WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: truecrypt  (Read 11166 times)

Offline Hickory

  • Newbie
  • *
  • Posts: 5
truecrypt
« on: November 01, 2010, 09:49:57 AM »
I have successfully installed TC 3.2 on a second hard drive, however i cannot create a truecrypt volume.
First, it misrepresents the space that is available, second after it has gone through the process of encryption,
it fails, saying "failed to set up loop device".
Can anyone help?

Offline danielibarnes

  • Hero Member
  • *****
  • Posts: 548
Re: truecrypt
« Reply #1 on: November 01, 2010, 04:24:38 PM »
Following a clue I found here does CONFIG_CRYPTO_XTS need to be compiled into the kernel? I noticed it isn't in the 3.x kernel. Can it be a module? I could do some testing if I had time, but maybe someone can recompile the kernel with XTS and try it.

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 10957
Re: truecrypt
« Reply #2 on: November 02, 2010, 06:31:53 AM »
Yes, it can be a module.
The only barriers that can stop you are the ones you create yourself.

Offline Hickory

  • Newbie
  • *
  • Posts: 5
Re: truecrypt
« Reply #3 on: November 02, 2010, 09:30:48 AM »
Thank you for your responses, I have never compiled a kernel, is a module an easier way, how is it done?

Offline gutmensch

  • Administrator
  • Hero Member
  • *****
  • Posts: 605
  • I can make it disappear, have no fear!
    • remembrance blog
Re: truecrypt
« Reply #4 on: November 02, 2010, 03:02:54 PM »
Basically these steps are sufficient to compile your "special" kernel modules:

1. Start TC, download and install compiletc extension
2. Download kernel sources from http://distro.ibiblio.org/pub/linux/distributions/tinycorelinux/3.x/release/src/kernel/, easy way: Use linux-2.6.33.3-patched.tbz2, unpack. Download config-2.6.33.3-tinycore as well and edit to your needs, for example change the line
Code: [Select]
# CONFIG_CRYPTO_XTS is not setto
Code: [Select]
CONFIG_CRYPTO_XTS=m(m stands for module, y stands for kernel included, n for "not using")
3. Copy the edited config file to the unpacked kernel folder (with the new name ".config")
4. Run inside kernel folder
Code: [Select]
# make oldconfig5. Run inside kernel folder
Code: [Select]
# make modules6. Use the generated modules (e.g. xts.ko), usually compress it to save space "gzip xts.ko", copy xts.ko.gz to /usr/local/lib/modules/2.6.33.3/kernel/crypto/
7. Load module with modprobe xts or let it be done by truecrypt

...or you can just wait for crypto-xts-2.6.33.3-tinycore.tcz to be appearing in appbrowser, since I just sent it in for submission ;-) You will need this extension to run truecrypt (if it's the only missing "link").
If I seem unduly clear to you, you must have misunderstood what I said. (Alan Greenspan)

Offline Hickory

  • Newbie
  • *
  • Posts: 5
Re: truecrypt
« Reply #5 on: November 04, 2010, 09:25:09 AM »
Thank you, Gutmensch, this is exactly what I needed.
I also see that crypto_xts is included in TC3.3 rc2 which I just tried today.

Offline Onyarian

  • Sr. Member
  • ****
  • Posts: 337
Re: truecrypt
« Reply #6 on: November 13, 2010, 11:21:46 AM »
Is solved the problem?

For me not. I have proved either in tc3.2 and tc3.3rc2

First I load the crypto-xts-2.6.33.3-tinycore.tcz
then "sudo modprobe xts"
I see the two modules loaded (gf128mul and xts)

then load truecrypt
I can make the encrypted volume, no problem
but when I want to mount it it says "Failed to setup a loop device"

Thinking about a lot of loop devices monted in my tc and that I can see in truecrypt only 64 possibilities, I have proved it in a base norestore with only loaded the crypto-xts and truecrypt and dependences, this are 15 loops devices.
I make all the above and select to mount the position 16 but with the same results.

