VeraCrypt

Logo für VeraCrypt von Idrix, Apache License 2.0

VeraCrypt is a security software which allows to encrypt and decrypt drives, partitions or container files. Thus, VeraCrypt is very well suited for the secure storage of sensitive data. Moreover, it supports the principle of plausible deniability by allowing a single “hidden volume” to be created within another volume.

Since VeraCrypt is available not only for Linux, but also for Windows and OS-X, the software allows to share external harddrives or USB sticks across all platforms. The VeraCrypt GUI is programmed in Java.

TrueCrypt history

After the development of the encryption program TrueCrypt was discontinued in 2014, VeraCrypt has established itself as a trustworthy and improved successor. The open-source program from the French company Idrix, a provider of security software, claims to plug security gaps of ita predecessor and tightens the encryption. Security gaps criticized in an audit in October 2016 were immediately fixed in version 1.19.

While containers and drives encrypted with VeraCrypt cannot be open with Truecrypt, VeraCrypt can open legacy TrueCrypt devices; for this purpose, however, one must check the corresponding option in the dialog “Select device and mount” – otherwise VeraCrypt will not be able to open it. It is also possible to convert containers and partitions (but not system partitions) encrypted with TrueCrypt. If you still need TrueCrypt, you can download the last version 7.1a, which was released with the original functionality, for example from the Heise Software directory.

How to create, mount and unmount VeraCrypt volumes

Start by clicking on “Create volume” in the VeraCrypt GUI. On the following pages you select whether a file or a (system) drive/partition should be encrypted, whether this volume should be hidden and which encryption type is to be used. Then you have to choose a password, which you should remember well, otherwise you won’t be able to access your own data. Finally, you choose how the volume should be formatted, and create the entropy needed for encryption, for example, with mouse movements.

To mount an existing VeraCrypt volume and decrypt it, one clicks on the first free “slot” in the VeraCrypt GUI and then selects the desired volume either via the context menu or via the “File” or “Device” buttons. Once it is selected, one is asked for the encryption password.

To unmount a volume, select it and choose “Dismount”. If unmounting is not possible because the volume is still “busy”, you can find out in the terminal which processes are still accessing and thus blocking it:

sudo lsof | grep /media/veracrypt1/volumename

The path to the volume must of course be adjusted. Based on the output of this command, you can either close the programs involved or kill the processes involved.

Asking for root password

To prevent VeraCrypt from asking for the root password every time a device is mounted, create a file with root privileges called /etc/sudoers.d/veracrypt with the following contents:

USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt

License mix

While VeraCrypt is free, it is not considered to be open source software. Since it is a fork of TrueCrypt, parts of VeraCrypt inherit the TrueCrypt license, while new parts have been licensed under the well known Apache licence 2.0.

Installation

While VeraCrypt cannot be found in the Ubuntu repositories, the vendor recommends a PPA for the installation:

sudo add-apt-repository ppa:unit193/encryption
sudo apt update && sudo apt install veracrypt

Alternatives

Linux distributions usually have built-in encryption methods, that are already available in the installer. If you want to encrypt your server, laptop or pc, you should use them instead of VeraCrypt. First choice is Luks, which allows encrypting the root filesystem. The choice to encrypt only the home partition with Ecryptfs was removed from the Ubuntu installer.VeraCrypt is a security software which allows to encrypt and decrypt drives, partitions or container files. Thus, VeraCrypt is very well suited for the secure storage of sensitive data. Moreover, it supports the principle of plausible deniability by allowing a single “hidden volume” to be created within another volume.

Since VeraCrypt is available not only for Linux, but also for Windows and OS-X, the software allows to share external harddrives or USB sticks across all platforms. The VeraCrypt GUI is programmed in Java.

TrueCrypt history

After the development of the encryption program TrueCrypt was discontinued in 2014, VeraCrypt has established itself as a trustworthy and improved successor. The open-source program from the French company Idrix, a provider of security software, claims to plug security gaps of ita predecessor and tightens the encryption. Security gaps criticized in an audit in October 2016 were immediately fixed in version 1.19.

While containers and drives encrypted with VeraCrypt cannot be open with Truecrypt, VeraCrypt can open legacy TrueCrypt devices; for this purpose, however, one must check the corresponding option in the dialog “Select device and mount” – otherwise VeraCrypt will not be able to open it. It is also possible to convert containers and partitions (but not system partitions) encrypted with TrueCrypt. If you still need TrueCrypt, you can download the last version 7.1a, which was released with the original functionality, for example from the Heise Software directory.

Asking for root password

To prevent VeraCrypt from asking for the root password every time a device is mounted, create a file with root privileges called /etc/sudoers.d/veracrypt with the following contents:

USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt

License mix

While VeraCrypt is free, it is not considered to be open source software. Since it is a fork of TrueCrypt, parts of VeraCrypt inherit the TrueCrypt license, while new parts have bin licensed under the well known Apache licence 2.0.

