TrueCrypt is a free, open source, system for establishing and maintaining an on-the-fly-encrypted filesystem. TrueCrypt is available for Linux, Windows, and Mac OS X. Encrypted volumes can be used with any supported OS regardless of which OS they were created on.
Please note: This guide was originally published back in 2008. Quite obviously, a lot has changed since then (including Ubuntu). TrueCrypt has been replaced by VeraCrypt. This article is staying online as a historical/archived document, and should be treated as such.
- To install TrueCrypt visit http://www.truecrypt.org, scroll down to Linux, select Ubuntu – x86.deb, then click Download.
- When the download is complete, browse to it in the File Browser, right-click on it, and select Extract Here.
- Now double-click on the extracted file and click Run when prompted what to do with the file.
- Next, click Extract .deb Package File.
- You must agree to the TrueCrypt License. Click I accept and agree to be bound by the license terms.
- The TrueCrypt installation package is extracted and placed in /tmp
- Using the File Browser, browse to /tmp and right-click on the TrueCrypt .deb file, then select Open with “GDebi Package Installer”.
- Now click Install Package.
- When prompted, enter your password and click OK.
- The package manager will automatically download and install any dependencies as well as install TrueCrypt.
- Run TrueCrypt by clicking Applications -> Other -> TrueCrypt.
- Click Create Volume to start the Volume Creation Wizard.
- In this example I’m going to create an encrypted volume on an entire USB stick rather than the default encrypted file container. Click Create a volume within a partition/drive then click Next.
- The default Volume Type is a Standard TrueCrypt volume, which is fine with me. Click Next.
- Next we have to choose the Volume Location. Click Select Device.
- My USB stick shows up as /dev/sdb, so I selected /dev/sdb and clicked OK. Your USB stick may show up as a different device. Make sure you are selecting the correct device.
- Now the Volume Location shows /dev/sdb. Click Next.
- When prompted if you’re sure you want to encrypt the entire device, click Yes.
- The following error message surprised me. I would have though TrueCrypt would have given me the option to delete the partitions. Instead I had to do it manually. Click OK.
- Now click Applications -> Accessories -> Terminal.
- The following steps will delete the existing partition from the USB stick. This will erase any files on the device so make sure you have a backup if there’s anything on it that you want to keep.
In the terminal window type sudo fdisk /dev/sdb substituting sdb with the correct device name for your USB stick. Enter your password if prompted, then simply enter d to delete the partition, then w to write the changes to the device. Close the terminal window.
- Now we’re back at the TrueCrypt Volume Creation Wizard. Click Next.
- Enter your password when prompted and click OK.
- The default Encryption Options are good enough for me. Click Next.
- Now enter and confirm the password you want to use for your encrypted volume, then click Next.
- TrueCrypt warned me that the password I chose was too short, but seeing how this is just an example I clicked Yes to confirm that I was fine with the short password.
- I chose to accept the default Format Options. Note that if you want to be able to use your encrypted USB stick with Windows systems too, you must use the FAT filesystem. Click Next.
- Wiggle your mouse cursor around within the TrueCrypt window for a bit, then click Format.
- You will be warned that all files currently on your USB stick will be erased. Click Yes.
- You might want to grab a coffee at this stage. Formatting the volume took far longer for me than the estimated 105 seconds.
- Hopefully when you come back from coffee, you’ll see the following and click OK.
- We’re not going to create another TrueCrypt volume, so click Exit.
- Now we need to mount the encrypted volume so we can use it. Select Slot 1 in the top pane, then click Select Device.
- I chose /dev/sdb and clicked OK.
- Now click Mount.
- Enter the password you chose when encrypting the volume and click OK.
- Note that the encrypted volume now shows up in the top pane and an icon representing the encrypted volume has appeared on the desktop. Click Exit.
- Double-click on the TrueCrypt volume icon on the desktop and you have a fresh, blank, encrypted disk to use just as you would any other disk.
- When you are finished using your encrypted volume, open TrueCrypt again by selecting Applications -> Other -> TrueCrypt. Select your encrypted volume in the top pane, then click Dismount.
- TrueCrypt unmounts the volume and you should see that the top pane is now empty.
I was just wondering, can I use such encrypted USB on other PCs. I guess they need to have TrueCrypt instaled? Is it possible to have the program for both ubuntu and Windows on a USB and run it from there (they of course should not be encrypted)?
Great tutorial on how to use TrueCrypt to encrypt a USB drive.