I have do it with "sudo truecrypt" too, with the same problem

What I'm making wrong?
« Last Edit: November 13, 2010, 11:29:30 AM by Onyarian »

Offline Hickory

  • Newbie
  • *
  • Posts: 5
Re: truecrypt
« Reply #7 on: November 16, 2010, 09:21:14 AM »
No, Onyarian, I get the same error.

Offline Onyarian

  • Sr. Member
  • ****
  • Posts: 337
Re: truecrypt
« Reply #8 on: November 16, 2010, 11:16:05 AM »
I'm making more proves:

I have created in /etc/group the "truecrypt:x:1000:tc"
and in /etc/sudoers: "%truecrypt ALL=(root) NOPASSWD:/usr/bin/truecrypt"
that I have googled
(this two files in .filetool.lst)

I loaded crypto-xts-2.6.33.3-tinycore.tcz and cryptsetup.tcz

then
sudo modpobe dm-mirror, dm-snapshot, dm-crypt and xts

Quote
root@box:/home/tc# lsmod
Module                  Size  Used by    Not tainted
xts                     1340  0
gf128mul                4284  1 xts
dm_crypt                7468  0
dm_snapshot            18364  0
dm_mirror               8620  0
dm_region_hash          4192  1 dm_mirror
dm_log                  5228  2 dm_mirror,dm_region_hash
dm_mod                 35392  4 dm_crypt,dm_snapshot,dm_mirror,dm_log
vboxnetflt              9260  0
vboxnetadp              4048  0
vboxdrv               109008  2 vboxnetflt,vboxnetadp
ipt_REJECT              1284  1
xt_state                 636  1
ipt_LOG                 3364  0
nf_conntrack_ftp        3672  0
iptable_nat             2008  0
nf_nat                  8388  1 iptable_nat
nf_conntrack_ipv4       5688  4 iptable_nat,nf_nat
nf_conntrack           27752  5 xt_state,nf_conntrack_ftp,iptable_nat,nf_nat,nf_conntrack_ipv4
nf_defrag_ipv4           504  1 nf_conntrack_ipv4
vfat                    5596  1
fat                    30220  1 vfat
oss_usb                90348  0
oss_hdaudio           135956  0
osscore               542900  2 oss_usb,oss_hdaudio
i915                  165436  2
drm_kms_helper         15480  1 i915
ath5k                  96224  0
drm                    93504  3 i915,drm_kms_helper
mac80211               87580  1 ath5k
ath                     5584  1 ath5k
intel_agp              16252  1
i2c_i801                5748  0
i2c_algo_bit            2984  1 i915
cfg80211               73276  3 ath5k,mac80211,ath
i2c_core                9380  5 i915,drm_kms_helper,drm,i2c_i801,i2c_algo_bit
agpgart                15792  2 drm,intel_agp
yenta_socket           13432  0
rsrc_nonstatic          5780  1 yenta_socket
pcmcia_core            17332  2 yenta_socket,rsrc_nonstatic
squashfs               14728 138
ramzswap               10240  1
loop                    8068 276
scsi_wait_scan           276  0
mmc_block               5492  4
video                  12712  1 i915
backlight               1632  1 video
battery                 6028  0
output                   724  1 video
ac                      1696  0
wmi                     3656  0
sdhci_pci               4144  0
sdhci                  10392  1 sdhci_pci
serio_raw               2380  0
r8169                  22516  0
mmc_core               27968  2 mmc_block,sdhci

then loaded truecrypt.tcz

If I choose "Create an encrypted file container" It creates one but when I try to mount it I have another time the error
"Failed to set up a loop device: /home/tc/mycontainer"

BUT If I choose "Create a volume within a partition/drive" in an entire USB stick, it creates ok, and when I mount it there is NO problem to work with it, coping files to it and finally dismount, and mount another time (the USB stick is mounted in /mnt/truecrypt1)

I have proved with users tc and root with the same results.

So, the question is,
why I can't mount a file container but a volume drive yes?

