VeraCrypt is a cross platform encryption solution. It can create encrypted containers to protect your files, or you can encrypt an entire disk partition on a Linux system. VeraCrypt uses the latest encryption standards, so many users place their trust in it. In this tutorial, you will see the step by step instructions to encrypt an entire disk on Ubuntu Linux.
In this tutorial you will learn:
- How to install VeraCrypt on Ubuntu
- How to use full disk encryption with VeraCrypt on Ubuntu Linux
Category | Requirements, Conventions or Software Version Used |
---|---|
System | Ubuntu Linux |
Software | VeraCrypt |
Other | Privileged access to your Linux system as root or via the sudo command. |
Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
Full disk Encryption with VeraCrypt on Ubuntu Linux step by step instructions
Follow the step by step instructions below to download, install, and use VeraCrypt to configure full disk encryption on Ubuntu Linux.
- Get started by heading to the official VeraCrypt download page, where you will find a DEB package available for Debian based systems like Ubuntu. Download the latest GUI version available.
- Open your command line terminal and begin the installation by using the
apt
command on the DEB file.$ sudo apt install ~/Downloads/veracrypt-1.25.9-Debian-11-amd64.deb
- Next, open up VeraCrypt from Ubuntu’s
Activities
menu. - Select the “Create volume” button.
- Choose to encrypt a non system partition/drive, since we will be encrypting the full disk. Then click next.
- Select the volume type that you prefer. Hidden volumes will not be listed and so might be easier to spot for prying eyes. We will keep things simple in our example and go with standard VeraCrypt volume.
- Choose the partition or disk that you want to encrypt. We will choose
/dev/sdb
in our example, as it is our secondary hard drive. This is just a raw block device, with no partitions of file system currently installed. - As long as you are sure that you have selected the correct device, choose yes on the next confirmation prompt.
- Enter your adminiatrator password, as you need root permission to perform the next step.
- Choose the type of encryption you would like to use. Going with the default AES-512 is definitely a safe bet, unless you have some other preference. Click next to continue.
- Choose the password that you will be using for your encrypted disk or partition. Be careful to choose something you will remember, otherwise you will lose access to all of your files.
- Select whether or not you plan to store large files in the VeraCrypt volume. This allows the program to optimize your storage accordingly.
- For file system selection, we recommend ext4. We also recommend the quick format option, unless you previously had sensitive information on the disk and have time to let VeraCrypt securely delete all traces of it. Click next when done.
- Choose whether you need cross platform support or not.
- You will need to move your mouse around in this window a lot, in order to generate random input. Once the bar is full, click on format.
- In a moment or two, your VeraCrypt volume will be finished creating and you should get a success prompt.
- To mount your newly created VeraCrypt volume, click on Select Device, then choose the device path you just encrypted. Then click mount.
- Enter the password that you used to encrypt the drive.
- You will now see that your VeraCrypt volume has been mounted. By default, ours mounts to
/media/veracrypt1
.
Closing Thoughts
In this tutorial, we saw how to use VeraCrypt for full disk encryption on an Ubuntu Linux system. This will keep all data on our disk secure with VeraCrypt’s AES-512 encryption, or whichever setup you chose. To access the volume, you just need to mount it with VeraCrypt and enter your password.