Truecrypt

TrueCrypt is a powerful, cross-platform Open Source encryption application.

Main features:

  • Automatic real-time, on-the-fly encryption
  • It is able to use encrypted files (so called “containers”) to create virtual encrypted disks
  • It is able to encrypt whole partitions or external storage devices (e.g. USB flash drives)
  • Provides encryption of the entire storage device on MS Windows (full disk encryption incl. pre-boot authentication).

Installation

Ubuntu

10.04 Lucid and above

TrueCrypt does not provide a repository. But the project offers .tar.gz archives containing a .deb based setup wizard for manual installation. It installs TrueCrypt in a clean way, including an uninstall script. Therefore this is one of the rare cases where bypassing Ubuntu's package manager is no problem even for inexperienced users.

Installation script: truecrypt-install.sh

readm3.org provides a TrueCrypt installation bash script, making the TrueCrypt setup even easier! Simply open a terminal and run the following command to download start it (copy and paste recommended):1)

wget "http://readm3.org/_export/code/app/truecrypt/truecrypt-install.sh?codeblock=1" -O "/tmp/truecrypt-install.sh" && chmod a+rx "/tmp/truecrypt-install.sh" && sudo "/tmp/truecrypt-install.sh"

What the script does:

  1. Uninstalls eventually existing older TrueCrypt versions to prevent problems (your TrueCrypt settings will be preserved)
  2. Downloads the newest TrueCrypt version fitting your architecture (32bit/64bit) into a temporary directory (including cleanup after installation is done)
  3. Starts the installation wizard
  4. Optionally modifies the /etc/sudoers file for your user account, making it possible to (un)mount TrueCrypt volumes and devices without the need to type your sudo password. The scripts asks you if you want to do so.

After installation, you can start the program by clicking “Applications→Accessories→TrueCrypt”.2) Or open a terminal and start it via truecrypt. If you need a TrueCrypt icon (for own starters etc.), have a look at /usr/share/pixmaps/truecrypt.xpm.

Manual installation

If you don't want to use the script offered above:3)

  1. Uninstall eventually existing older TrueCrypt versions to prevent problems.
  2. Download the archive fitting the architecture of the target system.
  3. Open a terminal, extract the archive and run the uncompressed setup file with superuser privileges:
    sudo /path/to/truecrypt-<verion>-setup-<architecture>

    The setup wizard will appear. Simply follow its instructions. You can delete the downloaded archive and the setup file after the installation was done.

  4. If you want to (un)mount TrueCrypt volumes without the need for typing your sudo password, have a look at “(un)mount volumes without root/sudo password (Debian/Ubuntu)” below.

Windows

XP and above

Simply download the Windows installer and execute it with administrator privileges.

Update

Ubuntu

10.04 Lucid and above

Simply uninstall your existing TrueCrypt and install the newest version afterwards.

Windows

XP and above

Simply download the Windows installer of the newest TrueCrypt version and execute it with administrator privileges. The installer is intelligent enough to detect and update an existing TrueCrypt installation. If you encrypted your entire storage device (full disk encryption), you should reboot and re-new your Rescue Disk (TrueCrypt→System→Create Rescue Disk…) afterwards.

Uninstall

Ubuntu

10.04 Lucid and above

Unmount all TrueCrypt volumes, open a terminal and run the following command:

sudo truecrypt-uninstall.sh

The uninstall script does not delete your TrueCrypt configuration and settings. You have to remove the ~/.TrueCrypt/ directory manually if you want to delete them.

Windows

XP and above

Simply remove TrueCrypt via Windows Control Panel (administrator privileges needed). If you encrypted your entire storage device (full disk encryption), you should decrypt your drive before removing TrueCrypt (TrueCrypt→System→Permanently Decrypt System Partition/Drive).

Tips and tricks

(un)mount volumes without root/sudo password (Debian/Ubuntu)

You need superuser privileges to (un)mount TrueCrypt volumes. This is why your systems asks you to enter your sudo password, e.g. when mounting a container file. An easy way to get rid of this password question is to create a tcusers group and allow all members of it to call /usr/bin/truecrypt with superuser privileges without password trough editing /etc/sudoers:4)

  1. Open a terminal and open an adequate editor:
    EDITOR=nano sudo -E visudo

    Do not use a common editor to edit the file because a broken /etc/sudoers file may lock yourself out of the system and you probably need to boot into the Recovery Mode to recover system access. visudo checks the /etc/sudoers syntax before storing it to prevent this (including a check if the last line is blank as it has to be).

  2. Insert the following:
    # Members of the tcusers group may run TrueCrypt without password
    %tcusers ALL=(root) NOPASSWD:/usr/bin/truecrypt

    You can store the file and close the editor by pressing Ctrl+X.

  3. Create the tcusers group and add your own user to it (Hint: the $USER var contains the username of the currently logged in user):
    sudo groupadd tcusers
    sudo adduser "$USER" tcusers

After logging out and in, there should be no more password prompt when mounting a TrueCrypt volume.

See also

1)
working Internet connection needed
2)
On some systems, the icon initially appears only after an OS and/or program restart
3)
or you need something to copy on a USB flash drive to install TrueCrypt on a PC without Internet access
4)
/etc/sudoers controls who is allowed to start listed commands with root privileges without the need for a password (among some other things).
Print/export
QR Code
QR Code app:truecrypt:start (generated for current page)
Languages
Translations of this page: