TrueCrypt 6.1a for Mandriva 2008.1, 2009.0 & 2009.1
Free open-source disk encryption software
Link alla homepage del programma:
http://www.truecrypt.org/
.
.
Main Features:
- Creates a virtual encrypted disk within a file and mounts it as a real disk.
- Encrypts an entire partition or storage device such as USB flash drive or hard drive.
- Encrypts a partition or drive where Windows is installed (pre-boot authentication).
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:1) Hidden volume (steganography) and hidden operating system.2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
- Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
Further information regarding features of the software may be found in the documentation
Changelog ver 6.1a
Improvements, bug fixes, and security enhancements:
- Minor improvements, bug fixes, and security enhancements.Note: If you are using an older version of TrueCrypt, it is highly recommended that you upgrade to the latest stable version.
Changelog ver 6.1
New features:
Note: To encrypt a non-system partition in place, click ‘Create Volume‘ > ‘Encrypt a non-system partition‘ > ‘Standard volume‘ > ‘Select Device‘ > ‘Encrypt partition in place‘ and then follow the instructions in the wizard. Please note that this is not supported on Windows XP/2000/2003 as these versions of Windows do not natively support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).
- Support for security tokens and smart cards (for more information, see section Security Tokens and Smart Cards in chapter Keyfiles).
- The TrueCrypt boot loader can be prevented from displaying any texts (by selecting Settings > System Encryption and enabling the option ‘Do not show any texts in the pre-boot authentication screen’).
- The TrueCrypt boot loader can now display a custom message (select Settings > System Encryption and enter the message in the corresponding field) either without any other texts or along with the standard TrueCrypt boot loader texts.
- Pre-boot authentication passwords can now be cached in the driver memory, which allows them to be used for mounting of non-system TrueCrypt volumes (select Settings > System Encryption and enable the option ‘Cache pre-boot authentication password‘).
- Linux and Mac OS X versions: The ability to mount a Windows system partition encrypted by TrueCrypt and to mount a partition located on a Windows system drive that is fully encrypted by a Windows version of TrueCrypt.
Improvements:
- During the process of creation of a hidden operating system, TrueCrypt now securely erases the entire content of the partition where the original system resides after the hidden system has been created. The user is then prompted to install a new system on the partition and encrypt it using TrueCrypt (thus the decoy system is created).Note: Although we are not aware of any security issues (connected with decoy systems) affecting the previous versions of TrueCrypt, we have implemented this change to prevent any such undiscovered security issues (if there are any). Otherwise, in the future, a vulnerability might be discovered that could allow an attacker to find out that the TrueCrypt wizard was used in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on the computer) e.g. by analyzing files, such as log files created by Windows, on the partition where the original system (of which the hidden system is a clone) resides. In addition, due to this change, it is no longer required that the paging file is disabled and hibernation prevented when creating a hidden operating system.
- Many other improvements.
Bug fixes:
- Many minor bug fixes and security improvements.
Richiesta:
Si va ad accontentare una richiesta da emanueleeeee
Vista la rimozione del pacchetto Realcrypt dai repository Mandriva, è diventata indispensabile la pacchettizzazione di Truecrypt. Attualmente c’è pacchettizzata dal MIB soltanto la versione per Mandriva 2008.1
Siccome a breve uscirà la versione stabile di Mandriva 2009.1 ho scritto sia Mandriva 2009.0 che Mandriva 2009.1
Se è un problema impacchettarle entrambe, meglio farlo direttamente per la Mandriva 2009.1
Pacchetti:
Files di esempio (sample file names):
=================================
truecrypt-6.1a-69.1mib2009.0.x86_64.rpm
truecrypt-gui-6.1a-69.1mib2009.0.x86_64.rpm
Porting preparato da dago68
Pacchettizzazione effettuata da dago68, nicco, symbianflo
Il programma funziona allo stesso modo di come funzionava la versione pacchettizzata sempre dal MIB per Mandriva 2008.1
Ci sono dei piccoli problemi…
Quando viene richiesta la password di amministratore per montare il drive virtuale, dopo l’immissione esce il seguente messaggio di errore:
Failed to obtain administrator privileges: sudo: pam_authenticate:modulo sconosciuto
Se si avvia Truecrypt direttamente da amministratore il problema non nasce, ma l’utente normale non può accedere al drive virtuale montato, quindi nasce l’esigenza di utilizzare dolphin da amministratore… cose semplici ma un po difficili per un utente alle prime armi
Su consiglio di “dago68″ ho seguito queste indicazioni:
CONFIGURE YOUR SYSTEM:
1. Become root: Code:
$ su -
2. Run edit your sudoers file: Code:
# visudo
Always edit the sudoers file with visudo. Before closing it will check to make sure any changes are valid. If you do not use visudo you run the risk of having sudo not function.
3. Add the following: Code:
your_user_name ALL=(ALL) ALL
This can be made more secure by only giving sudo access to /usr/local/bin/truecrypt.
4. Have fuse load at boot by adding fuse to /etc/modules. Code:
# echo fuse > /etc/modules
That’s it. You should now have TrueCrypt built, installed and working on Mandriva. When TrueCrypt asks for administrator privlieges give it your password. If you get an error similar to “sudo: pam_authenticate: Module is unknown” than you either mistyped your password or you do not have sudo setup properly.
Ora funziona quasi perfettamente, alla richiesta di password per i privilegi di amministrazione va immessa la password dell’utente e si monta regolarmente il volume. L’ultimo problema, spero una sciocchezza è che mi monta i volumi soltanto in lettura… non posso scriverci su da utente normale ma posso visualizzarlo, montarlo e smontarlo
Dopo nuovi test segnalo che il problema del montaggio del volume in sola lettura era presente anche se si apriva il percorso da utente root… praticamente era impossibile scrivere, si poteva solo leggere. Il problema però si presentava con un archivio che gia avevo creato precedentemente con windows… e copincollato nella home di Linux
Se invece viene creato un archivio ex novo tutto sembra funzionare perfettamente senza problemi di autorizzazioni