Encrypt your files with this open source software | Opensource.com

Encrypt your files with this open source software

VeraCrypt offers open source file-encryption with cross-platform capabilities.

Lock
Image credits : 
JanBaby, via Pixabay CC0.
x

Subscribe now

Get the highlights in your inbox every week.

Many years ago, there was encryption software called TrueCrypt. Its source code was available, although there were no major claims that anyone had ever audited or contributed to it. Its author was (and remains to this day) anonymous. Still, it was cross-platform, easy to use, and really, really useful.

TrueCrypt allowed you to create an encrypted file "vault," where you could store sensitive information of any kind (text, audio, video, images, PDFs, and so on). Provided you had the correct passphrase, TrueCrypt could decrypt the vault and provide read and write access on any computer running TrueCrypt. It was a useful technique that essentially provided a virtual, portable, fully encrypted drive (except it was a file) where you could safely store your data.

TrueCrypt eventually closed down, but a replacement project called VeraCrypt quickly sprang up to fill the void. VeraCrypt is based on TrueCrypt 7.1a and features many improvements over the original (including significant algorithm changes for standard encrypted volumes and boot volumes). With VeraCrypt 1.12 and later versions, you can use custom iterations for increased encryption security. Better yet, VeraCrypt can load old TrueCrypt volumes, so if you were a TrueCrypt user, it's easy to transfer them over to VeraCrypt.

Install VeraCrypt

You can install VeraCrypt on all major platforms by downloading the appropriate installer file from the VeraCrypt download page.

Alternately, you can build it yourself from source code. On Linux, it requires wxGTK3, makeself, and the usual development stack (Binutils, GCC, and so on).

Once you have it installed, launch VeraCrypt from your application menu.

Create a VeraCrypt volume

If you're new to VeraCrypt, you must create a VeraCrypt volume first (otherwise, you have nothing to decrypt). In the VeraCrypt window, click the Create Volume button on the left.

In VeraCrypt's Volume Creator Wizard window that appears, choose whether you want to create an encrypted file container or to encrypt an entire drive. The wizard steps you through creating a vault for your data, so follow along as prompted.

For this article, I created a file container. A VeraCrypt container is a lot like any other file: it exists on a hard drive, external drive, in cloud storage, or anywhere else you can think to store data. Like other files, it can be moved, copied, and deleted. Unlike most other files, it can contain more files, which is why I think of it as a "vault," and VeraCrypt developers refer to it as a "container." Its developers call a VeraCrypt file a "container" because it can contain other data objects; it has nothing to do with the container technology made popular by LXC, Kubernetes, and other modern IT mechanisms.

Choose a filesystem

During the volume-creation process, you're asked to select a filesystem to decide how the files you place inside your vault are stored. The Microsoft FAT format is archaic, non-journaled, and limits both volume and file sizes, but it's the one format all platforms can read from and write to. If you intend your VeraCrypt vault to cross platforms, FAT is your best bet.

Aside from that, NTFS works for Windows and Linux. The open source EXT series works for Linux.

Mount a VeraCrypt volume

Once you've created a VeraCrypt volume, you can mount it from within the VeraCrypt window. To mount an encrypted vault, click the Select File button on the right. Select your encrypted file, choose one of the numbered slots in the upper half of the VeraCrypt window, and then click the Mount button located in the lower-left corner of the VeraCrypt window.

Your mounted volume is available in the list of available volumes in the VeraCrypt window, and you can access that volume through your file manager as if it were an external drive. For instance, on KDE, I open Dolphin, navigate to /media/veracrypt1, and then I can copy files into my vault.

As long as you have VeraCrypt on a device, you can always access your vault. It's encrypted until you manually mount it in VeraCrypt, where it remains decrypted until you close the volume again.

Close a VeraCrypt volume

To keep your data safe, it's important to close a VeraCrypt volume when you don't need it open. That keeps it safe from prying eyes and crimes of opportunity.

Closing up the VeraCrypt container is about as easy as it is to open one: Select the listed volume in the VeraCrypt window, and click Dismount. You no longer have access to the files inside your vault, and neither does anyone else.

VeraCrypt for easy cross-platform encryption

There are many ways to keep your data secure, and VeraCrypt tries to make it easy for you, regardless of what platform you need to use that data on. If you want to experience easy, open source file encryption, try VeraCrypt.

A keyboard with privacy written on it.

Use Linux Unified Key Setup to encrypt your thumb drives, external hard drives, and other storage from prying eyes.
Secure safe

Use Linux Unified Key Setup to create an encrypted vault for sensitive files on a physical drive or cloud storage.
A secure lock.

See how Git-crypt, BlackBox, SOPS, and Transcrypt stack up for storing secrets in Git.

About the author

Seth Kenlon
Seth Kenlon - Seth Kenlon is a UNIX geek, free culture advocate, independent multimedia artist, and D&D nerd. He has worked in the film and computing industry, often at the same time. He is one of the maintainers of the Slackware-based multimedia production project Slackermedia.