# Truecrypt 6.1 or Truecrypt 6.0a Source

## iulius

Hi guys!

I have encrypted my harddisk with truecrypt. However the latest ebuild is 6.0a but I can only get my hands on 6.1 source. So I'm wondering, if anyone has a working overlay for 6.1 or could provide me with 6.0a source code?

That would help me a lot as my external hdd is bricked atm  :Very Happy: 

Thanks a lot!

Greets,

Iulius

----------

## b3cks

There is already a bugreport about this: https://bugs.gentoo.org/show_bug.cgi?id=245322

----------

## Yarik

 *iulius wrote:*   

> 
> 
> That would help me a lot as my external hdd is bricked atm 
> 
> 

 

Quick way for you is make truecrypt-6.1 according  Readme.txt:

1. Change the current directory to the root of the TrueCrypt source code.

2. # mkdir pkcs

# cd pkcs

# wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h

# wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h

# wget ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h

# cd ../

# make DEBUG=1 PKCS11_INC=PATH_TO_SOURCE/pkcs/

# ./Main/truecrypt

3. Enjoy! 

P.S.  DEBUG=1 must use only on gcc-.4.3. (Bug#: 237493)

----------

## Yarik

Try/test truecrypt-6.1.ebuild

https://bugs.gentoo.org/show_bug.cgi?id=245322

If somebody check it on amd64, please write result here.

----------

## m_gustafsson

I tried to use this ebuild, but does not get it to work. As I am new to using ebuilds this way I guess that I am doing something wrong.

This is how I tried to do it:

I removed the masking in /usr/portage/profiles/package.mask

In /etc/make.conf I uncommented, PORTDIR_OVERLAY=/usr/local/portage

Downloaded the ebuild to /usr/local/portage/app-crypt/truecrypt

Downloaded the patches to /usr/local/portage/app-crypt/truecrypt/files

Downloaded the source to /usr/portage/distfiles/truecrypt-6.1.tar.gz

Created /var/tmp/portage/app-crypt/truecrypt-6.1

Downloaded the header files (pkcs11.h, pkcs11f.h, pkcs11t.h) to /usr/portage/distfiles/

In /usr/local/portage/app-crypt/truecrypt I ran # ebuild truecrypt-6.1.ebuild digest

Added "=app-crypt/truecrypt-6.1" to /etc/portage/package.keywords

Then from my home directory I tried to emerge truecrypt, see outcome below

```
# emerge -a truecrypt

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild    fU ] app-crypt/truecrypt-6.1 [4.3a] USE="X%*" 

Would you like to merge these packages? [Yes/No]
```

The emerge ends after a while with:

```
 * Messages for package app-crypt/truecrypt-6.1:

 * Failed Patch: truecrypt-6.1-bool.patch !

 *  ( /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch )

```

Here are the logs:

```
# cat /var/tmp/portage/app-crypt/truecrypt-6.1/temp/truecrypt-6.1-bool.patch-4704.out

***** truecrypt-6.1-bool.patch *****

====================================

PATCH COMMAND:    patch -p0 -g0 -E --no-backup-if-mismatch < /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch

====================================

can't find file to patch at input line 4

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Common/Crypto.h truecrypt-6.1-source/Common/Crypto.h

|--- truecrypt-6.1-source.orig/Common/Crypto.h   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Common/Crypto.h   2008-11-11 23:14:33.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

can't find file to patch at input line 18

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Makefile truecrypt-6.1-source/Makefile

|--- truecrypt-6.1-source.orig/Makefile   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Makefile   2008-11-11 23:13:32.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

====================================

PATCH COMMAND:    patch -p1 -g0 -E --no-backup-if-mismatch < /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch

====================================

patching file Common/Crypto.h

patching file Makefile

Hunk #1 FAILED at 50.

1 out of 1 hunk FAILED -- saving rejects to file Makefile.rej

====================================

PATCH COMMAND:    patch -p2 -g0 -E --no-backup-if-mismatch < /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch

====================================

can't find file to patch at input line 4

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Common/Crypto.h truecrypt-6.1-source/Common/Crypto.h

|--- truecrypt-6.1-source.orig/Common/Crypto.h   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Common/Crypto.h   2008-11-11 23:14:33.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

missing header for unified diff at line 18 of patch

can't find file to patch at input line 18

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Makefile truecrypt-6.1-source/Makefile

|--- truecrypt-6.1-source.orig/Makefile   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Makefile   2008-11-11 23:13:32.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

====================================

PATCH COMMAND:    patch -p3 -g0 -E --no-backup-if-mismatch < /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch

====================================

missing header for unified diff at line 4 of patch

can't find file to patch at input line 4

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Common/Crypto.h truecrypt-6.1-source/Common/Crypto.h

|--- truecrypt-6.1-source.orig/Common/Crypto.h   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Common/Crypto.h   2008-11-11 23:14:33.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

missing header for unified diff at line 18 of patch

can't find file to patch at input line 18

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Makefile truecrypt-6.1-source/Makefile

|--- truecrypt-6.1-source.orig/Makefile   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Makefile   2008-11-11 23:13:32.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

====================================

PATCH COMMAND:    patch -p4 -g0 -E --no-backup-if-mismatch < /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch

====================================

missing header for unified diff at line 4 of patch

can't find file to patch at input line 4

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Common/Crypto.h truecrypt-6.1-source/Common/Crypto.h

|--- truecrypt-6.1-source.orig/Common/Crypto.h   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Common/Crypto.h   2008-11-11 23:14:33.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

missing header for unified diff at line 18 of patch

can't find file to patch at input line 18

Perhaps you used the wrong -p or --strip option?

The text leading up to this was:

--------------------------

|diff -urNp truecrypt-6.1-source.orig/Makefile truecrypt-6.1-source/Makefile

|--- truecrypt-6.1-source.orig/Makefile   2008-11-11 23:12:53.000000000 +0300

|+++ truecrypt-6.1-source/Makefile   2008-11-11 23:13:32.000000000 +0300

--------------------------

No file to patch.  Skipping patch.

1 out of 1 hunk ignored

