TrueCrypt

TrueCrypt is a powerful yet free Open-Source disk encryption Software. I am quite satisfied with the software that I decided to introduce it here in my blog, may all future releases remain free to use!

With TrueCrypt you can maintain an on-the-fly-encrypted volume (data storage device). On their website they explain ‘On-the-fly encryption’ as an automatic continuing encryption process to data right before it is saved and decrypted right after it is loaded. In simple words, you will end up having an encrypted volume to secure all your sensitive data inside. This volume can be mounted and accesses like any regular folder in your system each time you provide the right password and then dismounted to prevent access.

What I personally think makes this software special is the ease of using encrypted files right from the secured volume to the computer’s RAM. As such, if you have a video file, you will not wait until it is fully decrypted to play it, instead the stream will be decrypted right into the RAM while playing, the performance and speed is quite similar to playing any regular video file you have on your system. Brilliant, isn’t it?

Similarly, files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (drag-and-drop). Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume.

TrueCrypt ‘never saves any decrypted data to a disk – it only stores them temporarily in RAM (memory)’. In addition, it supports ‘hidden volumes’, which means that you may easily hide an encrypted volume inside an another encrypted volume without showing any evidence of its existence to other users of the system. This is a very important feature in case someone forces you to decrypt your sensitive data. (check TrueCrypt documentation for more information about hidden volumes).

To install and use in Linux, download the appropriate package from their website: www.truecrypt.org.

Since windows installation is wizard-based, I will leave that and cover the Linux installation procedure. First, download the Console-only version, in my case the file is called: truecrypt-7.1-linux-console-x86.tar.gz and was downloaded from the internet to: /home/haider/Downloads. Lets move it to the /usr/local/bin directory

mv /home/haider/Downloads/truecrypt-7.1-linux-console-x86.tar.gz /usr/local/bin

Then navigate to where it was moved and extract the file

cd /usr/local/bin
tar xfzv truecrypt-7.1-linux-console-x86.tar.gz

This should produce the bin file to be excuted: truecrypt-7.1-setup-console-x86. Good! lets now delete the archive file since we do not need it any more.

rm truecrypt-7.1-linux-console-x86.tar.gz

Now, change the file’s permissions to 755

chmod 755 truecrypt-7.1-setup-console-x86

Install using the following command and accept the terms of use (select option 1 to install)

./truecrypt-7.1-setup-console-x86

After a successful installation, you may display all the software’s arguments and options with

truecrypt -help

Further, lets create an encrypted volume. To do that use truecrypt -c.

truecrypt -c

Check out the following example from my Linux box:

Volume type:
 1) Normal
 2) Hidden
Select [1]: 1
 
Enter volume path: /root/my-crypt
 
Enter volume size (sizeK/size[M]/sizeG): 500m
 
Encryption algorithm:
 1) AES
 2) Serpent
 3) Twofish
 4) AES-Twofish
 5) AES-Twofish-Serpent
 6) Serpent-AES
 7) Serpent-Twofish-AES
 8) Twofish-Serpent
Select [1]: 1
 
Hash algorithm:
 1) RIPEMD-160
 2) SHA-512
 3) Whirlpool
Select [1]: 2
 
Filesystem:
 1) None
 2) FAT
 3) Linux Ext2
 4) Linux Ext3
 5) Linux Ext4
Select [2]: 5
 
Enter password: 
WARNING: Short passwords are easy to crack using brute force techniques!
 
We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? (y=Yes/n=No) [No]: y
 
Re-enter password: 
 
Enter keyfile path [none]: 
 
Please type at least 320 randomly chosen characters and then press Enter:
Characters remaining: 259
Characters remaining: 190
 
 
Done: 100.000%  Speed:  7.0 MB/s  Left: 0 s          
 
The TrueCrypt volume has been successfully created.

From above, the volume’s path is: /root/my-crypt
Let mount it to a directory called encrypted-volume to start encrypting files.

mkdir /home/haider/encrypted-volume

Now lets mount them.

truecrypt /root/my-crypt /home/haider/encrypted-volume/

This will open a gate to the encrypted volume, as such we must provide the correct password:

Enter password for /root/my-crypt: 
Enter keyfile [none]: 
Protect hidden volume (if any)? (y=Yes/n=No) [No]: n

From this point, to encrypt files just move them to the encrypted-volume directory. Once finished, demount the two to protect your files:

truecrypt -d

In the future, if you require access to your encrypted files, or if you want to encrypt more files in that volume. Mount it again. That’s all!

