In my journey in the GNU/Linux world, I am always look to adapt good ideas, and to embrace excellent GNU/FOSS software. If it for some reason is not open source, it needs to be really good, and fit my needs and expectations to the fullest – i.e. Opera, Dropbox, Picasa and Google Earth.
Is a one of them things you just gotta love! It is a piece of software that let’s you create a virtual encrypted file system within a file. For a normal user, this is transparent. You create a file, specify which algorithm to use, set a looong password, and then you mount the file as a volume. In this way, you may store sensitive information encrypted on your computer. Given the use of a file container to hold this virtual filesystem, you may transport, copy the file and mount it on another computer just as easy as mounting an external harddrive.
Applications of TrueCrypt
I discovered TrueCrypt when browsing the Dropbox forum. There I came across a discussion about the security of the Dropbox account. Dropbox uses SSL to send and recieve files from your computer to the Dropbox account. Dropbox then uses the Amazon S3 storing service to host your files. The files itself, and your entire account, is encrypted with AES on the server.
However, the discussion was mainly about where the AES key was located – at Dropbox or at Amazon. Either way – somebody may have access to your uploaded files, so the need for encrypted files gave spring to the solution of using TrueCrypt localy and uploading this file.
First of all – Dropbox is in beta, and their license is “AS IS”. If they run out of funds, or for some reason terminates their service, your online files MAY be lost. So you should always keep a backup of sensitive information elsewhere. Because you keep your files locally on your computer, you always have backup. The folder gets synchronized with your Dropbox account when you connect. If their service for some reason is down, you will not loose your files, because you have them stored locally on your computer.
So – to get started – my initial thought, was to store a key-file – a password file on my Dropbox account – for easy access from the computers I use daily. I have a lot of accounts in the cloud, and I rarely – if ever – use the same password twice. And everyone of them are generated.
Therefore – I wanted to store my encrypted password file in a virtual encrypted filesystem in my Dropbox account (which is also encrypted) for shared access from my computers.
I use Gnome Revelation password manager to store my online/offline password for various services. I store this file within my virtual encrypted filesystem-folder, which is then synched to my Dropbox account.
The password file itself is encrypted – I need a password to open it. The filesystem to which the file is stored, is encrypted – I need an even longer password. My Dropbox account is encrypted – so a third password is needed.
I am not that worried about security!
Outside the box
Okei – so now I have my password file available from my computers. Next step must be to have a common set of config-files on each of them. I am not going to say much about this – it is simple enough. Just think of what sym-links can do!