Raspberry Pi (Raspbian): installing VeraCrypt from binaries. Tutorial
As you know TrueCrypt is't supported now. You can easily replace it with VeraCrypt, which can be found here.
Here you can find tutorial how you can install this software to your RPi and how to use it.
Updating systemFirst of all you need update your RPi, you can use my script system-update.sh
After this you need to install FUSE (w:FUSE):
$ sudo aptitude install libfuse-dev libfuse
Also, as I understand we need makeself, you can install it using:
$ sudo apt-get install makeself
$ sudo apt-get install libwxbase3.0-0
Installing VeraCryptWarning! This tutorial written for VeraCrypt version 1.19 if you have different version just replace version specific information.
$ cd ~
Adding temporary directory
$ mkdir tmp
Downloading binaries$ wget -L -O veracrypt-1.19-raspbian-setup.tar.bz2 https://sourceforge.net/projects/veracrypt/files/VeraCrypt%201.19/veracrypt-1.19-raspbian-setup.tar.bz2/download
Decompressing file:$ tar -vxjf ./veracrypt-1.19-raspbian-setup.tar.bz2
Making files executable:
$ chmod +x veracrypt-1.19-setup-*
After this you will have executable file veracrypt-1.19-setup-console-armv7 Now you run it to complete your installation:$ ./veracrypt-1.19-setup-console-armv7
You will see very simple to use installation menu and will be asked to accept user license. Cleaning up by removing installation files:$ rm veracrypt-*
After install you can use VeraCrypt to work with your encrypted volumes.
You always can check you VeraCrypt version using:
$ veracrypt --version
My output is:
Please, note that you can find super short tutorial in VeraCrypt help just typing:
$ veracrypt --help
Adding new volume
Create encrypted volume:
$ veracrypt --text --create
After calling this you will be asked for many questions. Everything is simple except one thing: you will be asked to enter 320 randomly chosen characters and then press Enter. It's a little bit difficult, so we can optimize this using openssl (w: OpenSSL)
Generating random binary data (1024 symbols):
$ openssl rand -base64 1024 > ./secret_data
Note: if you do not have openssl you can install it easily with:
$ sudo apt-get install openssl
Note: you can use /dev/random (w: /dev/random) and /dev/urandom files. But it's less secure than use openssl.
Now create new volume:
$ veracrypt --text --create -v --random-source=./secret_data
After this you will be asked for questions about configuration. My answers (for testing) was (asnwer marking with yellow background):
Select : 1
Enter volume path: /home/pi/vcdata.data
Enter volume size (sizeK/size[M]/sizeG): 10M
Select : 1
Select : 1
3) Linux Ext2
4) Linux Ext3
5) Linux Ext4
Select : 5
Re-enter password: (i used password "sdasdas8y2131" for testing)
Enter PIM: (hit Enter)
Enter keyfile path [none]: (hit Enter)
Done: 100.000% Speed: 164 KB/s Left: 0 s
The VeraCrypt volume has been successfully created.
Volume creation can take a lot of time, so be patient.
When volume created you can remove random bytes used for volume creation. You can use my sdelete utility for this operation.
$ sdelete ./secret_data
Note: after hitting enter when you asked for keyfile program can freeze for long time. I really don't know why.
As you know, mounting can be made to the empty folder. Let's create it for example:
$ mkdir vera_folder$ veracrypt /home/pi/vcdata.data /home/pi/vera_folder
After that you will be asked for questions. Example output here:
Enter password for /home/pi/vcdata.data: (here you will be asked for password which you enterred before, in this test it's a "sdasdas8y2131")
Enter PIM for /home/pi/vcdata.data: (hit Enter)
Enter keyfile [none]: (hit Enter)
Protect hidden volume (if any)? (y=Yes/n=No) [No]: (hit Enter)
Warning! Mounting can take a lot of time. Be patient.
You can find that mounted folder belongs to root. Let's fix it.
Going to folder:
$ cd ~/vera_folder
$ sudo chown -R pi:pi .
Yes, last command with dot symbol at end.
Now you can work with files in this directory and everything will be stored in VeraCrypt volume.
List all mounted files
You can list all mounted volumes by using:$ veracrypt -l
You can dismount all volumes by using:
$ veracrypt -d
Or dismount only selected:
$ veracrypt -d /home/pi/vera_folder/
Hope you like it.