The other day I though I had lost my USB drive, a janky Kingston 1GB stick with no keychain holder that is temporarily replacing my burned out JumpDrive Sport. Deep sets of panic waves overtook me for most of the morning as I wracked my brain and retraced my steps trying to remember where I could have left it or dropped it. The reason that I was panicking was that I carry some quasi-sensitive data on there like the household budget and short stories I’m working on. No bank numbers or SSNs, just stuff that I don’t want people seeing.
Well, I did end up finding the drive wedged in the back seat of Management’s car but I learned an important lesson: if you are going to carry important data with you back it up and encrypt it. I already have the backup part down and have been doing it ever since my first USB drive crapped out on me and I lost piles of data but encryption was something I never got around to until now. The challenge is that I use Ubuntu at home (100% Windows free as of 60 days ago!) and by day I play at being a Windows sysadmin so I need a solution that works cross platform.
My first visit was to the TrueCrypt folks and while they make a fine product that for all intents and purposes worked well on my work box but completely borked the drive for my laptop. So I decided to approach the task from the Linux side looking for native solutions that had counterparts in the Windows world and LUKS plus FreeOTFE did the trick with a minimum of fuss.
On the Ubuntu side:
- Grab cryptsetup and cryptmount: sudo apt-get install cryptsetup cryptmount
- Wipe the disk or make some partitions: sudo cfdisk /dev/sdb [NOTE: check your drive's actual path with dmesg as you don't want to be wiping something like your primary drive]
- Create an encrypted partition: sudo luksformat /dev/sdb [NOTE: pick a passphrase that you can remember because if you forget it kiss your data goodbye]
Now, because I’m plain lazy I rebooted to get the modules running that are related to reading the new encrypted volume but after that when I popped my drive in it asked for my passphrase and then mounted it for me to work on it to my heart’s delight.
On the Windows side:
- Plug in the USB drive and go to Computer Management >> Disk Management, find the drive, and remove the assigned drive letter, FreeOTFE will assign a free letter to the drive when it mounts it
- Get a copy of FreeOTFE
- Unzip it into a directory and start it in Portable Mode
- File >> Linux Volume >> Mount partition and enter your passphrase
- Enjoy!
Pretty straight forward.
Gratefully cribbed from carthik’s post at Ubuntu Blog and from FreeOTFE’s solid documentation.
Thank you for mentioning me in the Credits.
Anytime! It was a great post that laid out what I needed to do.
you are my latest GOD
you solved my EXACT problem
Glad my post was helpful!
Hello
On ground i am unable to the stuff…i am experimenting with an old 128 mb thumb-drive
I am the same guy who accepted u as god
step 1 of cfdisk goes fine but at the end it says something like: re-read of tables failed. reboot to….
so i reboot.
now the following happens
can u tell me where am i going wrong?
esbee@esbee-laptop:~$ sudo luksformat /dev/sdb
Error: device mounted: /dev/sdb
esbee@esbee-laptop:~$ sudo luksformat /dev/sdb2
Creating encrypted device on /dev/sdb2…
WARNING!
========
This will overwrite data on /dev/sdb2 irrevocably.
Are you sure? (Type uppercase yes): yes
Command failed.
Could not create LUKS device /dev/sdb2 at /usr/sbin/luksformat line 58, line 20.
esbee@esbee-laptop:~$
esbee@esbee-laptop:~$
cfdisk says this at this moment
cfdisk (util-linux-ng 2.13)
Disk Drive: /dev/sdb
Size: 130023424 bytes, 130 MB
Heads: 32 Sectors per Track: 32 Cylinders: 248
Name Flags Part Type FS Type [Label] Size (MB)
——————————————————————————
sdb1 Boot Primary Linux 9.97
sdb2 Primary Linux 19.93
Pri/Log Free Space 100.14
[Bootable] [ Delete ] [ Help ] [Maximize] [ Print ]
[ Quit ] [ Type ] [ Units ] [ Write ]
Toggle bootable flag of the current partition
Hmmm… For luks to work I had to unmount the drive and I went ahead and used cfdisk to wipe all the partitions. After that everything worked like a charm (1GB Kingston Data Traveler).
Let me know if that does it for you…
Hi
Everything works fine till i have started to use the encrypted vol. I entered the passphrase and it says
“Error org.freedesktop.Hal.Device.Volume.Crypto.SetupError
/dev/sdb is already setup?”
I am newbie… will anyone guide me please.