On-the-fly Encryption with TrueCrypt --快速加密
2008-11-13 19:42
260 查看
使用这个工具最大的缺点也是优点的就是必须安装该软件 TrueCrypt,如果再有一个绿色的只用来挂载加密过的
文件就好了,现在基本上在一台电脑上实现加密不被别人看到没有问题,当移动该加密的文件时必须还是非加密的或者
对方机器也安装了该软件,否则就没办法使用;如果用的是虚拟磁盘模式的加密,被加密的虚拟磁盘对应的文件可以在
非挂载模式下被删除。
试用了下,感觉还可以。
Got security? TrueCrypt allows you to create and use encrypted volumes and reduce the risk to your sensitive data.
Jeremy Garcia
Monday, November 10th, 2008
Let’s face it — these days it’s
almost a certainty that some information on your computer is not for
public consumption. Be it your accounting data on a personal machine or
valuable trade secrets on a corporate machine, for better or worse,
computers are part of our daily lives. In many cases, the theft of that
data could have serious repercussions. The situation is exacerbated by
the fact that a greater and greater percentage of computers sold are
laptops. Losing a laptop now has the potential to make national news
and could even result in a costly lawsuit.
With this information in mind, it makes more and more sense to
utilize some level of disk encryption on your machine. TrueCrypt is a
software system for establishing and maintaining an
on-the-fly-encrypted volume. On-the-fly encryption means that data is
automatically encrypted or decrypted right before it is loaded or
saved,withouany user intervention. No data stored on an encrypted
volume can be read without using the correct password/keyfile(s) or
correct encryption keys. All encryption is automatic, real-time and
transparent. Available from here, TrueCrypt is available under the TrueCrypt Collective License and works with Linux, OS X and Windows. It can use AES, Serpent and Twofish as encryption algorithms and supports RIPEMD-160, SHA-512 and Whirlpool hashing. When used in “traveler” mode, it does not even have to be installed on the machine on which it is run.
The TrueCrypt download section contains binary packages for some
popular Linux distributions. If your distribution does not have a
package available, you’ll need to install from source. Further
instructions for source installation can be found in the included Readme.txt. Note that to use TrueCrypt you’ll need to have the FUSE library available.
Once installed, the truecrypt binary supports both a graphical and
text user interface. It will run in graphical mode by default and
automatically fall back to text mode if needed. You can use the
flag to force text mode. TrueCrypt can either encrypt entire storage
devices/partitions or create virtual file hosted volumes. You should be
aware that if you encrypt a partition or device, all data will be lost.
To create a new volume from the GUI, select
The first step of the wizard will ask if the volume should be
standard or hidden. A hidden volume is basically a volume within
another volume, and is one of the two ways TrueCrypt provides you with
plausible deniability (the other is that it is impossible to identify a
TrueCrypt volume). The next step is to select a file or device. In this
example we’ll create a virtual file-based volume. Keep in mind the file
can have any extension and location, so is extremely easy to conceal.
Next, you’ll need to pick a volume size. For this test we’ll create a
10M volume. You’ll now need to choose the encryption algorithm and hash
algorithm. The defaults are acceptable is most cases. Finally, you need
to create a volume password using the guidelines given by the wizard.
The volume will then be created and formatted. Now that the volume is
created, you can mount it via the mount button.
A volume can also easily be created and mounted in text mode.
Figure One: TrueCrypt Screenshot
To create a volume:
To mount a volume:
Both the GUI and text mode support additional functionality such as
using keyfiles and passing specific mount options to the OS. For a full
list of options, run
TrueCrypt to backup critical information, it’s important to backup both
the volume and volume headers. The online documentation walks you
through how to do this properly. Before using TrueCrypt I also
recommend you read the online FAQ, which contains a lot of useful
information.
A little bit of time spent implementing TrueCrypt to encrypt your
sensitive data on the fly could save you a huge amount of time and
money in the long run. Don’t leave your data at risk.
Jeremy Garcia
is the founder and administrator of LinuxQuestions.org, a free,
friendly, and active Linux community that filters its email with
SpamAssassin.
Please send questions and feedback to
jeremy@linuxquestions.org.
http://www.linux-mag.com/id/7177
文件就好了,现在基本上在一台电脑上实现加密不被别人看到没有问题,当移动该加密的文件时必须还是非加密的或者
对方机器也安装了该软件,否则就没办法使用;如果用的是虚拟磁盘模式的加密,被加密的虚拟磁盘对应的文件可以在
非挂载模式下被删除。
试用了下,感觉还可以。
Got security? TrueCrypt allows you to create and use encrypted volumes and reduce the risk to your sensitive data.
Jeremy Garcia
Monday, November 10th, 2008
almost a certainty that some information on your computer is not for
public consumption. Be it your accounting data on a personal machine or
valuable trade secrets on a corporate machine, for better or worse,
computers are part of our daily lives. In many cases, the theft of that
data could have serious repercussions. The situation is exacerbated by
the fact that a greater and greater percentage of computers sold are
laptops. Losing a laptop now has the potential to make national news
and could even result in a costly lawsuit.
