VeraCrypt for Linux.

VeraCrypt for Linux is an open source tool used for on-the-fly encryption (OTFE). It can create a virtual encrypted disc in a file or encrypt a partition or entire storage device with authentication before the operating system starts.

VeraCrypt is based on the old TrueCrypt project and manages both the TrueCrypt format and the VeraCrypt format.

The program was originally released on June 22, 2013, and has released its latest release (version 1.21) on July 9, 2017, with several security enhancements and fixes of things as listed under the TrueCrypt Code revision.

VeraCrypt has optimized implementations of cryptographic hash features and cifers that increase performance on modern processors.

Note: Because TrueCrypts license is very unclear, legally speaking, the creators behind VeraCrypt may be sued for copyright infringement if the original creators of TrueCrypt suddenly decide to do so.

TrueCrypt appears to reserve the right to sue all licensees for copyright infringement, whether or not they comply with the terms of the license. Based on this in addition to being non-free software under this license, this software may not be considered safe to use.

The license seems to be well thought out and full of legal traps, which means that the license appears to be a non-free software, even though the source code is included.

Begin by downloading the software here.

Latest version: 1.25.9 - 2022

VeraCrypt for Linux is an open source tool used for on-the-fly encryption (OTFE).

How to install VeraCrypt via a Terminal window:

Install the .deb-file

cd Downloads

Press Enter,

sudo dpkg -i veracrypt-1.25.9-Debian-11-amd64.deb

Press Enter.

IMPORTANT INFORMATION:

You must create a STRONG password, not containing anything that can be connected to you personally ! 50 chars or longer, mixed Upper, lower letters, numbers and symbols. Mix different languages into it.

Remember information in most computers’ RAMs will persist from several seconds to a minute even at room temperature and by using a cheap “canned air” spray duster, can be used to produce temperatures cold enough to make RAM contents last for a long time even when the memory chips are physically removed from the computer.

VeraCrypt cannot and does not ensure that RAM contains no sensitive data (e.g. passwords, master keys, or decrypted data). Therefore, after each session in which you work with a VeraCrypt volume or in which an encrypted operating system is running, you must shut down (or, if the hibernation file is encrypted, hibernate) the computer and then leave it powered off for at least several minutes (the longer, the better) before turning it on again. This is required to clear the RAM.

Elcomsoft Forensic Disk Decryptor together with Elcomsoft Distributed Password Recovery can attack plain-text passwords protecting the encrypted containers with a range of advanced attacks including dictionary, mask and permutation attacks in addition to brute-force.

Elcomsoft Forensic Disk Decryptor needs the original encryption keys in order to access protected information stored in crypto containers. The encryption keys can be extracted from hibernation files or memory dump files acquired while the encrypted volume was mounted. There are three ways available to acquire the original encryption keys:

• By analyzing the hibernation file (if the PC being analyzed is turned off);
• By analyzing a memory dump file. A memory dump of a running PC can be acquired with the built-in memory imaging tool.
• By performing a FireWire attack (PC being analyzed must be running with encrypted volumes mounted). A free tool launched on investigator’s PC is required to perform the FireWire attack (e.g. Inception).
• By capturing a memory dump with built-in RAM imaging tool.

If you leave your computer which by the way should be "Full Disk Encrypted with LUKS", always shut it off and if you are using a notebook, remove the battery. Use external USB 3.0 KITS for HD and SSD, so you can rip em out fast and put them in a microwave if needed. Depends on how sensitive your data is.

Save sensitive data directly to encrypted external devices !

► Developers website