TrueCrypt 5.0
Watermelon
now its about 4days since the TrueCrypt Foundation released version 5.0
of their popular encryption software TrueCrypt.
www.truecrypt.org
the new version supports among other features:
strong cryptography (aes sertent twofisch in cbc(xts) and cascades of
that algorithms)
Preboot auth
Full Disk Encryption
plausible deniability
supports mac osx
linux
windows
guis for that os'
the main reason for using that software is cause i have encrypted win
partitions and want to use it in linux and freebsd too....=> great
compatibility-point of all os !!!
i downloaded the source cause i thought if there is an osx support may
be it works for freebsd too....
and i found in makefile a point for making in freebsd....
but there are errors so i couldnt make it...
please could you take a look on that software
would be great to have it as port...
(dont know much about that but if there is a line with freebsd in
makefile it may not be a big problem)
thanks
with best regards,
Watermelon.
Garrett Cooper
On Feb 10, 2008, at 12:33 AM, Watermelon wrote:
> i downloaded the source cause i thought if there is an osx support
> may be it works for freebsd too....
> and i found in makefile a point for making in freebsd....
> but there are errors so i couldnt make it...
Actual errors may help, but the issue most likely lies in and of the
fact that OSX comes prepackaged with GNU make, not BSD make.
starr:~ gcooper$ make --version
GNU Make 3.81
Copyright (C) 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
This program built for i386-apple-darwin9.0
starr:~ gcooper$ uname -a
Darwin starr.local 9.1.0 Darwin Kernel Version 9.1.0: Wed Oct 31
17:46:22 PDT 2007; root:xnu-1228.0.2~1/RELEASE_I386 i386
Thus, you should try gmake (target) as opposed to make (target). If
you come across any errors, please report the relevant information
(error messages, etc).
Thanks,
-Garrett
Michael Ross
>
> On Feb 10, 2008, at 12:33 AM, Watermelon wrote:
>
>> i downloaded the source cause i thought if there is an osx support may
>> be it works for freebsd too....
>> and i found in makefile a point for making in freebsd....
>> but there are errors so i couldnt make it...
>
> Actual errors may help, but the issue most likely lies in and of the
> fact that OSX comes prepackaged with GNU make, not BSD make.
Just for then fun of it, I tweaked the Makefile to use gmake,
and it compiles up to
Compiling FatalErrorHandler.cpp
FatalErrorHandler.cpp: In function 'void
TrueCrypt::OnFatalProgramErrorSignal(int, siginfo_t*, void*)':
FatalErrorHandler.cpp:42: error: 'ucontext_t' was not declared in this
scope
FatalErrorHandler.cpp:42: error: 'context' was not declared in this scope
FatalErrorHandler.cpp:42: error: expected primary-expression before ')'
token
FatalErrorHandler.cpp:42: error: expected `;' before 'contextArg'
gmake[1]: *** [FatalErrorHandler.o] Fehler 1
gmake: *** [all] Fehler 2
Michael
Sergey Matveychuk
> Just for then fun of it, I tweaked the Makefile to use gmake,
> and it compiles up to
>
> Compiling FatalErrorHandler.cpp
> FatalErrorHandler.cpp: In function 'void
> TrueCrypt::OnFatalProgramErrorSignal(int, siginfo_t*, void*)':
> FatalErrorHandler.cpp:42: error: 'ucontext_t' was not declared in this
> scope
> FatalErrorHandler.cpp:42: error: 'context' was not declared in this scope
> FatalErrorHandler.cpp:42: error: expected primary-expression before ')'
> token
> FatalErrorHandler.cpp:42: error: expected `;' before 'contextArg'
> gmake[1]: *** [FatalErrorHandler.o] Fehler 1
> gmake: *** [all] Fehler 2
>
You should patch the file to include ucontext.h
But even if it'll be build, nobody guarantee it works.
--
Dixi.
Sem.
Michael Ross
> You should patch the file to include ucontext.h
> But even if it'll be build, nobody guarantee it works.
Done. Builds. On 7.0-PRERELEASE, by the way.
You need /usr/ports/sysutils/fuse-libs
and /usr/ports/sysutils/fuse-kmod;
and the wxWidget-Sources mentioned in the README, of course.
diff for Makefile:
61,62d60
< MAKE=gmake
<
206c204
< cd $(WX_BUILD_DIR) && gmake
---
> cd $(WX_BUILD_DIR) && make
diff for Main/FatalErrorHandler.h
13d12
< #include "/usr/src/sys/sys/ucontext.h"
As far as container files go, it creates and mounts them.
They show up in /media/truecrypt*.
Maybe someone would download
http://www.triplefork.net/test.tc (64K)
and try with password "test" on a different platform.
Michael
Sven Braun
> http://www.triplefork.net/test.tc (64K)
> and try with password "test" on a different platform.
This works fine with OSX 10.5! :) Thank you! (Had no possibility to
test it under Windows).
--
Sven Braun
Sergey Matveychuk
> Am 10.02.2008, 20:05 Uhr, schrieb Sergey Matveychuk <s...@FreeBSD.org>:
>
>> You should patch the file to include ucontext.h
>> But even if it'll be build, nobody guarantee it works.
>
> Done. Builds. On 7.0-PRERELEASE, by the way.
>
> You need /usr/ports/sysutils/fuse-libs
> and /usr/ports/sysutils/fuse-kmod;
> and the wxWidget-Sources mentioned in the README, of course.
>
> diff for Makefile:
>
> 61,62d60
> < MAKE=gmake
> <
> 206c204
> < cd $(WX_BUILD_DIR) && gmake
> ---
> > cd $(WX_BUILD_DIR) && make
The best way is to change 'make' in the last line with $(MAKE). MAKE
will passed from port's Makefile.
>
> diff for Main/FatalErrorHandler.h
>
> 13d12
> < #include "/usr/src/sys/sys/ucontext.h"
#if defined(__FreeBSD__)
#include <sys/ucontext.h>
#endif
looks better.
>
> As far as container files go, it creates and mounts them.
> They show up in /media/truecrypt*.
>
> Maybe someone would download
> http://www.triplefork.net/test.tc (64K)
> and try with password "test" on a different platform.
Feel free to make a port.
--
Dixi.
Sem.
Martin Wilke
Hash: SHA1
Ok Guys,
Yesterday on the German BSDGroup [1] we talked about the Truecrypt Port,
Dierk Sacher, Oliver Herold and I have created a port that works here.
We would now like to call for testing of this port. We are aware that
the patchset is hardcoded, but this will be fixed in the final version.
Known issues are system hangs when you use geli support on your hdd.
Feedback is very welcome.
\o/\/WARNING\o/\/WARNING\o/ HIS IS NOT READY FOR PRODUCTION \o/\/WARNING\o/\/WARNING\o/
Patch can you find here: http://people.freebsd.org/~miwi/truecrypt.tgz
\o/\/WARNING\o/\/WARNING\o/ HIS IS NOT READY FOR PRODUCTION \o/\/WARNING\o/\/WARNING\o/
[1] https://forum.bsdgroup.de/showthread.php?p=5642#post5642 (german only)
- Martin (with behalf German BSDGroup)
>
> thanks
> with best regards,
> Watermelon.
> _______________________________________________
> freebs...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-port...@freebsd.org"
>
- --
+-----------------------+-------------------------------+
| PGP : 0x05682353 | Jabber : miwi(at)BSDCrew.de |
| ICQ : 169139903 | Mail : miwi(at)FreeBSD.org |
+-----------------------+-------------------------------+
| Mess with the Best, Die like the Rest! |
+-----------------------+-------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
iD8DBQFHr64RFwpycAVoI1MRAjDAAJ9DCSJNmrGnnKEWo8+f5Y+q/Oj2BACfVx01
EIC3UZFF5PEQrOJZkHSHS+g=
=mUs+
-----END PGP SIGNATURE-----
Dierk Sacher
I'm now able to confirm success running truecrypt 5.0 on
FreeBSD voxx.evangelion.free 7.0-RC1 FreeBSD 7.0-RC1 #3: Sun Jan 20
00:44:35 CET 2008
ro...@voxx.evangelion.free:/usr/obj/usr/src/sys/VOXX i386
Remaining issue (here):
Images appear all in black now. May be a local problem of the test
environment not related to truecrypt.
The initial width of the "Slot" column doesn't seem to have enought room to
display 2 digit numbers. Just enlarge the column using the table header
;-).
Gruesse
Dierk
--
|----+----|----+----|----+----|----+----|----+----|----+----|----+----|--<
GPG Fingerprint: D14C 12BB 37A6 6745 7F4F F420 9E59 D79E A492 2A96
GPG KeyID : A4922A96
+------------------------------------------------------------------------+
Dierk Sacher
to freeze the device. :-(
At least the display bug (black images) is gone now.
Zitiere Dierk Sacher vom Mon, Feb 11, 2008 at 02:41:39PM +0100:
> Hi,
>
> I'm now able to confirm success running truecrypt 5.0 on
>
> FreeBSD voxx.evangelion.free 7.0-RC1 FreeBSD 7.0-RC1 #3: Sun Jan 20
> 00:44:35 CET 2008
> ro...@voxx.evangelion.free:/usr/obj/usr/src/sys/VOXX i386
--
Matt
> Am 10.02.2008, 20:05 Uhr, schrieb Sergey Matveychuk <s...@FreeBSD.org>:
>
> > You should patch the file to include ucontext.h
> > But even if it'll be build, nobody guarantee it works.
>
> Done. Builds. On 7.0-PRERELEASE, by the way.
Builds fine on 7.0-RC2 too.
[snip]
>
> Maybe someone would download
> http://www.triplefork.net/test.tc (64K)
> and try with password "test" on a different platform.
>
I've noticed what looks like a problem when creating a file-based
volume (could be for all volume types - I haven't tried creating a
device volume). If I select password AND keyfile during the volume
creation, the creation process finishes without throwing any errors,
but the volume that is created does not require the keyfile to
open/mount. In fact, it fails to open/mount if I try to use the
keyfile and password use during creation, but works fine if I just use
the password.
Anyone else seeing this behavior? I will attempt to reproduce on the
Linux-build of this version as well to check and see if it has the
same problem.
> Michael
Michael Ross
> I've noticed what looks like a problem when creating a file-based
> volume (could be for all volume types - I haven't tried creating a
> device volume). If I select password AND keyfile during the volume
> creation, the creation process finishes without throwing any errors,
> but the volume that is created does not require the keyfile to
> open/mount. In fact, it fails to open/mount if I try to use the
> keyfile and password use during creation, but works fine if I just use
> the password.
>
I tried and confirm this.
In fact, if I create a volume with keyfile but without password,
truecrypt throws
ParameterIncorrect at TrueCrypt::Pkcs5Kdf::ValidateParameters:64
at me.
Michael
Andrey Chernov
> In fact, if I create a volume with keyfile but without password,
> truecrypt throws
> ParameterIncorrect at TrueCrypt::Pkcs5Kdf::ValidateParameters:64
> at me.
BTW, 5.0a is already out.
Michael Ross
I tried it, and the keyfile thingy seems resolved.
Port at http://www.triplefork.net/truecrypt.tgz has updated checksums.
Still does not work with GELI, even if neither the partition holding the
container, the source partition of the file to copy into it nor the mount
point are actually encrypted.
It worked for the 495-Byte file I used in my first test, but anything
bigger calls for the power switch. Can't be bothered to play more with it
right now, 4 times fsck a day is good enough.
Michael
Olivier Cochard-Labbe
> Port at http://www.triplefork.net/truecrypt.tgz has updated checksums.
I'm using it under FreeBSD 7.0 RC2 with a 1Gb file (created with a
previous Truecrypt release under Windows), and working on my OOo files on
this encrypted volume without problem.
Thanks for your works.
Olivier
Dierk Sacher
I'm still able to deadlock the whole vfs by doing something like that.
Zitiere Olivier Cochard-Labbe vom Mon, Feb 18, 2008 at 02:07:38PM +0100:
> _______________________________________________
> freebs...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-port...@freebsd.org"
--
Dierk Sacher
> Hi,
>
> 2008/2/23, Dierk Sacher <usen...@blaxxtarz.de>:
> >
> > Are you able to transfer let's say the content of /usr/local/bin to it?
> > I'm still able to deadlock the whole vfs by doing something like that.
>
>
> filesystem).
:-(
> I didn't encounter this problem during working on my few (about 4) small
> files (about 1 MB) on the truecrypt volume.
That's the exact behavior I'm facing with all tests. Once a single fd
is open, it seems safe to write any amount of data to it. I've also not been
able to trigger it by just reading.
Dierk