Today, we are going to learn about how to install and use VeraCrypt to encrypt Drives on Ubuntu 18.04. VeraCrypt is an open-source software forked from TrueCrypt whose development and maintenance has since been discontinued. It is used for performing on-the-fly disk encryption (OTFE). On-the-fly encryption means that data is encrypted before it is written to the disk and when data is being read from the disk, every small portion of it is copied and decrypted on the fly in the memory (RAM) without human interaction i.e no decrypted data is stored on the memory temporarily and thus, even when the disk is mounted, data is still encrypted. VeraCrypt encrypts the entire filesystem of the disk including folders, files, contents of the files, metadata, free space…In order to access the encrypted data, one has to supply the encryption keys, password or keyfile.
You can read more about VeraCrypt in its Documentation page.
Install and Use VeraCrypt to Encrypt Drives on Ubuntu
There are two ways in which VeraCrypt can be installed on Ubuntu;
VeraCrypt provide installer scripts on their downloads page which makes the install as easy.
Install VeraCrypt via the Generic Installers
Download either the generic installer from the downloads page by following the link provided above.
You can simply get the link and download using wget or curl commands;
wget https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-1.25.9-setup.tar.bz2Extract the installer once the download is completed;
tar xjf veracrypt-1.25.9-setup.tar.bz2Similarly, there are two types of installers, GUI based and the console based Installers for both x86 and x86_64 systems that are extracted to the current working directory.
ls -1 veracrypt*veracrypt-1.25.9-setup-console-x64
veracrypt-1.25.9-setup-console-x86
veracrypt-1.25.9-setup-gtk3-console-x64
veracrypt-1.25.9-setup-gtk3-gui-x64
veracrypt-1.25.9-setup-gui-x64
veracrypt-1.25.9-setup-gui-x86
veracrypt-1.25.9-setup.tar.bz2
You can choose which one to use for installation;
Example of using GUI based installer;
sudo ./veracrypt-1.25.9-setup-gui-x64Click Install VeraCrypt in the installation wizard that pops up, accept the End User License Agreement and click Ok to install VeraCrypt.
If you want to use the console installer, then execute the command;
sudo ./veracrypt-1.25.9-setup-console-x64Follow the installation prompts to install VeraCrypt on Ubuntu 18.04.
Install via Specific OS distribution Binary Package
VeraCrypt has various Linux distributions binary installer on the downloads page link given above.
Download the installer of your specific OS distro. For example, we are using Ubuntu 18.04 in this example setup.
You can download the GUI installer;
wget https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-1.25.9-Ubuntu-18.04-amd64.debOr you can download console installer;
wget https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-console-1.25.9-Ubuntu-18.04-amd64.debDepending on the installer type you downloaded, install VeraCrypt on Ubuntu 18.04 using the command below;
sudo apt install ./veracrypt-1.25.9-Ubuntu-18.04-amd64.debOr;
sudo apt install ./veracrypt-console-1.25.9-Ubuntu-18.04-amd64.debYou can verify that VeraCrypt is installed and indeed is in your PATH.
which veracrypt/usr/bin/veracryptYou are now ready to encrypt your drives/files using VeraCrypt.
Use VeraCrypt to Encrypt Drives on Ubuntu
In this guide, we are going to learn how to use the GUI method of VeraCrypt to encrypt devices/files.
To launch the VeraCrypt GUI, press the Super Key to launch activities search bar and type veracrypt.
Press Enter to Launch VeraCrypt
The numbered slots, 1, 2… are used by VeraCrypt to manage encrypted devices.
Create VeraCrypt Outer Volume
There are two types of VeraCrypt Volumes;
- File-hosted (container): File-hosted volume is a normal file that can be stored on any storage device. It contains an independent encrypted virtual disk.
- Partition/device-hosted: Partition hosted volume is a hard drive partition. It can be a removable USB sticks or any other type of storage.
To create a VeraCrypt volume select a random slot and click on the Create Volume button. You will be prompted to choose the type of the volume, File Container or a Partition.
In this guide, we are going to create an encrypted partition. If you opt to create an encrypted file container, the process it the same.
Click Next to select the type of VeraCrypt volume to create, standard or hidden.
- Standard volume is just like any other file except that it is password protected
- Hidden volume is not visible as the name suggests and can have layered protection with two passwords, the outer and inner encrypted volume password.
In this guide, we are going to create an Hidden volume.
In the next screen, you need to select the drive to encrypt.
CAUTION: If you are encrypting a partition, ensure that there is no data in it or the data has been backed up and backup confirmed. The process will wipe the partition clean and you will all data, if any was stored in it.
Note that I have unused partition, /dev/sdb1.
lsblkNAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
└─sda1 8:1 0 20G 0 part /
sdb 8:16 0 4G 0 disk
└─sdb1 8:17 0 4G 0 part
sr0 11:0 1 1024M 0 rom
sr1 11:1 1 1024M 0 rom
Confirm that you are ready to encrypt the drive to continue. You maybe prompted to enter your system admin password before you can proceed.
