Mounting TrueCrypt container on share
Solution 1
.gvfs is a virtual mountpoint not owned by your login user (hence you don't have write-access to it). You will need to set up a mount point manually, e.g.
$ sudo mount -t cifs //server/share /mnt -o username=windowsuser,password=windowspassword
Once you have this you can mount the volume from there (in this example, /mnt) and it should work as expected.
Solution 2
I posted this answer in the Ubuntu forum, but since I found the unanswered question here as well, I've more or less copied the same answer here...
Actually the solution couldn't be simpler. You just need to add an option to the "mount" command:
uid={local username}
The complete command (in the case of CIFS/SMB) being:
sudo mount -t cifs //{host}/*{share}* {local mount point} -o user={remote username},uid={local username}
Note: Without specifying the password as an option (always a good idea to avoid plaintexting your passwords and/or in a way that bash history collects, IMO), this command would then prompt you for the remote password (after first prompting you for the sudo password of course).
All this does is mounts the share in a way that you (the user) can read and write to. Then, TrueCrypt (or EncFS or some other FUSE module) has no problem accessing an encrypted volume stored on that share (assuming no other issues of course).
I don't know why this isn't widely discussed on the internets. I had to dig through the mount man page to discover this, after a fruitless internet search to this particular problem.
This is also not a hack or workaround. It's how mount was designed to work.
I should also point out that the previous solution discussed here is potentially dangerous, as it obviates the user-based security built-in to FUSE, and that TrueCrypt (and other FUSE modules such as EncFS) rely on: That is, by default only the current user can see the mounted volume! Modifying /etc/fuse.conf to add "user_allow_other", and specifying "allow_other" on the command line, overrides this behavior and allows any user to see your decrypted data. If you've encrypted your data in the first place, there's a fairly good chance you wouldn't want this side effect.
Related videos on Youtube
04 : 58
04 : 06
15 : 20
01 : 26
02 : 09
Kent Boogaart
Microsoft MVP for Windows Platform Development 2009-2014 My blog is here Personal projects include: Workout Wotch KBCsv WPF Converters The Helper Trinity PCLMock Intuipic Kentis
Updated on September 17, 2022Comments
-
Kent Boogaart over 1 year
I have a TrueCrypt container on a Windows share that I'm trying to mount from Ubuntu. However, I consistently get a "Permission Denied" error.
I am using /home/kent/.gvfs/share on server/path/to/container as the path. I have tried mounting with the default options, mounting as read-only, and mounting to a specific directory. I get the same error regardless.
If I copy the container to my local Ubuntu machine then I can mount it and access it without issue. On a Windows desktop, I can mount it over the network without issue.
How can I mount this container from Ubuntu over my network?
-
Svilen over 13 yearsCould you paste the actual commands that are resulting in the "Permission denied" error?
-
Kent Boogaart over 13 years@Murat: I'm just using the TrueCrypt UI - not sure what commands it's executing behind the scenes. Any way I can tell?
-
-
Kent Boogaart over 13 yearsAlas, I get:
mount: wrong fs type, bad option, bad superblock on //server/share, missing codepage or helper program, or other error (for several filesystems (e.g. nfs, cifs) you might need a /sbin/mount.<type> helper program) In some cases useful info is found in syslog - try dmesg | tail or so. Log contains:smbfs: mount_data version 1919251317 is not supported. Any ideas? -
Kent Boogaart over 13 yearsUnfortunately, this didn't work - same problem.
-
Jonathon over 13 yearsYou have to fill in server and share with your values, e.g. //192.168.0.1/truecryptshare
-
Jonathon over 13 yearsI think you need to apt-get install smbfs
-
Scaine over 13 yearsAnd the smbfs is now deprecated in favour of the fs keyword "cifs", so perhaps try changing the "fs" in your command to that. (But the apt-get comment is correct - it's still referred to as smbfs, annoyingly) -
Scaine over 13 yearsJust tried this and it worked perfectly, both in mounting my Windows 2003 share AND then mapping a working truecrypt volume on that share : sudo mount -t cifs //server/share /home/scaine/Network/Share/ -o credentials=/home/scaine/password.txt. The password.txt is just a two line file, username=<userid> on one line and password=<your_password> on the second line. This can then be set such that only root can read it, providing a little bit of security.
-
Nicolas Schirrer over 13 yearsAnd changing the IP address to match your server's IP, of course...
-
Kent Boogaart over 13 yearsAwesome! Well, I don't quite understand why I needed smbfs given that I was previously able to mount via Nautilus without it. But right you are - smbfs was not installed. After installing that, everything went swimmingly. Thanks very much guys!
-
Kent Boogaart over 12 yearsVery good to know and I just verified that this works for me. Thanks - I'll update my scripts accordingly.