```

```
# cat /var/tmp/portage/app-crypt/truecrypt-6.1/temp/build.log

>>> cfg-update-1.8.2-r1: Checksum index is up-to-date ...

 * Checking wxGTK-2.8 for X support ...                                                                                [ ok ]

 * Requested wxWidgets:        unicode 2.8

 * Using wxWidgets:            gtk2-unicode-release-2.8

>>> Unpacking source...

>>> Unpacking truecrypt-6.1.tar.gz to /var/tmp/portage/app-crypt/truecrypt-6.1/work

 * Applying truecrypt-6.1-bool.patch ...

 * Failed Patch: truecrypt-6.1-bool.patch !

 *  ( /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch )

 * 

 * Include in your bugreport the contents of:

 * 

 *   /var/tmp/portage/app-crypt/truecrypt-6.1/temp/truecrypt-6.1-bool.patch-4704.out

 * 

 * ERROR: app-crypt/truecrypt-6.1 failed.

 * Call stack:

 *               ebuild.sh, line   49:  Called src_unpack

 *             environment, line 2204:  Called epatch 'src_unpack'

 *             environment, line 1148:  Called die

 * The specific snippet of code:

 *                   die "Failed Patch: ${patchname}!";

 *  The die message:

 *   Failed Patch: truecrypt-6.1-bool.patch!

 * 

 * If you need support, post the topmost build error, and the call stack if relevant.

 * A complete build log is located at '/var/tmp/portage/app-crypt/truecrypt-6.1/temp/build.log'.

 * The ebuild environment file is located at '/var/tmp/portage/app-crypt/truecrypt-6.1/temp/environment'.

 * This ebuild is from an overlay: '/usr/local/portage/'

 * 

```

Do I need the 64-bit patch if I am not running on a 64 bit machine, or should I remove it?

What am I doing wrong when building?

/Mats

----------

## Yarik

 *m_gustafsson wrote:*   

> 
> 
> Do I need the 64-bit patch if I am not running on a 64 bit machine, or should I remove it?
> 
> What am I doing wrong when building?
> ...

 

May be you don't need all 3 patches (you can check it), but easy way is do not comment patches in ebuild and install them all.

64-bit and boll patches change the same strings in Makefile therefore emerge failed.

----------

## m_gustafsson

 *Yarik wrote:*   

> 64-bit and boll patches change the same strings in Makefile therefore emerge failed.

 

I removed the 64-bit patch from the ebuild and did:

```
# ebuild truecrypt-6.1.ebuild digest
```

and then tried emerge truecrypt again, but got the same error. I thought I would solve the problem quoted above by doing what I did?

I also tried to:

```
# cd /var/tmp/portage/app-crypt/truecrypt-6.1/work/

# #  patch -p0 -g0 -E --no-backup-if-mismatch < /usr/local/portage/app-crypt/truecrypt/files/truecrypt-6.1-bool.patch

patching file truecrypt-6.1-source/Common/Crypto.h

patching file truecrypt-6.1-source/Makefile

Hunk #1 FAILED at 50.

1 out of 1 hunk FAILED -- saving rejects to file truecrypt-6.1-source/Makefile.rej
```

----------

## Yarik

 *m_gustafsson wrote:*   

> 
> 
> I removed the 64-bit patch from the ebuild and did:
> 
> 

 

Don't remove any patches.

If 64-bit patch is not applied , bool patch won't be applied.

