VPS: WEDOS Disk with TrueCrypt Support

A step by step manual, how to setup the TrueCrypt container for remote storage backup (Wedos Disk).

TrueCrypt Setup

For the TrueCrypt installation, please, refer to the TrueCrypt setup.

WEDOS Disk

Edit the /etc/fstab file and add:

//1591.s91.wedos.net/s1591 /mnt/wedosdisk cifs cred=/root/secret.cfg,_netdev,nounix,noperm 0 0

to mount the Wedos Disk using cifs (samba). Then create the /root/secret.cfg file and insert:

username=s1591
password=***************

Now mount the Wedos disk using:

mount /mnt/wedosdisk

Create a TrueCrypt Volume Using a Wizard

Create the encrypted volume:

truecrypt -t -c
Volume type:
 1) Normal
 2) Hidden
Select [1]: 1

Enter volume path: /mnt/wedosdisk/backup.tc

Enter volume size (sizeK/size[M]/sizeG): 4500[M]

Encryption algorithm:
 1) AES
 2) Serpent
 3) Twofish
 4) AES-Twofish
 5) AES-Twofish-Serpent
 6) Serpent-AES
 7) Serpent-Twofish-AES
 8) Twofish-Serpent
Select [1]: 

Hash algorithm:
 1) RIPEMD-160
 2) SHA-512
 3) Whirlpool
Select [1]: 

Filesystem:
 1) None
 2) FAT
 3) Linux Ext2
 4) Linux Ext3
 5) Linux Ext4
Select [2]: 4

Enter password: 
Re-enter password: 

Enter keyfile path [none]: 

Please type at least 320 randomly chosen characters and then press Enter:


Done: 100.000%  Speed:  8.9 MB/s  Left: 0 s               

The TrueCrypt volume has been successfully created.

Create a TrueCrypt Volume Using a Single Command

truecrypt --volume-type=normal --filesystem=ext3 --size=4500000000 --encryption=AES 
--hash=RIPEMD-160 --keyfiles="" --create /mnt/wedosdisk/backup.tc

TrueCrypt Mount Point (Virtual Disk)

Create a new directory to mount the TrueCrypt file container into:

mkdir /mnt/backup

And mount it:

truecrypt /mnt/wedosdisk/backup.tc /mnt/backup --filesystem=none

Check the details of the currently mounted TrueCrypt container(s), use the following command:

truecrypt -l -v

The result will look like:

Slot: 1
Volume: /mnt/wedosdisk/backup.tc
Virtual Device: /dev/mapper/truecrypt1
Mount Directory: /mnt/backup
Size: 4.2 GB
Type: Normal
Read-Only: No
Hidden Volume Protected: No
Encryption Algorithm: AES
Primary Key Size: 256 bits
Secondary Key Size (XTS Mode): 256 bits
Block Size: 128 bits
Mode of Operation: XTS
PKCS-5 PRF: HMAC-RIPEMD-160
Volume Format Version: 2
Embedded Backup Header: Yes

Based on the Virtual Device: dev-point, we will create the specific filesystem (Option 4 = EXT3) in the container using:

mkfs.ext3 /dev/mapper/truecrypt1

Once done (takes a while according to the specified container size), deattach the volume container

truecrypt -d /mnt/wedosdisk/backup.tc

And reconnect again using the EXT3 filesystem specification:

truecrypt /mnt/wedosdisk/backup.tc /mnt/backup --filesystem=ext3

Once the TrueCrypt partition is unmounted, the encrypted container backup.tc remains securely saved:

truecrypt -d /mnt/wedosdisk/backup.tc

Sources:
TrueCrypt on Gentoo
WEDOS Disk

Advertisements
This entry was posted in Linux, Security, Server and tagged , , , , , , . Bookmark the permalink.