Using TrueCrypt c key file on rutoken media
The more we use a computer and the more it enters our life, the more often we begin to think about the security of stored information on it. Not to mention businesses, when problems in the security of stored information can lead to large losses.
In this publication I will explain how to create a virtual encrypted disk in the system, for access to which a key file is needed, which is located on the root key.
TrueCrypt is software that allows you to create a virtual encrypted logical drive that is stored in the file system as a file. All recording data on this disk, including the names of files and directories, is “encrypted on the fly.” There is also the possibility to completely encrypt partitions on the hard disk or usb media. The mounted partition is identical to a regular logical drive or a removable drive, which makes it possible to work with it with all utilities built into the operating system, such as disk check and defragmentation.
Rutoken is a device made in the form of a usb-charm, which is used to authorize a user on a computer, protect data, secure remote access to information resources, etc.
')
As recommended by the developers of Rutoken, you can not connect it until the drivers are installed. The installation procedure is the same as installing any application. We answer all questions positively and accept the terms of the license agreement. Unpack the TrueCrypt translation file in the folder where it was installed. We launch TrueCrypt and in the settings we change the language to Russian - Settings \ Language , select Russian and OK.
After connecting to TrueCrypt, launch the “Security Token Settings” - the Server \ Security Tokens , in the opened window, launch the “ Autodetect Library ”. If the search is successful, the library path will be automatically filled, then OK.
Now we need to create a key file. To do this, open the "Key File Generator" - Tools \ Key File Generator . Before us is the generation of the key.
To save the key file, click " Create and save file ", select the path and save the key file. We will be notified of the successful key saving.
Everything is ready for the key to be written on the Routoken - Service \ Key files of the security token . You should be asked for the password of Rutoken (if it didn’t appear, apparently the library was not specified), enter the user’s password rutoken (by default 12345678). In the window that opens, click " Import cells. file to token ”, we indicate the key file that we generated in the previous paragraph, and then we specify what it will be called on the rutoken.
If you plan to use the key only from Rutoken, then you need to delete the key saved on the computer.
Now rutoken is fully ready to work with TrueCrypt, you can create an encrypted volume.
ATTENTION! All further thoughtless actions on your part with your hard drive at your own risk! I describe the safest way to create a hidden partition. If you do not want to lose data, follow the instructions.
To create a new volume, use the TrueCrypt volume creation wizard - Volumes \ Create a new partition .
The “TrueCrypt Volume Creation Wizard” starts. Select " Create encrypted file container ", i.e. The virtual encrypted disk will be stored in one file.
Type of volume “ Regular Volume ”.
Choose where you will store the disk file. If you tick the box "Do not save history", then you will have to specify the location of the file each time.
In the encryption settings you need to specify the encryption algorithm that will be used to encrypt the created disk. Each algorithm has its own speed, to see the encryption / decryption speed for all algorithms, click "test".
Now you need to enter the size of the created volume.
It's time to specify the key file and password. Click "Keyfiles", if there is no your key there, then in this window click " Token-files ", enter the password of a rutoken and select a token.
Go to the next, where we already need to specify the options (file system, cluster and file type: dynamic or static) and mark our future disk. The markup takes some time, the larger the size of the volume, the longer it will be marked.
In the main window of TrueCrypt, click " File ", select the file of the volume and click " Mount ".
If you do not have a routoken connected, then you will receive the error "The key file of the security token is not detected ." Connect rutoken if it is not connected. Press "Keyfiles" and select the key.
If the password was entered correctly, and the root key was connected and the necessary key was selected, then you will see the mounted new disk. Have a good job!
Important! When the disk is mounted, the rutenko must be disconnected from the usb port, as the developers themselves advise in order to prolong his life. From myself I also advise you to configure automatic unmounting when not active.
In the next part I will tell you how to do the same, but on the Linux operating system.
In this publication I will explain how to create a virtual encrypted disk in the system, for access to which a key file is needed, which is located on the root key.
TrueCrypt is software that allows you to create a virtual encrypted logical drive that is stored in the file system as a file. All recording data on this disk, including the names of files and directories, is “encrypted on the fly.” There is also the possibility to completely encrypt partitions on the hard disk or usb media. The mounted partition is identical to a regular logical drive or a removable drive, which makes it possible to work with it with all utilities built into the operating system, such as disk check and defragmentation.
Rutoken is a device made in the form of a usb-charm, which is used to authorize a user on a computer, protect data, secure remote access to information resources, etc.
')
We will need
- TrueCrypt distribution kit - http://www.truecrypt.org/downloads ;
- Russian translation - http://www.truecrypt.org/localizations ;
- Rutoken - http://www.rutoken.ru/products/rutoken/ ;
- drivers for Rutoken - http://www.rutoken.ru/hotline/download/ ;
Install TrueCrypt and Driver for Rutoken
As recommended by the developers of Rutoken, you can not connect it until the drivers are installed. The installation procedure is the same as installing any application. We answer all questions positively and accept the terms of the license agreement. Unpack the TrueCrypt translation file in the folder where it was installed. We launch TrueCrypt and in the settings we change the language to Russian - Settings \ Language , select Russian and OK.
We connect rutoken to usb port
After connecting to TrueCrypt, launch the “Security Token Settings” - the Server \ Security Tokens , in the opened window, launch the “ Autodetect Library ”. If the search is successful, the library path will be automatically filled, then OK.
Create a key file
Now we need to create a key file. To do this, open the "Key File Generator" - Tools \ Key File Generator . Before us is the generation of the key.
To save the key file, click " Create and save file ", select the path and save the key file. We will be notified of the successful key saving.
Write key on rutoken
Everything is ready for the key to be written on the Routoken - Service \ Key files of the security token . You should be asked for the password of Rutoken (if it didn’t appear, apparently the library was not specified), enter the user’s password rutoken (by default 12345678). In the window that opens, click " Import cells. file to token ”, we indicate the key file that we generated in the previous paragraph, and then we specify what it will be called on the rutoken.
If added successfully, it will appear in the list with the name you specified.
If you plan to use the key only from Rutoken, then you need to delete the key saved on the computer.
Now rutoken is fully ready to work with TrueCrypt, you can create an encrypted volume.
Create an encrypted volume
ATTENTION! All further thoughtless actions on your part with your hard drive at your own risk! I describe the safest way to create a hidden partition. If you do not want to lose data, follow the instructions.
To create a new volume, use the TrueCrypt volume creation wizard - Volumes \ Create a new partition .
The “TrueCrypt Volume Creation Wizard” starts. Select " Create encrypted file container ", i.e. The virtual encrypted disk will be stored in one file.
Type of volume “ Regular Volume ”.
Choose where you will store the disk file. If you tick the box "Do not save history", then you will have to specify the location of the file each time.
In the encryption settings you need to specify the encryption algorithm that will be used to encrypt the created disk. Each algorithm has its own speed, to see the encryption / decryption speed for all algorithms, click "test".
Now you need to enter the size of the created volume.
It's time to specify the key file and password. Click "Keyfiles", if there is no your key there, then in this window click " Token-files ", enter the password of a rutoken and select a token.
Go to the next, where we already need to specify the options (file system, cluster and file type: dynamic or static) and mark our future disk. The markup takes some time, the larger the size of the volume, the longer it will be marked.
At the end of the process you will be notified that the volume has been successfully created.
Mount the created volume
In the main window of TrueCrypt, click " File ", select the file of the volume and click " Mount ".
If you do not have a routoken connected, then you will receive the error "The key file of the security token is not detected ." Connect rutoken if it is not connected. Press "Keyfiles" and select the key.
If the password was entered correctly, and the root key was connected and the necessary key was selected, then you will see the mounted new disk. Have a good job!
Important! When the disk is mounted, the rutenko must be disconnected from the usb port, as the developers themselves advise in order to prolong his life. From myself I also advise you to configure automatic unmounting when not active.
In the next part I will tell you how to do the same, but on the Linux operating system.
Source: https://habr.com/ru/post/125486/
All Articles