Offline gutmensch

  • Administrator
  • Hero Member
  • *****
  • Posts: 605
  • I can make it disappear, have no fear!
    • remembrance blog
Re: truecrypt
« Reply #9 on: November 16, 2010, 11:28:07 AM »
could be some trouble with losetup... you can try the util-linux-ng.tcz extension which contains another losetup and not the one from busybox.

cryptsetup shouldn't be necessary, it's for the linux unified key setup (not related to truecrypt IIRC).
If I seem unduly clear to you, you must have misunderstood what I said. (Alan Greenspan)

Offline danielibarnes

  • Hero Member
  • *****
  • Posts: 548
Re: truecrypt
« Reply #10 on: November 16, 2010, 01:18:58 PM »
I succeeded in getting truecrypt to work.

There are several problems I found:
1) lvm2 is not listed as a dependency. Truecrypt requires dmsetup.
2) util-linux-ng is not listed as a dependency. The busybox mount is insufficient.
3) crypto-xts-2.6.33.3-tinycore is not listed as a dependency, which is understandable.
4) Truecrypt uses the busybox mount even if util-linux-ng is loaded.
5) The loop.max_loop parameter must be set to a value.

To solve this:
1) Load lvm2.
2) Load util-linux-ng.
3) Load crypto-xts-2.6.33.3-tinycore.
4) softlink the util-linux-ng mount binary into /usr/sbin.
5) Boot with the "loop.max_loop=256" boot parameter.

I hope that someone can provide an explanation and/or independent confirmation. I don't know how to fix 5, but 1-4 can be fixed in the extension by adding extensions to the .dep list then creating the mount softlink in the /usr/local/tce.installed/truecrypt script.

I confirmed the following will work:

# ln -s /tmp/tcloop/util-linux-ng/usr/local/bin/mount /usr/sbin/mount
# dd if=/dev/urandom of=/tmp/random bs=1024 count=1
# truecrypt --create --volume-type=normal --size=$((8*1024*1024)) \
--encryption=aes --random-source=/tmp/random --hash=whirlpool \
--filesystem=fat --password=test --keyfiles= /tmp/stuff.tc
# mkdir -p /tmp/stuff
# truecrypt --password=test --keyfiles= --non-interactive /tmp/stuff.tc /tmp/stuff

An 8MB FAT filesystem is now present at /tmp/stuff. I hope this helps. Use "truecrypt -d" to unmount.

NOTES:
  • If loop.max_loop is not set, the message is "Error: failed to set up a loop device: /tmp/stuff.tc"
  • truecrypt uses the busybox losetup, but that is sufficient. I did not get different results with the util-linux-ng losetup.
  • truecrypt looks for mount in the following directories in order: /usr/sbin, /sbin, /usr/bin, /bin. Thus, it finds and uses the busybox mount binary. This results in the message: "Error: mount: mounting /dev/mapper/truecrypt1 on /tmp/stuff failed: Invalid argument"
  • The truecrypt.tcz.list file has "truecrypt.tcz" in it. This is an error.
« Last Edit: November 16, 2010, 01:24:58 PM by danielibarnes »

Offline Onyarian

  • Sr. Member
  • ****
  • Posts: 337
Re: truecrypt
« Reply #11 on: November 16, 2010, 03:43:22 PM »
Solved!

THANKS Danielibarnes

The kit of the question was the boot parameter loop.max_loop=256
only with this change it works.
With and without the symlink of mount from util-linux-ng works too

So I have changed in grub.conf

   kernel /boot/tc/bzImage quiet lang=es_ES@euro tce=sda1 home=sda1 restore=sda1/tce waitusb=5 laptop max_loop=256

with

   kernel /boot/tc/bzImage quiet lang=es_ES@euro tce=sda1 home=sda1 restore=sda1/tce waitusb=5 laptop loop.max_loop=256

and finally works!

Offline Hickory

  • Newbie
  • *
  • Posts: 5
Re: truecrypt
« Reply #12 on: November 23, 2010, 10:00:07 AM »
Success!  Thank you, everyone for your help.

Offline mike434

  • Newbie
  • *
  • Posts: 1
Re: truecrypt
« Reply #13 on: September 16, 2019, 09:46:01 PM »
Run this script and everything works:

Code: [Select]
#!/bin/bash

for i in {8..255}; do
  if [ -e /dev/loop$i ]; then
     echo not creating loop $i
     continue;
  fi;
  mknod -m 0660 /dev/loop$i b 7 $i
done