mount it.
Back on the main VeraCrypt screen, you'll see two buttons;
select device. If you followed this guide and created a file, use that one. If you opted for a device instead, go that route.
For the file, a standard file browser window will open up. Browse to the location where you created your file, and select it. If you have a drive, the window will display all the storage hardware on your machine. Select your drive.