----------

## m_gustafsson

Now it worked, thanks   :Very Happy: 

Unfortunately I get another problem when trying to mount my disc, but I guess that this is not related to my build being wrong although I could mount the same disc with no problem using truecrypt-4.3a.

```
$ truecrypt /dev/heb2 test

Enter password for /dev/hdb2: 

Enter keyfile [none]: 

Protect hidden volume? (y=Yes/n=No) [No]: 

Error: device-mapper: reload ioctl failed: Invalid argument

Command failed
```

----------

## Yarik

 *m_gustafsson wrote:*   

> 
> 
> ```
> $ truecrypt /dev/heb2 test
> 
> ...

 

Try to reboot after installing truecrypt.

----------

## m_gustafsson

Still get the same error...

----------

## Yarik

```
Error: device-mapper: reload ioctl failed: Invalid argument
```

When I updated truecrypt from 6.0a to 6.1 I have the same error. I made some steps to resolve this problem but I don't exactly which step solve problem.

I rebuild kernel (gentoo-sources-2.6.25-r8 ) and the most interesting config changes are:

```
-CONFIG_FW_LOADER=m

+CONFIG_FW_LOADER=y

-CONFIG_CRYPTO_BLKCIPHER=m

+CONFIG_CRYPTO_BLKCIPHER=y

-CONFIG_CRYPTO_ECB=m

+CONFIG_CRYPTO_ECB=y

-CONFIG_CRYPTO_AES=m

+CONFIG_CRYPTO_AES=y

-CONFIG_CRYPTO_ARC4=m

+CONFIG_CRYPTO_ARC4=y

```

----------

## m_gustafsson

Hmm, still the same issue   :Sad: 

I did:

```
-CONFIG_FW_LOADER=m

+CONFIG_FW_LOADER=y

-CONFIG_CRYPTO_ECB=m

+CONFIG_CRYPTO_ECB=y

-# CONFIG_CRYPTO_AES is not set

+CONFIG_CRYPTO_AES=y

-# CONFIG_CRYPTO_ARC4 is not set

+CONFIG_CRYPTO_ARC4=y
```

The other one was already there:

```
$ grep CRYPTO_BLK /usr/src/linux/.config

CONFIG_CRYPTO_BLKCIPHER=y
```

----------

## Yarik

emerge --info?

----------

## m_gustafsson

```
# emerge --info

Portage 2.1.4.5 (default/linux/x86/2008.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.25-gentoo-r9 i686)

=================================================================

System uname: 2.6.25-gentoo-r9 i686 Intel(R) Pentium(R) 4 CPU 3.00GHz

Timestamp of tree: Tue, 11 Nov 2008 19:45:02 +0000

app-shells/bash:     3.2_p33

dev-java/java-config: 1.3.7, 2.1.6

dev-lang/python:     2.5.2-r7

dev-util/cmake:      2.4.6-r1

sys-apps/baselayout: 1.12.11.1

sys-apps/sandbox:    1.2.18.1-r2

sys-devel/autoconf:  2.13, 2.61-r2

sys-devel/automake:  1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1

sys-devel/binutils:  2.18-r3

sys-devel/gcc-config: 1.4.0-r4

sys-devel/libtool:   1.5.26

virtual/os-headers:  2.6.23-r3

ACCEPT_KEYWORDS="x86"

CBUILD="i686-pc-linux-gnu"

CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"

CHOST="i686-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"

CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer"

DISTDIR="/usr/portage/distfiles"

FEATURES="distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch"

GENTOO_MIRRORS="http://ds.thn.htu.se/linux/gentoo http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo http://ftp.linux.ee/pub/gentoo/distfiles/ http://ftp.snt.utwente.nl/pub/os/linux/gentoo"

LANG="sv_SE"

LC_ALL="en_GB"

LDFLAGS="-Wl,-O1"

LINGUAS="sv en"

MAKEOPTS="-j2"

PKGDIR="/usr/portage/packages"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

PORTDIR_OVERLAY="/usr/local/portage"

SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"

USE="X a52 aac acl acpi alsa animgif apache2 avi binary-drivers blas bluetooth branding bzip2 cairo cdr cli cracklib crypt cups dbus dcraw dri dts dvd dvdr dvdread eds emboss encode esd evo fam ffmpeg firefox flac fortran gd gdbm gif gimp gimpprint ginac glitz gnome gpm gstreamer gtk gtk2 hal iconv imagemagick isdnlog java jce jpeg ldap libnotify lirc mad matroska mhash midi mikmod mp3 mpeg mpm-prefork mudflap musepack mysql ncurses new-login nfs nls nptl nptlonly nsplugin ogg opengl openmp pam pcre pdf perl php png postgres ppds pppd python qhull qt-static qt3support quicktime readline reflection scanner sdl session spell spl sse2 ssl startup-notification svg sysfs tcpd threads tiff truetype unicode usb vorbis webinstall win32codecs x86 xcf xine xml xorg xpm xscreensaver xv xvid" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="sv en" USERLAND="GNU" VIDEO_CARDS="radeon vesa"

Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
```

As it is related to the device mapper i rebuilt it and rebooted, but with no success. The building log said that one should "rc-update add device-mapper boot" if using baselayout 2, which I don't think I use. Thus I did nothing like that. But could it be something in this area, i.e. the device mapper not being loaded or being incompatible with truecrypt?

