security/truecrypt is broken. Need advice about Veracrypt

DanDare said:
Was able to open/use in Ubuntu but not in FreeBSD with "mount: /dev/md0: No such file or directory"
Click to expand...
Create it.

It does not exist and never has, because that was your job in the first place.

I have always mounted my USB drives with this command:

mount -v -t msdosfs /dev/da0s1 /media/da0s1

This command for larger drives, up to 500GB in my experience:

mount -v -t msdosfs -F32 -o large /dev/da0s1 /media/da0s1

But before I can mount it I must open my File Manager as root and create /media/da0s1. Or I could use a command to create it, but I'm getting ready to use x11-fm/xfe and transfer some files so that's how I do it.

That no one else does it like that, one of the mysteries that is me.

But but but what about dev/da0s1? It does not exist. But my way works:

mysterymachine.jpg
 
DanDare said:
With Veractypt in Windows I've created a NTFS encrypted volume in a USB memstick partition. Was able to open/use in Ubuntu but not in FreeBSD with "mount: /dev/md0: No such file or directory"
Click to expand...
Ubuntu has NTFS support in kernel, FreeBSD doesn't. VeraCrypt can't mount automatic on FreeBSD. NTFS support on FreeBSD is realized by third party utilities.

To mount NTFS on FreeBSD try following: Do not mount the VeraCrypt volumes filesystem (see checkbox at image bottom after opening 'Options':

veracrypt.png


After password entered a memory disk is created, i.e. /dev/md0, try mounting the file system with sysutils/fusefs-ntfs manually:

For example:
# ntfs-3g /dev/md0 /mnt
After done with the volume unmount memory disk from mount point before unmounting from VeraCrypt.

DanDare said:
In Ubuntu destroyed the volume and recreated it formatted as ext4, still not able to mount in FreeBSD after loading ext2fs kernel module, with the same error message.
Click to expand...
Works with sysutils/fusefs-lkl. Mount manually as instructed above.

DanDare said:
In Windows recreated it as FAT. This time FreeBSD was able to mount it. It created the /dev/md0 entry and mounted in /media/Veracrypt1.
Click to expand...
FreeBSD has MS-DOS file system support in kernel. VeraCrypt can mount automatic.

DanDare said:
While in FreeBSD Wanted to recreate the volume as exFAT but the only format options in Veracrypt while creating a volume are FAT and UFS
Click to expand...
FreeBSD has no exFAT support in base. It's not possible to create a exFAT filesystem from the GUI dialog.

Howerver, it's possible to create a filesystem after creating a VeraCrypt volume. Create the volume/container without a filesystem in 'Format Options' dialog: Filesystem Options - Filesystem type 'None'.

"Mount" that volume without mounting the volumes filesystem (as instructed above). Afterwards create the filesystem on the memory disk.

This works well with FAT, UFS2, ZFS [1], ext4 [2], and xfs [3] file systems (tested so far). FAT and UFS2 can be mounted automatic by VeraCrypt, ZFS pool needs importing , ext4 and xfs mounting manually with sysutils/fusefs-lkl.

Trying to create NTFS, exFAT [4] file systems results in errors. I can't tell what's wrong.


[1] newfs_msdos(8), newfs(8), 12.2 zpool(8), 13.0 zpool-create(8)
[2] sysutils/e2fsprogs: mkfs.ext4(8)
[3] sysutils/xfsprogs: mkfs.xfs(8)
[4] sysutils/fusefs-ntfs: mkntfs(8), sysutils/exfat-utils: mkexfatfs(8)
 
I never tested these filesystems,
Code: 
fusefs-cryptofs-0.6.0_7        Encrypted filesystem for FUSE
fusefs-encfs-1.9.5_6           Encrypted pass-through FUSE filesystem
fusefs-securefs-0.11.1_1       Filesystem in userspace with transparent encryption and decryption
 
Alain De Vos said:
I never tested these filesystems,
Code: 
fusefs-cryptofs-0.6.0_7        Encrypted filesystem for FUSE
fusefs-encfs-1.9.5_6           Encrypted pass-through FUSE filesystem
fusefs-securefs-0.11.1_1       Filesystem in userspace with transparent encryption and decryption
Click to expand...
Encfs can be used with Plasma Vault, but I'm not sure if it's available for FreeBSD (or if both can be used together).
 
Alain De Vos said:
I never tested these filesystems,
Code: 
fusefs-cryptofs-0.6.0_7        Encrypted filesystem for FUSE
fusefs-encfs-1.9.5_6           Encrypted pass-through FUSE filesystem
fusefs-securefs-0.11.1_1       Filesystem in userspace with transparent encryption and decryption
Click to expand...
Encfs is quite old and comes from Linux. It's also considered to be unsafe since an audit made in 2014, and until version 2 is released not exactly something you should therefore use if you really need tight security.

Veracrypt like Truecrypt has one thing all these other tools have not: plausible deniability, which might be interesting for some use cases. You can hide a smaller encrypt container within your bigger container at ease. So you could generate a big container with porn as facade and embed a smaller into it with your real data.

If you really want to use an overlay cryptographic file system, the most advanced so far by my knowledge is CryFS, which works also with FreeBSD.

CryFS: A cryptographic filesystem for the cloud

CryFS encrypts your Dropbox and protects you against hackers and data leaks. It also works well together with other cloud providers.
www.cryfs.org
 
FreeBSD 13.1-RELEASE GENERIC amd64, veracrypt-1.25.9 NTFS. It's work very well.

Mount

Code: 
 sudo veracrypt --text --pim 0 --fs-options "rw,mountprog=/usr/local/bin/ntfs-3g" --keyfiles "/home/fileKey" --protect-hidden no --slot 1 --verbose /media/file.hc /tmp/vera
Dismount
Code: 
umount -f  /tmp/vera && veracrypt -d
 
You must log in or register to reply here.
Back
Top