To start this trial, install OpenSSH server and client to Ubuntu using:
P.S. make sure you login as root when required.

apt-get install openssh-client
apt-get install openssh-server

To install them in CentOS use yum instead of apt-get:

yum install openssh-client
yum install openssh-server

After installation, lets refresh the service. In Ubuntu this is done using:

/etc/init.d/ssh restart

or

service ssh restart

While in CentOS the service is called sshd, so we use:

After installation, lets refresh the service. In Ubuntu this is done using:

/etc/init.d/sshd restart

or

service sshd restart

This should enable you now to connect to each system from the other one remotely. For instance, if the IP of CentOS system is 192.168.1.5 we may access it from Ubuntu using:

ssh 192.168.1.5

or if you want to login with a specific username such as ‘haider’, use:

ssh haider@192.168.1.5

For security reasons, you might wish to change the listening port number of the SSH service (the server, in our case is CentOS). This and other configurations are made inside the /etc/ssh/sshd_config file. However, before doing any changes it is a good practise to take a backup:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original

Now edit the file using your favourite editor (vi, nano etc) and change the port from 22 to 2222 (or any other unused port). Once done restart the service again (the relevant command was mentioned above) to activate the new settings and use the following command to check the status of your new port:

netstat -punat | egrep "2222"

To use the public key authentication, I used the following command to generate a private and a public key with RSA encryption in my Ubuntu

ssh-keygen

The Terminal will prompt you for a name for your keys, just press enter and the name will be id_rsa by default. These, once generated, are automatically stored in the directory you are in. As such I advice you to run it from the /root/.ssh directory to save it there. Running the command will produce two files: id_rsa (this is the private key and should remain safe in your machine) & id_rsa.pub (which is the public key).

To allow ssh access using these keys the content of the public key must be copied to the ~/.ssh/authorized_keys file on the server’s machine (CentOS). Since our ssh worked with password authentication, lets use scp (secure copy) to achieve this:

scp /etc/ssh/id_rsa.pub 192.168.1.5:~/.ssh/

Now, on CentOS copy the content of the public key into the authorized_keys file (you may create this file if it doesn’t exist).

cat id_rsa.pub >> authorized_keys

Then, lets allow public key authentication inside CentOS ssh configuration file. Simply make sure the following lines are not commented-out:

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Restart ssh service again on the server (CentOS).

Thats all! I can now connect to my CentOS system from Ubuntu without being prompt for a password. In fact I may disable password-based authentication.

Connect the cables. Once done, you should first enable Internet Connection Sharing on your Windows machine. To do that, right-click your Internet connection and select “Properties“. Then click the “Advanced” tab. Now simply put a tick on the following option:

“Allow other network users to connect through this computer’s Internet connection”

This should give your Network card the following static IP address: 192.168.0.1. This address will represent the gateway address for the other computers in your LAN to connect to the Internet.

Now, move to your Linux box and use the following command to give it an IP address and a Subnet Mask:

ifconfig eth0 192.168.0.131 netmask 255.255.255.0

The following command is then used to set the default gateway

route add -net default gw 192.168.0.1

Finally, you will need to update your Linux DNS servers file. Get the two DNS servers IPs by typing
“Ipconfig /all” In the command prompt of your Windows machine, and then add them to “/etc/resolv.conf” in your Linux using your favorite editor. For instance, to open the file with nano use the following command:

sudo nano /etc/resolv.conf

That’s all, try to test the connection between the two computers by pinging their IP addresses and then test your DNS configuration with any of the following commands from your Linux box:

host google.com
 
nslookup google.com
 
ping google.com

You first need to download BackTrack’s VMWare Image for the final available release from the following link:

http://www.backtrack-linux.org/downloads/

At the time of writing this post the final release is BackTrack 4 so the download gave me the following zip file:

bt4-final-vm.zip

Now we should do the following:

1. First unzip the file. The result is a folder called: BackTrack4-Final
   

2. Move BackTrack4-Final and its contents to the Virtual Machines folder created for you by VMware when you first installed it. Under Windows 7 it is located at:
   C:\Users\{Your User Name}\Documents\Virtual Machines
   

3. Run VMware Workstation
   

4. From the menu bar, select File –> Open and navigate to the BackTrack4-Final folder. Inside the folder you should find: BackTrack4-Final.vmx. Open it.
   

5. Now that the image is loaded into your VMware Desktop, click: Power on this virtual machine.
   

6. Most likely, you will get the following dialog:

   “This virtual machine may have been moved or copied.

   In order to configure certain management and networking features, VMware Workstation needs to know if you moved this virtual machine or if you copied it.”

   Choose I copied it and proceed.
   

7. If everything goes well, and it should, BackTrack will ask you to log in. The username will be root and the password is toor.
   

8. Once logged in as a root, type startx to run the graphical interface.
   

9. The internet/network is not connected by default in BackTrack, to start it run the Konsole and enter the start-network command.
   

10. If that did not work, open Wicd manager (K menu –> Internet –> Wicd manager) and click Connect. The status bar should show something like:

    Connected to wired network (IP: xxx.xxx.xxx.xxx)

If you get that, it means you connected BackTrack to the network successfully! Well done

At the end, make sure you have the latest kernel sources by running the following commands:

apt-get update
 
apt-get install linux-source
 
cd /usr/src
 
tar jxpf linux-source-{version}.tar.bz2
 
ln -s linux-source-{version} linux
 
cd linux
 
zcat /proc/config.gz > .config
 
make scripts
 
make prepare