Next, you are required to select the encryption as well as the hashing algorithms. We are going with the defaults, AES and SHA512.
Click Next to proceed. On the next page, set the password for outer encrypted volume.
On the next page, set the volume Filesystem type. We choose Linux Ext4 in this setup.
Choose which platform to mount the volume. For our case, we will only use Linux.
Next, you need to generate random numbers that will be used to strong encryption keys. The randomness is collected from the mouse movements within the volume creation wizard. The faster the mouse moves, the faster the random numbers are generated. Make sure the bar is filled before you proceed.
Once done, click Format and select yes to confirm that you want to format the drive.
After that format the drive. If everything is well, then you should see a screen confirming that the hidden VeraCrypt volume has been successfully created and mounted on /media/veracrypt1.
df -hT /media/veracrypt1Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/veracrypt1 ext4 3.9G 16M 3.7G 1% /media/veracrypt1Create Veracrypt Inner Hidden Volume
You can go ahead and create a hidden volume within the Outer volume created above. You can store your really really sensitive data within the inner hidden volume.
So before you can close the volume creation wizard, click Next > then Next.
Go through the same procedure above;
- Set the encryption and hashing algorithms
- Set the inner hidden volume size.
- Set the inner hidden volume password
- Set the filesystem
- Choose whether to use across the platforms or just Linux only.
- Generate hidden volume randomness and format the volume.
- Once everything is done, the VeraCrypt volume is now ready to use.
You can now close the wizard. This will unmount the volumes automatically.
Mounting VeraCrypt Outer and Inner Hidden Volumes
To mount the Outer hidden volume;
- Launch VeraCrypt
- Select a slot to mount your drive
- Select the drive to mount by clicking on Select Device button or Select File if you created encrypted File.
- Click Mount to mount your encrypted drive.
- You will then be prompted to enter the password for decrypting the outer volume and click Ok. Once done, you maybe prompted to also supply the admin user password to enable mounting.
- You Outer volume is now mounted.
df -hT /media/veracrypt1Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/veracrypt1 ext4 3.9G 16M 3.7G 1% /media/veracrypt1To mount the VeraCrypt Inner hidden volume;
- Follow the same mount procedure above, BUT when prompted to enter password to mount the drive, Enter the password for the hidden volume.
For example, I mounted my inner hidden volume on slot 7;
df -hT /media/veracrypt7Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/veracrypt7 ext4 992M 2.6M 923M 1% /media/veracrypt7Feel free to explore more about this awesome encryption tool.
Read more on VeraCrypt Documentation
Other Related Tutorials
How to use VeraCrypt on command line interface to encrypt files and directories.
Install and Setup VeraCrypt on Ubuntu 20.04
How to Encrypt Files and Folders with eCryptFS on Ubuntu 18.04
i installed veracrypt successfully in Ubuntu 18.04 but coundn’t launch it by clicking on icon. even after reboot couldn’t do it. I have Ububtu 18.04 with LUKS Encryption.
Please comment.
Thanks
Chetan
I ran into a similar issue on 19.04, try running veracrypt from the commandline by typing in “veracrypt” … if it returns: “veracrypt: error while loading shared libraries: libgtk-x11-2.0.so.0: cannot open shared object file: No such file or directory”
… then you’re in good luck because you only need to install “libgtk2.0-0” (sudo apt install libgtk2.0-0) and it will mostly work 🙂 (from cmd or icon).
Thanks for the feedback! This will help somebody.
Will this siolution works on Ubuntu earlier version?
Server’s hardware supports only Ubuntu 14.10 LTS.
Regards.
Hi.
We haven’t tested this on Ubuntu 14.10.
However, if you have a test VM of Ubuntu 14.04, please feel free to test and give us feedback.
I’ve been trying to get this to work on 19.04 and couldn’t do it, nothing would happen as had been described here so I tried opening n command line as was described above, and got the exact same error as was decribed above and I installed the missing file as described above and now its FINALLY working , THANKOU for making that comment, indeed, it helped somebody (well, the software at last came up, haven’t yet tried encrypting or decrypting anything yet….I’m curious which is more secure for an OS enncryption, the LUX that encrupts my Ubuntor the verracrypt I use to encrypt windows 10? I acrtually just wanted veracrypt on both so hopefully I can read USBs encrypted with it on either system…thanks again.
Very nice and detailed how to…..
I’m on Mint 20.01 and VeraCypt newest today, don’t see any screenshots with any FENCE on left side! And also NO choice as the second screenshot with any….”Click Next to select the type of VeraCrypt volume to create, standard or hidden.”
I’m just guessing…but they didn’t think we needed to do that STEP, now a days and so they skipped that choice completely!
I acutally kind of LIKE that step if they hadn’t “trashed it,” like they did!
Matter of fact… that is way I was (trying) to use veracrypt, in the first place, following your how to!
So…. they TRASHED my good excuse to use veracrypt, because they do know better than their users! LOL!
Again thanks of the “How To” back in 2018!
Standard and hidden volumes option is available, on mint 21 though, -:)