Truecrypt Volume mo...
 
Notifications
Clear all

Truecrypt Volume mounting issue

16 Posts
8 Users
0 Reactions
2,016 Views
iruiper
(@iruiper)
Estimable Member
Joined: 19 years ago
Posts: 145
Topic starter  

Hi everybody,

Lately, our clients are more and more interested in us taking out our Forensic Images out of their facitilies in encrypted volumes. The tool we are currently using for creating the volumes is TrueCrypt, and although it has been very "friendly" to us when in a Windows Environment, the same tool is not treating us the same way under a Linux Environment.

The problem arises when trying to make an acquisition with Helix directly into a TrueCrypt Volume. The volume I am trying to mount was created with the Windows GUI, but I believe they are fully compatible, aren't they?

The command I use, and the responses from Helix are the following

[root (knoppix)]# truecrypt -i
Enter Volume Path /media/sda/Volumen
Enter mount directory [none] /mnt/TrueVol
Protect hidden volume? [y/N] N
Enter keyfile path [none]
Enter password for '/media/sda/Volumen'

device-mapper reload ioctl failed Invalid argument
Command failed

The file 'Volumen' is the volume I created under Windows, the volume '/media/sda/' has been mounted with rw permission, and the directory '/mnt/TrueVol/' has been created by me so as to contain the mounted volume inside the TrueCrypt file. Any suggestions?

Thanks!


   
Quote
 ddow
(@ddow)
Reputable Member
Joined: 21 years ago
Posts: 278
 

Never used TrueCrypt so I'm just thinking out loud. Was the TrueCrypt volume on the external media created with Windows? If so, try just formatting the media FAT32 with Windows and then creating the TrueCrypt volume using Linux.


   
ReplyQuote
azrael
(@azrael)
Honorable Member
Joined: 19 years ago
Posts: 656
 

Well, at least you should be able to …

Q Will I be able to mount my TrueCrypt partition/container on any computer?

A TrueCrypt volumes are independent of the operating system. You will be able to mount your TrueCrypt volume on any computer on which you can run TrueCrypt

Any chance of a look at /var/log/messages ? I don't know if Helix creates it, I know that some of the Knoppix derivatives that boot from CD don't create any logs … ( Nowhere to write the things I guess … ) But it might have a clue - look at the Device Mapper error lines if they exist …


   
ReplyQuote
(@gmarshall139)
Reputable Member
Joined: 21 years ago
Posts: 378
 

I may just be confused by your use of "sda" here. Is this your volume label or the device indicator? Truecrypt will not recognize the device indicator (sda, hda, etc.) you have to enter the volume label.

For example, if your volume label is "fred" and the container is named "wilma" you would enter (for volume path)

/media/fred/wilma

It will mount truecrypt volumes created in Windows just fine.


   
ReplyQuote
iruiper
(@iruiper)
Estimable Member
Joined: 19 years ago
Posts: 145
Topic starter  

Thank you guys, but I haven't been able to solve this

- There are not any logs about the device-mapper in /var/log/messages, or in any other file in /var/log.

- Relating to the naming of the volume… I don't quite understand what you mean gmarshall139, since under Linux you have to name the volumes after what you have decided when mounting the volume. I wouldn't be able to use the Windows volume label even I wanted, unless I manually mounted the volume with that name. I have also tried it (mounting the physical device /dev/sda into /mnt/[Windows Volume Name]), and didn't work.

To sum it up… it does't work ) If nobody has found this trouble before, I'm afraid I will have to wait for the next release of Helix and cross my fingers for the bug to have been solved!

Thank you all!


   
ReplyQuote
azrael
(@azrael)
Honorable Member
Joined: 19 years ago
Posts: 656
 

Actually, I had a thought after reading gmarshal139's post …

Maybe try using sda1 in place of sda … sda is a whole disk, rather than a partition … sda1 would be what you'd normally look at as a partition.


   
ReplyQuote
datacarver
(@datacarver)
Estimable Member
Joined: 18 years ago
Posts: 121
 

Actually, I had a thought after reading gmarshal139's post …

Maybe try using sda1 in place of sda … sda is a whole disk, rather than a partition … sda1 would be what you'd normally look at as a partition.

I agree with Azrael. You can't truecrypt a device, you can only encrypt a partition on the device.

PM me. I have directions for creating/mounting a truecrypt image on the linux side. I also have directions for the windows side if you are interested.


   
ReplyQuote
(@gmarshall139)
Reputable Member
Joined: 21 years ago
Posts: 378
 

Are you encrypting the entire partition or a container file within the partition. I do the latter and yes Linux (SUSE 10.3) mounts it under the volume name.


   
ReplyQuote
(@kovar)
Prominent Member
Joined: 18 years ago
Posts: 805
 

Greetings,

Could you post the instructions for handling TrueCrypt on SUSE correctly? I think this may be of wide interest.

-David


   
ReplyQuote
datacarver
(@datacarver)
Estimable Member
Joined: 18 years ago
Posts: 121
 

Greetings,

Could you post the instructions for handling TrueCrypt on SUSE correctly? I think this may be of wide interest.

-David

I'd be happy too, but I have no where to host it. If someone else has a spot where they can host it for others to download, PM and I will send for them to post.

Is there a way to upload a file to this forum without linking it to an external website?


   
ReplyQuote
Page 1 / 2
Share: