Truecrypt or LUKS?

linux filesystems encryption truecrypt
8,709

Solution 1

LUKS seems to be the more standard tool (included by default in distribution installers, etc), so that's what I use.

Solution 2

Well, as other have pointed out, LUKS is generally better integrated into current distributions. For security reasons, you almost certainly want to encrypt all partitions (including /), which is called "encrypted root". Setting this up by hand can be a bit tricky (though doable), so distro integration helps a lot.

At least Debian and Ubuntu offer encrypted root via LUKS in the standard installer, so that's a point for LUKS. I'm not even sure if TrueCrypt can encrypt the root partition at all.

The only advantage I can see for Truecrypt is that its Windows support is better, so it's easier to mount a Truecrypt partition under Windows. But that is really only relevant for portable drives/media. At any rate, most Linux FS have no Windows driver anyway...

So I would recommend LUKS (though Truecrypt is a viable option as well).

In a "normal" system, if the system crashes (power gets cut, etc), it's easy to recover a corrupted system with fsck. However, on an ecrypted system, things become a lot more complicated. Does TrueCrypt of LUKS offer the best stability / recovery in an event of a crash?

There isn't really any difference. Encryption is always per sector, and disks are written per sector, so usually you'll lose any sectors that weren't written properly, with or without encryption.

I use full-disk LUKS (including root partition) on my laptop, and it's gone through many fscks without problems.

At any rate, you are going to perform at least nightly full backups, aren't you? So a crash should not wipe out a lot of work... . IMHO, anything less than that is criminal negligence on a system with important data.

Solution 3

AFAIK, they are both based of similar technology unlike say ecryptfs. File-system integrity would largely depend on your choice of FS. However, your best bet would still be to use a UPS. If your data is important, that should be necessary even if no encryption was used.

Share:
8,709

Related videos on Youtube

Andy
Author by

Andy

Full-stack dev, DBA and/or sysadmin Twitter: @sublimino

Updated on September 17, 2022

Comments

  • Andy
    Andy over 1 year

    My work requires my laptop hard drive (running Linux) to be encrypted and from what I can tell TrueCrypt and LUKS seem to be the two major contenders out there.

    In a "normal" system, if the system crashes (power gets cut, etc), it's easy to recover a corrupted system with fsck. However, on an encrypted system, things become a lot more complicated.

    Which of TrueCrypt or LUKS offers the best stability / recovery in an event of a crash?

  • sleske
    sleske about 14 years
    Well, he's using a laptop, so UPS would not really apply (at least not for mobile usage).
  • Teddy
    Teddy about 14 years
    Ubuntu only supports full-disk encryption on installation if you use the "Alternate" install CD.
  • Teddy
    Teddy about 14 years
    There is a program for Windows to read LUKS-encrypted devices: freeotfe.org
  • sleske
    sleske about 14 years
    @Teddy: Thank you for the info. Still, I believe TrueCrypt's Windows version is a bit more full-featured than freeotfe.org, hence the "better Windows support". Might be arguable of course...
  • sybreon
    sybreon about 14 years
    In that case, just auto shutdown the laptop on low-power. At other times rely on the battery as backup and things will be fine.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

"Hacking" Into my own 500 GB Seagate External Hard-drive
How to create a cross-platform traveler disk with TrueCrypt
Resizing a LUKS encrypted volume
Running a web server with an encrypted file system (all or part of it)
How would I encrypt my whole Linux filesystem with Veracrypt?
How to install squashfs-tools on Ubuntu?
what is file hole and how can it be used?
Adding a new device to a btrfs volume, but the available size is hardly growing
How and when to use /dev/shm for efficiency?
Check if Android filesystem is encrypted