Encrypting a Removable Drive with TrueCrypt (Windows and Linux)

Original date: June 10, 2009 9:32 PM by sonnik

Previously, I described the abilities of TrueCrypt for personal file encryption. Today, I thought I'd illustrate (video) how easy it is to encrypt your portable personal USB hard drive or USB flash disk, to prevent loss of personal information should these devices fall into the wrong hands.

If you're using Windows and you haven't installed it already, you'll want to head off to TrueCrypt's web site to download and install the application. For Linux, you may be able to easily install TrueCrypt using your package/update manager. (I know it is easily downloadable using both Fedora and Ubuntu).

In the video below, I illustrate two methods.

The first is creating a "file container" which can act as a mounted drive. Any files placed into this container (copied to the mounted drive) are encrypted, and not accessible without first mounting these using TrueCrypt which runs in the background. If this passphrase is not known, this data can not be accessed. Note that there's no requirement that states this container must be located on a removable drive. In fact, there are plenty of reasons you may want to place a "file container" on your hard drive. For the purposes of this example, I'm illustrating the value of using it on a removable drive.

As an alternative spin on this first method, TrueCrypt can actually create "Traveler" files - which copies core TrueCrypt Executable to the applications (as well as an "autorun" configuration) which means TrueCrypt can travel with you. With this option, you won't need to worry if TrueCrypt is installed on the second computer. Note however, these executable files are not operating system independent. The drawback on this option is that you'll need to "predict" how large of a file container you need, as TrueCrypt may not be able to dynamically size this container.

The second method is encrypting the entire device itself. This means TrueCrypt will need to be installed on any machine that will connect to the removable drive. The appeal here is not having to worry about any container size.

TrueCrypt is capable of encrypting (in place) any content that already exists on the removable drive (partition). If you're a cautious type, please make a backup before the encryption starts. Truecrypt will even ask you if you'd like the unencrypted content wiped off of the hard drive during the encryption process. Note, as a whole, encrypting data on an existing drive can take a sizable amount of time. A few megabytes will take a few minutes; a few gigabytes will take several hours.

As mentioned in the video, TrueCrypt is capable of other possibilities. Be sure to read all of the documentation at the TrueCrypt web site, or navigate through the various wizard options to find a solution that may work better for you.

UPDATE: In the video, I probably wasn't paying attention in my video grabs. Now that I'm playing around with Fedora 11, I've noticed that TrueCrypt may not be available by way of yum. You may want to download the tar.gz file and compile instead. If you Google for other options, you may find a RPM compiled for Fedora, or instructions for using the Ubuntu package on Fedora.

Leave a comment