Objective
Install VeraCrypt and encrypt a drive.Distributions
This guide will work on nearly any Linux distribution.Requirements
A working install of one of the supported distributions with root privileges.Conventions
- # - requires given linux command to be executed with root privileges either directly as a root user or by use of
sudo
command - $ - given linux command to be executed as a regular non-privileged user
Introduction
TrueCrypt was known as a gold standard in filesystem encryption. It was known for providing excellent encryption options, including hidden encrypted volumes. That's something the LUKS can't do. TrueCrypt has been abandoned, but it's been forked into VeraCrypt.VeraCrypt is the successor to TrueCrypt, and it can do everything that its parent could. VeraCrypt is still under active development with the latest encryption standards being supported.
Get VeraCrypt
Subscribe to RSS and NEWSLETTER and receive latest Linux news, jobs, career advice and tutorials.
$ sudo ./veracrypt-1.22-setup-gui-x64The installer is kind of ugly, but just agree and install VeraCrypt. It's a basic installer.
Once the installation completes, you can find VeraCrypt in your desktop environment's launcher menu. Open it up. The default window looks plain at first. The top of the window lists a series of drives. Those are all virtual mount points that VeraCrypt uses to manage your encrypted volumes. Below that, you'll find a series of buttons. Click the one to create a volume.
Create An Encrypted File Container
VeraCrypt supports two different types of volumes. One is a virtual volume that you can create anywhere. It looks and behaves like a file to the rest of your system, but VeraCrypt can open it and access the files stored within it. The other option encrypts an actual partition or device. This guide will focus on encrypted containers. The process for a drive is very similar.
Next, you'll be asked where you want to create your file. Choose any place that works for you. Again, this behaves like any other file to the rest of your system.
VeraCrypt lets you select the size of your container. You can't resize it once it's made, so pick something sufficiently large.
You'll then be asked to set a password for your volume. Like all other encrypted drives, you're going to need to remember this one. There is no recovery.
After that, you'll be prompted to select a filesystem to format to.
Ext4
is a safe bet for Linux systems. VeraCrypt will also ask on the next screen if you do only plan to use your drive on Linux.Finally, you'll be prompted to move your mouse around to generate randomness for the encryption. Go until the bar is filled. Then, encrypt your drive.
Mount A Drive
Once your drive is formatted, it's ready to use. In order to use your drive, you're going to need to mount it.Back on the main VeraCrypt screen, you'll see two buttons;
select file
and select device
. If you followed this guide and created a file, use that one. If you opted for a device instead, go that route. For the file, a standard file browser window will open up. Browse to the location where you created your file, and select it. If you have a drive, the window will display all the storage hardware on your machine. Select your drive.
Once you have your encrypted volume selected, you'll be prompted to enter the password to unlock it. Do so. VeraCrypt will decrypt your drive, and it'll appear in one of the drive slots at the top of the window. Click on it to open the drive and view its contents. You can now use your drive as normal. When you're done, click the button at the bottom of the VeraCrypt window to close the drive and unmount it.