We have moved to a new Sailfish OS Forum. Please start new discussions there.
18

Porting TrueCrypt

asked 2014-02-07 23:27:37 +0300

Rolfa gravatar image

updated 2014-02-08 09:03:05 +0300

foss4ever gravatar image

I'd love to have TrueCrypt on my Jolla! (It works on my N900 like a charm)

edit retag flag offensive close delete

Comments

16

as we cannot have support for several different implementations, i'd rather vote against truecrypt, but very much for luks/dm-crypt. why? truecrypt is not free software; it needs fuse to run on linux (which is jollas base) so adds more complexity to the system and it never went through cryptoanalysis, so it remains unclear, if it really does, what it says it does. i'd prefer luks/dm-crypt, as none of these problems exist here. but jolla will make the decisions... after all a dupe: https://together.jolla.com/question/2158/optional-encryption-of-the-device/

manes ( 2014-02-08 00:28:37 +0300 )edit
1

Not a dupe - there is no mention of TrueCrypt at the other question.

The security level of TrueCrypt seems ok for me (for private use) even if it did not go through cryptoanalysis. Big plus for me is that TrueCrypt containers can be interchanged with Windows.

Rolfa ( 2014-02-08 11:58:11 +0300 )edit
1

But the same topic is discussed there, and this would have been nice Answer in that encryption-thread, where there is a much wider audience already..

foss4ever ( 2014-02-08 12:22:25 +0300 )edit

There is VeraCrypt which is actively developed, do not use TrueCrypt as for each day that goes it has potentially more vulnerabilities.

Trizt ( 2015-08-06 07:46:19 +0300 )edit

4 Answers

Sort by » oldest newest most voted
14

answered 2014-05-20 12:59:25 +0300

Nieldk gravatar image

https://openrepos.net/content/nieldk/truecrypt

edit flag offensive delete publish link more

Comments

Thanks a lot, it works fine!

Rolfa ( 2014-05-23 17:26:23 +0300 )edit
2

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" see: http://www.truecrypt.org/

utkiek ( 2014-05-29 18:19:14 +0300 )edit
3

Regarding that "warning" - yes, everything is potentially insecure. I suggest you read this. I consider Truecrypt still amongst a prefferable solution. https://www.grc.com/misc/truecrypt/truecrypt.htm

Nieldk ( 2014-05-30 10:04:50 +0300 )edit

@Nieldk has truecrypt development team quit? I didn't get the whole point of the announcement. Thanks.

magullo ( 2014-05-30 14:48:27 +0300 )edit
2

@Nieldk: The announcement is alarming for several reasons, not the least that they very clearly recommend to use Bitlocker, which is about as unsecure as you can get. There is no way they would ever normally recommend it. Also: "TrueCrypt is Not Secure As" -> TrueCrypt is NSA (tin foil hat, but who knows, there's no reason it would be so awkwardly worded otherwise).

nthn ( 2014-05-30 16:10:31 +0300 )edit
3

answered 2014-05-31 16:25:44 +0300

clau gravatar image

TrueCrypt is dead. See the project page.

edit flag offensive delete publish link more
1

answered 2014-05-13 14:50:35 +0300

Rolfa gravatar image

As long as truecrypt is not available for the Jolla, I am using this script to display a password list from an encrypted zip file.

This works without having to decompress the zip to a file first. Of course, to edit the password list, I have to decompress the zip, edit the file, and compress/encrypt it again with zip -e. That's why truecrypt would still be preferable.

#!/bin/bash

# Displays contents of encrypted zip file without extracting it first to a file.
# Note: The password is visible in the process list, so don't use this on multiuser systems.

# Docs/References:
# http://phpunixman.sourceforge.net/index.php/info/pinentry
# http://www.44342.com/linux-f1121-t30154-p1.htm
# https://together.jolla.com/question/1661/gnupg2-unusable-without-pinentry-package-unavailable/

zipfile=pwlist.zip # should only contain textfiles as all are piped through less

if [ ! -r "$zipfile" ]
then
    echo "Error: $zipfile not found or not readable."
    exit 1
fi

PINENTRY_BIN=/usr/local/bin/pinentry

PinEntryDesc="$zipfile"
PinEntryPrompt="Enter Password: "
PinEntryTTY=`tty`
# The following gets the passphrase by sending the SETDESC, SETPROMPT, and GETPIN
# commands to pinentry, and parsing the output.
p=`echo "SETDESC $PinEntryDesc
SETPROMPT $PinEntryPrompt
GETPIN" | $PINENTRY_BIN --lc-ctype="UTF-8" --ttyname="$PinEntryTTY" | sed '/^D/s/^D \(.*\)$/\1/g;/^OK/d' `

if [ "$p" == "" ]
then
    echo "Error: empty password."
    exit 1
fi

case "$p" in
    *"ERR 111"*)
        echo "cancelled"
        exit 1
        ;;
esac

/usr/bin/unzip -P "$p" -p "$zipfile" | /usr/bin/less -M
edit flag offensive delete publish link more

Comments

1

As a side note; a simpler solution could be:

install vim
vim -x

This creates an encrypted file. And it also works with vim for windows.

Rolfa ( 2014-05-16 00:12:56 +0300 )edit
0

answered 2014-05-30 14:31:28 +0300

Rolfa gravatar image

updated 2015-08-04 11:51:59 +0300

What I needed was an encrypted password list on my phone. Meanwhile, I have a better alternative to TrueCrypt: It's a small python script which uses gpg to encrypt/decrypt the file.

  • create a new encrypted file: gpgedit.py -c mylist
  • edit the file: gpgedit.py -e mylist.gpg
  • display the decrypted file: gpgedit.py mylist.gpg. Then type h for help.
  • get help about arguments: gpgedit.py -h

gpgedit.py

This has been working now for months without problems.

edit flag offensive delete publish link more

Comments

2

have you tried to use ownKeepass? you can find it in the jolla shop

piwostar ( 2014-09-08 16:05:30 +0300 )edit

I prefer having a single encrypted textfile. gpgedit.py works fine here.

Rolfa ( 2014-09-09 09:16:13 +0300 )edit

I use Password Store, which is an Android application for pass stores (eg just a load of gpg encrypted files). I works well and will synchronise with a pass git repository. It would be nice though to have an SFOS version.

skanky ( 2015-08-04 16:47:30 +0300 )edit
Login/Signup to Answer

Question tools

Follow
5 followers

Stats

Asked: 2014-02-07 23:27:37 +0300

Seen: 1,293 times

Last updated: Aug 04 '15