How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

6
20851

Today, we are going to learn about how to install and use VeraCrypt to encrypt Drives on Ubuntu 18.04. VeraCrypt is an open-source software forked from TrueCrypt whose development and maintenance has since been discontinued. It is used for performing on-the-fly disk encryption (OTFE). On-the-fly encryption means that data is encrypted before it is written to the disk and when data is being read from the disk, every small portion of it is copied and decrypted on the fly in the memory (RAM) without human interaction i.e no decrypted data is stored on the memory temporarily and thus, even when the disk is mounted, data is still encrypted. VeraCrypt encrypts the entire filesystem of the disk including folders, files, contents of the files, metadata, free space…In order to access the encrypted data, one has to supply the encryption keys, password or keyfile.

Open BitLocker Drive on Linux - Eas...
Open BitLocker Drive on Linux - Easy Step-by-Step

You can read more about VeraCrypt in its Documentation page.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

There are two ways in which VeraCrypt can be installed on Ubuntu;

VeraCrypt provide installer scripts on their downloads page which makes the install as easy.

Install VeraCrypt via the Generic Installers

Download either the generic installer from the downloads page by following the link provided above.

You can simply get the link and download using wget or curl commands;

wget https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-1.25.9-setup.tar.bz2

Extract the installer once the download is completed;

tar xjf veracrypt-1.25.9-setup.tar.bz2

Similarly, there are two types of installers, GUI based and the console based Installers for both x86 and x86_64 systems that are extracted to the current working directory.

ls -1 veracrypt*
veracrypt-1.25.9-setup-console-x64
veracrypt-1.25.9-setup-console-x86
veracrypt-1.25.9-setup-gtk3-console-x64
veracrypt-1.25.9-setup-gtk3-gui-x64
veracrypt-1.25.9-setup-gui-x64
veracrypt-1.25.9-setup-gui-x86
veracrypt-1.25.9-setup.tar.bz2

You can choose which one to use for installation;

Example of using GUI based installer;

sudo ./veracrypt-1.25.9-setup-gui-x64

Click Install VeraCrypt in the installation wizard that pops up, accept the End User License Agreement and click Ok to install VeraCrypt.

install veracrypt on Ubuntu

If you want to use the console installer, then execute the command;

sudo ./veracrypt-1.25.9-setup-console-x64

Follow the installation prompts to install VeraCrypt on Ubuntu 18.04.

Install via Specific OS distribution Binary Package

VeraCrypt has various Linux distributions binary installer on the downloads page link given above.

Download the installer of your specific OS distro. For example, we are using Ubuntu 18.04 in this example setup.

You can download the GUI installer;

wget https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-1.25.9-Ubuntu-18.04-amd64.deb

Or you can download console installer;

wget https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-console-1.25.9-Ubuntu-18.04-amd64.deb

Depending on the installer type you downloaded, install VeraCrypt on Ubuntu 18.04 using the command below;

sudo apt install ./veracrypt-1.25.9-Ubuntu-18.04-amd64.deb

Or;

sudo apt install ./veracrypt-console-1.25.9-Ubuntu-18.04-amd64.deb

You can verify that VeraCrypt is installed and indeed is in your PATH.

which veracrypt
/usr/bin/veracrypt

You are now ready to encrypt your drives/files using VeraCrypt.

Use VeraCrypt to Encrypt Drives on Ubuntu

In this guide, we are going to learn how to use the GUI method of VeraCrypt to encrypt devices/files.

To launch the VeraCrypt GUI, press the Super Key to launch activities search bar and type veracrypt.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

Press Enter to Launch VeraCrypt

veracrypt volumes

The numbered slots, 1, 2… are used by VeraCrypt to manage encrypted devices.

Create VeraCrypt Outer Volume

There are two types of VeraCrypt Volumes;

  • File-hosted (container): File-hosted volume is a normal file that can be stored on any storage device. It contains an independent encrypted virtual disk.
  • Partition/device-hosted: Partition hosted volume is a hard drive partition. It can be a removable USB sticks or any other type of storage.

To create a VeraCrypt volume select a random slot and click on the Create Volume button. You will be prompted to choose the type of the volume, File Container or a Partition.

In this guide, we are going to create an encrypted partition. If you opt to create an encrypted file container, the process it the same.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu 18.04

Click Next to select the type of VeraCrypt volume to create, standard or hidden.

  • Standard volume is just like any other file except that it is password protected
  • Hidden volume is not visible as the name suggests and can have layered protection with two passwords, the outer and inner encrypted volume password.

In this guide, we are going to create an Hidden volume.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

In the next screen, you need to select the drive to encrypt.

CAUTION: If you are encrypting a partition, ensure that there is no data in it or the data has been backed up and backup confirmed. The process will wipe the partition clean and you will all data, if any was stored in it.

Note that I have unused partition, /dev/sdb1.

lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda      8:0    0    20G  0 disk 
└─sda1   8:1    0    20G  0 part /
sdb      8:16   0     4G  0 disk 
└─sdb1   8:17   0     4G  0 part 
sr0     11:0    1  1024M  0 rom  
sr1     11:1    1  1024M  0 rom 
How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

Confirm that you are ready to encrypt the drive to continue. You maybe prompted to enter your system admin password before you can proceed.