Installation

While VeraCrypt cannot be found in the Ubuntu repositories, the vendor recommends a PPA for the installation:

sudo add-apt-repository ppa:unit193/encryption
sudo apt update && sudo apt install veracrypt

Alternatives

Linux distributions usually have built-in encryption methods, that are already available in the installer. If you want to encrypt your server, laptop or pc, you should use them instead of VeraCrypt. First choice is Luks, which allows encrypting the root filesystem. The choice to encrypt only the home partition with Ecryptfs was removed from the Ubuntu installer.VeraCrypt is a security software which allows to encrypt and decrypt drives, partitions or container files. Thus, VeraCrypt is very well suited for the secure storage of sensitive data. Moreover, it supports the principle of plausible deniability by allowing a single “hidden volume” to be created within another volume.

Since VeraCrypt is available not only for Linux, but also for Windows and OS-X, the software allows to share external harddrives or USB sticks across all platforms. The VeraCrypt GUI is programmed in Java.

TrueCrypt history

After the development of the encryption program TrueCrypt was discontinued in 2014, VeraCrypt has established itself as a trustworthy and improved successor. The open-source program from the French company Idrix, a provider of security software, claims to plug security gaps of ita predecessor and tightens the encryption. Security gaps criticized in an audit in October 2016 were immediately fixed in version 1.19.

While containers and drives encrypted with VeraCrypt cannot be open with Truecrypt, VeraCrypt can open legacy TrueCrypt devices; for this purpose, however, one must check the corresponding option in the dialog “Select device and mount” – otherwise VeraCrypt will not be able to open it. It is also possible to convert containers and partitions (but not system partitions) encrypted with TrueCrypt. If you still need TrueCrypt, you can download the last version 7.1a, which was released with the original functionality, for example from the Heise Software directory.

Asking for root password

To prevent VeraCrypt from asking for the root password every time a device is mounted, create a file with root privileges called /etc/sudoers.d/veracrypt with the following contents:

USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt

License mix

While VeraCrypt is free, it is not considered to be open source software. Since it is a fork of TrueCrypt, parts of VeraCrypt inherit the TrueCrypt license, while new parts have been licensed under the well known Apache licence 2.0.

Installation

While VeraCrypt cannot be found in the Ubuntu repositories, the vendor recommends a PPA for the installation:

sudo add-apt-repository ppa:unit193/encryption
sudo apt update && sudo apt install veracrypt

Alternatives

Linux distributions usually have built-in encryption methods, that are already available in the installer. If you want to encrypt your server, laptop or pc, you should use them instead of VeraCrypt. First choice is Luks, which allows encrypting the root filesystem. The choice to encrypt only the home partition with Ecryptfs was removed from the Ubuntu installer.VeraCrypt is a security software which allows to encrypt and decrypt drives, partitions or container files. Thus, VeraCrypt is very well suited for the secure storage of sensitive data. Moreover, it supports the principle of plausible deniability by allowing a single “hidden volume” to be created within another volume.

Since VeraCrypt is available not only for Linux, but also for Windows and OS-X, the software allows to share external harddrives or USB sticks across all platforms. The VeraCrypt GUI is programmed in Java.

TrueCrypt history

After the development of the encryption program TrueCrypt was discontinued in 2014, VeraCrypt has established itself as a trustworthy and improved successor. The open-source program from the French company Idrix, a provider of security software, claims to plug security gaps of ita predecessor and tightens the encryption. Security gaps criticized in an audit in October 2016 were immediately fixed in version 1.19.

While containers and drives encrypted with VeraCrypt cannot be open with Truecrypt, VeraCrypt can open legacy TrueCrypt devices; for this purpose, however, one must check the corresponding option in the dialog “Select device and mount” – otherwise VeraCrypt will not be able to open it. It is also possible to convert containers and partitions (but not system partitions) encrypted with TrueCrypt. If you still need TrueCrypt, you can download the last version 7.1a, which was released with the original functionality, for example from the Heise Software directory.

Asking for root password

To prevent VeraCrypt from asking for the root password every time a device is mounted, create a file with root privileges called /etc/sudoers.d/veracrypt with the following contents:

USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt

License mix

While VeraCrypt is free, it is not considered to be open source software. Since it is a fork of TrueCrypt, parts of VeraCrypt inherit the TrueCrypt license, while new parts have bin licensed under the well known Apache licence 2.0.

Installation

While VeraCrypt cannot be found in the Ubuntu repositories, the vendor recommends a PPA for the installation:

sudo add-apt-repository ppa:unit193/encryption
sudo apt update && sudo apt install veracrypt

Alternatives

Linux distributions usually have built-in encryption methods, that are already available in the installer. If you want to encrypt your server, laptop or pc, you should use them instead of VeraCrypt. First choice is Luks, which allows encrypting the root filesystem. The choice to encrypt only the home partition with Ecryptfs was removed from the Ubuntu installer.