linux truecrypt 加密工具
每个人都想有真正属于自己的空间(可以是硬盘,硬盘上的一个分区,或者是一个目录,或者是U盘),存以前女友or男友的照片,存一些X片,而不希望别人看到,推荐一个免费好用的加密工具truecrypt。win和linux都可以用。
一,下载truecrypt
http://www.xdowns.com/soft/softdown.asp?softid=85603
下载下来的是truecrypt-7.1a-linux-x86.tar.zip,这里X86,一开始我以为是64位的机器用的,我的机子是32位,装的时候发现是32位的,我晕。
二,解压,安装truecrypt
这里解压分二分,也就是truecrypt-7.1a-linux-x86.tar.zip,是压缩了二次,
unzip truecrypt-7.1a-linux-x86.tar.zip tar zxvf truecrypt-7.1a-Linux-x86.tar.gz
经过这二步解压后会有一个truecrypt-7.1a-setup-x86这个可执行文件,
[root@localhost download]# ./truecrypt-7.1a-setup-x86 TrueCrypt 7.1a Setup ____________________ Installation options: 1) Install truecrypt_7.1a_i386.tar.gz 2) Extract package file truecrypt_7.1a_i386.tar.gz and place it to /tmp To select, enter 1 or 2: 1 //在这里选择1, Before you can use, extract, or install TrueCrypt, you must accept the terms of the TrueCrypt License. 。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。 To uninstall TrueCrypt, please run 'truecrypt-uninstall.sh'. Installing package... //出现以下内容就说明装好了。 usr/bin/truecrypt usr/bin/truecrypt-uninstall.sh usr/share/applications/truecrypt.desktop usr/share/pixmaps/truecrypt.xpm usr/share/truecrypt/doc/License.txt usr/share/truecrypt/doc/TrueCrypt User Guide.pdf
三,创建密码文件和加密分区
[root@localhost zhangy]# truecrypt --create-keyfile /home/zhangy/key.txt Please type at least 320 randomly chosen characters and then press Enter: Characters remaining: 218 Characters remaining: 149 Characters remaining: 60 Characters remaining: 3 Keyfile has been successfully created.
到这儿密码文件创建好了,上面的320是什么意思呢,让你随便输入320个字符。
[root@localhost zhangy]# truecrypt -c /home/zhangy/securt //在这里有一个默认就是type normal Volume type: 1) Normal 2) Hidden Select [1]: 1 Enter volume size (sizeK/size[M]/sizeG): 200M Encryption algorithm: 1) AES 2) Serpent 3) Twofish 4) AES-Twofish 5) AES-Twofish-Serpent 6) Serpent-AES 7) Serpent-Twofish-AES Twofish-Serpent Select [1]: 1 Hash algorithm: 1) RIPEMD-160 2) SHA-512 3) Whirlpool Select [1]: 2 Filesystem: 1) None 2) FAT 3) Linux Ext2 4) Linux Ext3 5) Linux Ext4 Select [2]: 4 Enter password: WARNING: Short passwords are easy to crack using brute force techniques! We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? (y=Yes/n=No) [No]: yes Re-enter password: Enter keyfile path [none]: /home/zhangy/key.txt Enter keyfile path [finish]: (回车) Please type at least 320 randomly chosen characters and then press Enter: Characters remaining: 207 Characters remaining: 98 Characters remaining: 49 Characters remaining: 6 Done: 100.000% Speed: 41 MB/s Left: 0 s The TrueCrypt volume has been successfully created.
到这儿加密分区就根好了,上面的文件/home/zhangy/securt可以换成硬盘分区,或者是U盘,U盘一般都/dev/sdb的。
四,挂载分区
mkdir /mnt/truecrypt //创建挂载目录 [root@localhost zhangy]# truecrypt /home/zhangy/securt Warning: Your system uses an old version of the Linux kernel. Due to a bug in the Linux kernel, your system may stop responding when writing data to a TrueCrypt volume. This problem can be solved by upgrading the kernel to version 2.6.24 or later. Enter mount directory [default]: /mnt/truecrypt Enter password for /home/zhangy/securt: Enter keyfile [none]: /home/zhangy/key.txt Enter keyfile [finish]: Protect hidden volume (if any)? (y=Yes/n=No) [No]: n
到这样就挂载好了,
这样我们就可以到/mnt/truecrypt目录下面写东西,这个东西保存在/home/zhangy/securt这个文件里面。
五,卸载分区
[root@localhost mnt]# umount /mnt/truecrypt/ [root@localhost mnt]# truecrypt -d /home/zhangy/securt
卸载后,如果想在写自己的秘密,就重新挂载,truecrypt /home/zhangy/securt,每次重新挂载都是要输入密码的。