How to Use an Encrypted Flash Drive

Like everybody else, recently I’m finding I need to use more and more web IDs and passwords, as well as user names and passwords for credit card and banking information. If you look at this in terms of a computer file, it amounts to more than 30K of information. Furthermore, if this kind of material weren’t in electronic form, it would be pretty inconvenient. Why? One reason is that this is information that is frequently changing and needing to be edited. The second reason is that, if this information were not electronic, it might take up 20 paper pages, in which case you can’t just hit ctrl-F to go find something, so it might take you five minutes to locate a particular password. The third reason is that there’s no practical way to encrypt information you’re going to keep on paper, so you’d better hope you don’t lose it!

What’s the best solution to this? I think it is an encrypted flash drive. I particularly like an open source encryption program called Truecrypt, which can be used both on Linux and on Windows operating systems. In the following, I try to describe the most practical ways of using Truecrypt. In short, it’s to encrypt a “”olume” on a flash drive and then put files onto this volume. Then you can just take the flash drive and plug it into your office computer or your home computer or your mobile computer. This way, each time you start to use the flash drive with a different computer that has the Truecrypt encryption program, the Truecrypt encryption system will first require you to enter a password for the Truecrypt-encrypted volume, and then automatically encrypt or decrypt files, as you put them onto the volume, or open them from there, in a text editor or word processor, without requiring entering a password again.

Installation (GNU/Linux Ubuntu 6.10):
>truecrypt -V // If Truecrypt is not installed, or is not version 4.2a or greater, do: sudo apt-get install truecrypt
// Connect the flash drive you’re planning to use to the USB port of your Linux OS computer
>ls -latr /dev // check to find the name of the pluggable device (plugdev) hit most recently (like “sdb1”). You can also do this with dmesg.
>sudo fdisk /dev/sdb // Create a partition intended for Truecrypt use.
>sudo truecrypt -c /dev/sdb1 // On this partition, create a volume intended for Truecrypt use
// I chose “Twofish” for the encryption and “Whirlpool” for the hash.

Each time you use it with a computer that has Truecrypt:
// Connect the flash drive to a USB port
>ls -latr /dev // Check to find the name of the pluggable device (plugdev) hit most recently (like “sdb1”).
>sudo mkdir /mnt/sdb1 // If there is no /mnt/sdb1
>sudo truecrypt -u /dev/sdb1 /mnt/sdb1 // Use the Truecrypt system to mount the device
// The Truecrypt system will ask for the Linux system password and the Truecrypt volume password

// Now continue doing whatever you need to with the volume’s file system, such as:
>ls /mnt/sdb1/myfile.txt // or edit, etc.

When finished:
>sudo truecrypt -d /dev/sdb1 // Dismount the volume’s file system through the Truecrypt system.
// Right click on the “cdrom” icon on the computer desktop and select “eject” from the menu list. Now you can disconnect the flash drive.

Other:
>sudo truecrypt -vl // To access properties of the volume in the Truecrypt system.

That’s it. It’s really very simple. Aside from these few things, the only other thing you ought to do is to make a secured backup.

Leave a Reply