With this information in mind, it makes more and more sense to
utilize some level of disk encryption on your machine. TrueCrypt is a
software system for establishing and maintaining an
on-the-fly-encrypted volume. On-the-fly encryption means that data is
automatically encrypted or decrypted right before it is loaded or
saved,withouany user intervention. No data stored on an encrypted
volume can be read without using the correct password/keyfile(s) or
correct encryption keys. All encryption is automatic, real-time and
transparent. Available from here, TrueCrypt is available under the TrueCrypt Collective License and works with Linux, OS X and Windows. It can use AES, Serpent and Twofish as encryption algorithms and supports RIPEMD-160, SHA-512 and Whirlpool hashing. When used in “traveler” mode, it does not even have to be installed on the machine on which it is run.
The TrueCrypt download section contains binary packages for some
popular Linux distributions. If your distribution does not have a
package available, you’ll need to install from source. Further
instructions for source installation can be found in the included Readme.txt. Note that to use TrueCrypt you’ll need to have the FUSE library available.
Once installed, the truecrypt binary supports both a graphical and
text user interface. It will run in graphical mode by default and
automatically fall back to text mode if needed. You can use the
-t
flag to force text mode. TrueCrypt can either encrypt entire storage
devices/partitions or create virtual file hosted volumes. You should be
aware that if you encrypt a partition or device, all data will be lost.
To create a new volume from the GUI, select
Tools->Volume Creation Wizard.
The first step of the wizard will ask if the volume should be
standard or hidden. A hidden volume is basically a volume within
another volume, and is one of the two ways TrueCrypt provides you with
plausible deniability (the other is that it is impossible to identify a
TrueCrypt volume). The next step is to select a file or device. In this
example we’ll create a virtual file-based volume. Keep in mind the file
can have any extension and location, so is extremely easy to conceal.
Next, you’ll need to pick a volume size. For this test we’ll create a
10M volume. You’ll now need to choose the encryption algorithm and hash
algorithm. The defaults are acceptable is most cases. Finally, you need
to create a volume password using the guidelines given by the wizard.
The volume will then be created and formatted. Now that the volume is
created, you can mount it via the mount button.
A volume can also easily be created and mounted in text mode.
Figure One: TrueCrypt Screenshot
To create a volume:
truecrypt -t -c
To mount a volume:
truecrypt /truecrypt/linuxmag.tc /media/truecrypt1
Both the GUI and text mode support additional functionality such as
using keyfiles and passing specific mount options to the OS. For a full
list of options, run
truecrypt -h. Note that when using
TrueCrypt to backup critical information, it’s important to backup both
the volume and volume headers. The online documentation walks you
through how to do this properly. Before using TrueCrypt I also
recommend you read the online FAQ, which contains a lot of useful
information.
A little bit of time spent implementing TrueCrypt to encrypt your
sensitive data on the fly could save you a huge amount of time and
money in the long run. Don’t leave your data at risk.
Jeremy Garcia
is the founder and administrator of LinuxQuestions.org, a free,
friendly, and active Linux community that filters its email with
SpamAssassin.
Please send questions and feedback to
jeremy@linuxquestions.org.
http://www.linux-mag.com/id/7177
相关文章推荐
- Mixing two digital audio streams with on the fly Loudness Normalization by Logarithmic Dynamic Range
- Android3.0 上的磁盘加密 Notes on the implementation of encryption in Android 3.0
- Rewrite MSIL Code on the Fly with the .NET Framework Profiling API
- Create Snazzy Web Charts and Graphics On the Fly with the .NET Framework
- 【转】Custom Menu Items Created on the fly With Excel VBA
- How to Create Text Image on the fly with ASP.NET
- PDF on fly with PDFcreator
- Windows cannot find the local profile and is logging you on with a temporary profile
- [Graphics] UIColor created with component values far outside the expected range, Set a breakpoint on UIColorBreakForOutOfRangeColorComponents to debug. This message will only be logged once.
- 错误:A field or property with the name 'XXX' was not found on the selected data source 解决
- on the fly 到底几个意思
- Teaching the Next Generation of Statistics Students to “Think With Data”: Special Issue on Statistic
- C++ AMP: .Massive Data Parallelism on the GPU with Microsoft's C++ AMP (Accelerated Massive Parallel
- 《转》加密入门(三):TrueCrypt使用
- GSM cell phone calls use outdated encryption that can now be cracked with rainbow tables on a PC
- There was a problem with the editor 'vi' for Git on Mac OS X
- 鲁迅有本事硬译ON-THE-FLY吗?(像狂风一样舞蹈,挣脱怀抱--汪峰意译)
- error C4996: Function call with parameters that may be unsafe - this call relies on the caller to check that the passed values are correct
- A quick guide to VoIP on-the-cheap with Asterisk