Next, you are required to select the encryption as well as the hashing  algorithms. We are going with the defaults, AES and SHA512.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

Click Next to proceed. On the next page, set the password for outer encrypted volume.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

On the next page, set the volume Filesystem type. We choose Linux Ext4 in this setup.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

Choose which platform to mount the volume. For our case, we will only use Linux.

How to Install and Use VeraCrypt to Encrypt Drives on Ubuntu

Next, you need to generate random numbers that will be used to strong encryption keys. The randomness is collected from the mouse movements within the volume creation wizard. The faster the mouse moves, the faster the random numbers are generated. Make sure the bar is filled before you proceed.

generate randomness

Once done, click Format and select yes to confirm that you want to format the drive.

After that format the drive. If everything is well, then you should see a screen confirming that the hidden VeraCrypt volume has been successfully created and mounted on /media/veracrypt1.

veracrypt drive encrypted mounted
df -hT /media/veracrypt1
Filesystem             Type  Size  Used Avail Use% Mounted on
/dev/mapper/veracrypt1 ext4  3.9G   16M  3.7G   1% /media/veracrypt1

Create Veracrypt Inner Hidden Volume

You can go ahead and create a hidden volume within the Outer volume created above. You can store your really really sensitive data within the inner hidden volume.

So before you can close the volume creation wizard, click Next > then Next.

Go through the same procedure above;

  • Set the encryption and hashing algorithms
  • Set the inner hidden volume size.
  • Set the inner hidden volume password
  • Set the filesystem
  • Choose whether to use across the platforms or just Linux only.
  • Generate hidden volume randomness and format the volume.
  • Once everything is done, the VeraCrypt volume is now ready to use.
veracrypt volumes created

You can now close the wizard. This will unmount the volumes automatically.

Mounting VeraCrypt Outer and Inner Hidden Volumes

To mount the Outer hidden volume;

  • Launch VeraCrypt
  • Select a slot to mount your drive
  • Select the drive to mount by clicking on Select Device button or Select File if you created encrypted File.
  • Click Mount to mount your encrypted drive.
  • You will then be prompted to enter the password for decrypting the outer volume and click Ok. Once done, you maybe prompted to also supply the admin user password to enable mounting.
mount password
  • You Outer volume is now mounted.
df -hT /media/veracrypt1
Filesystem             Type  Size  Used Avail Use% Mounted on
/dev/mapper/veracrypt1 ext4  3.9G   16M  3.7G   1% /media/veracrypt1

To mount the VeraCrypt Inner hidden volume;

  • Follow the same mount procedure above, BUT when prompted to enter password to mount the drive, Enter the password for the hidden volume.

For example, I mounted my inner hidden volume on slot 7;

df -hT /media/veracrypt7
Filesystem             Type  Size  Used Avail Use% Mounted on
/dev/mapper/veracrypt7 ext4  992M  2.6M  923M   1% /media/veracrypt7

That is all on how to install and use VeraCrypt to encrypt drives on Ubuntu. Feel free to explore more about this awesome encryption tool.

Read more on VeraCrypt Documentation

Other Related Tutorials

How to use VeraCrypt on command line interface to encrypt files and directories.

Install and Setup VeraCrypt on Ubuntu 20.04

How to Encrypt Files and Folders with eCryptFS on Ubuntu 18.04

Install and Setup OpenVPN Server on Ubuntu 20.04

6 COMMENTS

  1. i installed veracrypt successfully in Ubuntu 18.04 but coundn’t launch it by clicking on icon. even after reboot couldn’t do it. I have Ububtu 18.04 with LUKS Encryption.

    Please comment.

    Thanks

    Chetan

    • I ran into a similar issue on 19.04, try running veracrypt from the commandline by typing in “veracrypt” … if it returns: “veracrypt: error while loading shared libraries: libgtk-x11-2.0.so.0: cannot open shared object file: No such file or directory”
      … then you’re in good luck because you only need to install “libgtk2.0-0” (sudo apt install libgtk2.0-0) and it will mostly work 🙂 (from cmd or icon).

    • Hi.
      We haven’t tested this on Ubuntu 14.10.
      However, if you have a test VM of Ubuntu 14.04, please feel free to test and give us feedback.

  2. I’ve been trying to get this to work on 19.04 and couldn’t do it, nothing would happen as had been described here so I tried opening n command line as was described above, and got the exact same error as was decribed above and I installed the missing file as described above and now its FINALLY working , THANKOU for making that comment, indeed, it helped somebody (well, the software at last came up, haven’t yet tried encrypting or decrypting anything yet….I’m curious which is more secure for an OS enncryption, the LUX that encrupts my Ubuntor the verracrypt I use to encrypt windows 10? I acrtually just wanted veracrypt on both so hopefully I can read USBs encrypted with it on either system…thanks again.

LEAVE A REPLY

Please enter your comment!
Please enter your name here