As you may know, the development of TrueCrypt has been dropped, but a bunch of developers have adopted the project and decided to continue the work on the TrueCrypt’s source code. Two worth mentioning TrueCrypt forks are CipherShed (installation instructions) and VeraCrypt.
VeraCrypt has the entire functionality of TrueCrypt, but it also adds security enhancements, allowing the users to encrypt containers on hard drives and even partitions and hard drives.
The latest version available is VeraCrypt 1.12, which has been recently released, coming with the below changes:
- Implement “Dynamic Mode” by supporting a Personal Iterations Multiplier (PIM). See documentation for more information.
- Solve installer issue under KDE when xterm not available
- Fix warnings on about/LegalNotice dialogs when wxWidgets linked dynamically (N/A for official binary)
- Support hash names with ‘-‘ in command line (sha-256, sha-512 and ripemd-160)
- Remove “–current-hash” switch and add “–new-hash” to be more coherent with existing switches.
- When only keyfile specified in command line, don’t try to mount using empty password : If mounting using empty password is needed, explicitly specify so using: -p “”
Up to date packages are available via some third party PPA, so installing the software on Ubuntu systems is easy. Just add the PPA to your system, update the local repository index and install the veracrypt package:
$ sudo add-apt-repository ppa:unit193/encryption
$ sudo apt-get update
$ sudo apt-get install veracrypt
Optional, to remove veracrypt, do:
$ sudo apt-get remove veracrypt
The installation instructions should work on Ubuntu 15.10 Wily Werewolf, Ubuntu 15.04 Vivid Vervet, Ubuntu 14.04 Trusty Tahr, Linux Mint 17.2 Rafaela, Linux Mint 17.1 Rebecca, Linux Mint 17 Qiana, Pinguy OS 14.04, Elementary OS 0.3 Freya, Deepin 2014, Peppermint 6, Peppermint 5, LXLE 14.04 and Linux Lite 2.
Create a new volume:
$ veracrypt -t -c
Mount a volume:
$ veracrypt volume.hc /media/veracrypt1
Mount a volume as read-only, using keyfiles:
$ veracrypt -m ro -k keyfile1,keyfile2 volume.tc
Mount a volume without mounting its filesystem:
$ veracrypt --filesystem=none volume.tc
Mount a volume prompting only for its password:
$ veracrypt -t -k "" --protect-hidden=no volume.hc /media/veracrypt1
Dismount a volume:
$ veracrypt -d volume.tc
Dismount all mounted volumes:
$ veracrypt -d