Home > security > Compile Truecrypt from source

Compile Truecrypt from source

July 11, 2011 Leave a comment Go to comments

Problem

You want to compile Truecrypt from source but suddenly you realize that it’s not that trivial.

Solution

Let’s install some necessary packages:

sudo apt-get install build-essential libfuse-dev libgtk2.0-dev
sudo apt-get install nasm
sudo apt-get install libwxgtk2.8-dev
# This last one is for the problem "'wx/wx.h' is not found".

Download the source code of Truecrypt (link) and extract it to a folder. I put mine here: /opt/truecrypt-7.0a-source.

From the README of Truecrypt, we need this too: “RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20) located in a standard include path or in a directory defined by the environment variable ‘PKCS11_INC’.

So, visit ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20 and download the .h files. Actually, you only need 3 of them; I collected their URLs here. I put these files in this directory: /opt/truecrypt-7.0a-source/PKCS11_INC. Then, register it in an environment variable:

export PKCS11_INC=/opt/truecrypt-7.0a-source/PKCS11_INC

Now you can try to compile it. Go to /opt/truecrypt-7.0a-source and execute the command make. The executable will be placed here: Main/truecrypt.

Optional

I’m not sure that this step is necessary. If you have problems compiling the source, follow these instructions too.

For a successful compilation, you might need the wxWidgets library too. Download the latest stable release (choose wxAll in the list). Mine is extracted here: /opt/wxWidgets-2.8.12.

Get Truecrypt to compile wxWidgets for you:

export WX_ROOT=/opt/wxWidgets-2.8.12/
make WX_ROOT=/opt/wxWidgets-2.8.12 wxbuild

It will create the directory /opt/truecrypt-7.0a-source/wxrelease.

Further help

Remove the binary package

If you installed Truecrypt with the binary .deb package, here is how to remove it:

sudo truecrypt-uninstall.sh
Categories: security Tags: ,
  1. zoszsoz
    November 20, 2011 at 10:22
    Reply

    Ok great that compiled without needing to do the optional part.

    How do I install it now from the executable?

    • Jabba Laci
      November 20, 2011 at 11:31
      Reply

      Try it with “make install“. You need to do it as root, so it will be “sudo make install“. When compiling something from source, usually we need these steps:

      ./configure    # be in the project's folder
make
make install    # or "sudo make install"
      • zoszsoz
        November 24, 2011 at 06:52

        Have tried running ./configure from various directories. Same error “no such file or directory”.

        Also tried “make” which appears to do something if run inside the main truecrypt source directory.

        Also tried “make install” and it says “No rule to make target ‘install’. Stop.”

        Any ideas?

  2. Jabba Laci
    November 24, 2011 at 09:34
    Reply

    @zoszsoz: I just compiled the latest version (7.1) and here is what I did: copy the PKCS_11 stuff as explained above. Then “make”. You are right, there is no configure and “make install” steps. I put the source folder in the /opt directory. After “make” you have a single binary file in the folder Main. I moved it to the root directory of the source pack, i.e. /opt/truecrypt-7.1-source/truecrypt. I made a script called truecrypt.sh that calls this binary:

    #!/bin/sh

/opt/truecrypt-7.1-source/truecrypt

    Launch truecrypt via this script. The script is put in ~/bin and ~/bin is in my PATH.

    Or, simply move the truecrypt binary to /bin/truecrypt as root.

    • Lars Gustavsson
      February 12, 2012 at 15:48
      Reply

      @Jabba Laci: I tried your sample above, but could get it to work. Receive a lot of errors,
      such as,

      Resources.cpp:159: error: return type ‘struct wxBitmap’ is incomplete
      Resources.cpp:171: error: ‘wxImage’ was not declared in this scope
      Resources.cpp:171: error: expected ‘;’ before ‘image’
      Resources.cpp:174: error: ‘image’ was not declared in this scope
      Resources.cpp:175: error: ‘wxIMAGE_QUALITY_HIGH’ was not declared in this scope
      Resources.cpp:178: error: ‘image’ was not declared in this scope
      Resources.cpp:178: error: invalid use of incomplete type ‘struct wxBitmap’

      and run the make install, get a “No rule to make target ‘install’ message for me as well.

      • Jabba Laci
        February 12, 2012 at 15:58

        Did you install the wx stuff? It seems the compiler is missing that part.

  3. zoszsoz
    March 9, 2012 at 14:28
    Reply

    Ok got it running many thanks Jabba! Works great. A few commands I used as I was intending to encrypt my web dir which I read/write to from a Windows PC via samba share.

    Make a volume (wizard guides you in the process)
    truecrypt -c

    Mount the volume you made (abc.iso) to directory
    truecrypt /opt/lampp/htdocs/abc.iso /opt/lampp/htdocs/abcsite/

    Dismounts:
    truecrypt /opt/lampp/htdocs/abc.iso -d

    Mounts with read-write-execute for samba share. I had to use umask 0000 to give Apache read/write/execute access for my sessions directory:

    truecrypt --fs-options="uid=1000,gid=1000,umask=0000" /opt/lampp/htdocs/abc.iso /opt/lampp/htdocs/abcsite/ -k "" --protect-hidden=no

    -k is do not use key-files (otherwise it will ask for them)
    --protect-hidden=no do not use protect-hidden volumes (otherwise it will ask for them)

    A good example here to create a shell script you can execute to load your volume quickly:
    http://www.medienvilla.com/index.php?id=236#linux_script.

    I just made one to mount the volume and another to dismount. Then put the .sh files in /bin and you can run them from anywhere. Sweet!

    File: abcmount.sh

    #!/bin/bash

echo "1. Please enter password"

oldConfig=`stty -g`    # Backup config
stty -echo                  # Hide password being shown on screen
read password          # Read in the password from the terminal
stty $oldConfig          # Restore config

echo "2. Mounting volume ... "

truecrypt -t --fs-options="uid=1000,gid=1000,umask=0000" /opt/lampp/htdocs/abc.iso /opt/lampp/htdocs/abcsite/ --password="$password" -k "" --protect-hidden=no

echo "abc.iso mounted successfully to /opt/lampp/htdocs/abcsite/"

    File: ssdismount.sh

    #!/bin/bash

truecrypt /opt/lampp/htdocs/abc.iso -d

echo "abc.iso volume dismounted successfully"
  1. No trackbacks yet.

Leave a comment