I am using device-mapper-1.02.24-r1.

Many thanks for your efforts   :Very Happy: 

----------

## m_gustafsson

Did some more changes to my kernel and recompiled it, and now it seems to work after reboot   :Very Happy: 

These are my latest changes:

```
-CONFIG_CRYPTO_SHA256=m

+CONFIG_CRYPTO_SHA256=y

-# CONFIG_CRYPTO_GF128MUL is not set

+CONFIG_CRYPTO_GF128MUL=m

-# CONFIG_CRYPTO_LRW is not set

-# CONFIG_CRYPTO_XTS is not set

+CONFIG_CRYPTO_LRW=m

+CONFIG_CRYPTO_XTS=m

-# CONFIG_CRYPTO_BLOWFISH is not set

-# CONFIG_CRYPTO_TWOFISH is not set

+CONFIG_CRYPTO_BLOWFISH=m

+CONFIG_CRYPTO_TWOFISH=m

+CONFIG_CRYPTO_TWOFISH_COMMON=m

-# CONFIG_CRYPTO_SERPENT is not set

-CONFIG_CRYPTO_AES=y

+CONFIG_CRYPTO_SERPENT=m

+CONFIG_CRYPTO_AES=m
```

I guess that some of them are not needed, but that is for a later investigation.

Thanks for your help Yarik   :Very Happy: 

----------

## r1ddl3

 *Yarik wrote:*   

> 
> 
> Quick way for you is make truecrypt-6.1 according  Readme.txt:
> 
> 1. Change the current directory to the root of the TrueCrypt source code.
> ...

 

Hi,

I followed these steps, but:

```

make DEBUG=1 PKCS11_INC=/usr/local/portage/app-crypt/truecrypt/pkcs

make: *** Keine Targets angegeben und keine »make«-Steuerdatei gefunden.  Schluss.

```

Sorry for german output: no targets given and cant find make file. End.

Trying to digest the ebuild file:

```

!!! app-crypt/truecrypt-6.1 has fetch restriction turned on.

!!! This probably means that this ebuild's files must be downloaded

!!! manually.  See the comments in the ebuild for more information.

!!! File pkcs11f.h doesn't exist, can't update Manifest

```

do anybody know how to solve this problem?

some data:

kernel: 2.6.27-1 gentoo sources, gcc 4.3.2, glibc 2.8p, ~86

thanks for the help,

r1ddl3

----------

## Yarik

 *r1ddl3 wrote:*   

> 
> 
> ```
> 
> !!! app-crypt/truecrypt-6.1 has fetch restriction turned on.
> ...

 

You should download header files to ${DISTDIR} (in my system /usr/portage/distfiles) before digest ebuild.

----------

## lindegur

Cool I managed to install truecrypt 6.1   :Laughing:  Thank you Yarik you did a very good job.   :Wink: 

I look for something to put on an USB stick and be usable on Linux as well as Windows. Truecrypt seems to be the way to go.

It runs well under Windows with the truecrypt executables on the USB stick and at home I have Linux!

Truecrypt starts up nicely. Now I need to test it under Linux and I will put the ebuild and patches to my overlay www.linurs.org to make the installation easy.

----------

## dye464

Ebuild worked superb for me (thanks for submitting it), but i have another problem with Truecrypt.

He wants a program called "dmsetup" you all have it on your Gentoo?

I can't do anything with Truecrypt he always asks for that program. (I can create a fat32 container, which i can not mount)

I searched a bit on google, and found this:

http://polishlinux.org/howtos/truecrypt-howto/

 *Quote:*   

> http://polishlinux.org/howtos/truecrypt-howto
> 
> [...]
> 
> TrueCrypt needs a tool called dmsetup to work correctly. Dmsetup is a tool enabling you to work with logical drives mapped with the device-mapper driver. The newest version of dmsetup is available on http://sources.redhat.com/dm/. The first thing you have to do after downloading the source is to install dmsetup:
> ...

 

In the package is no dependency on Dmsetup...

Have you all installed dmsetup?

----------

## lindegur

Hi dye464,

I just finished to struggle with the same issue   :Embarassed:  and I was finally successful    :Laughing: 

I can mount and decrypt my file that I encrypted on a windows computer  :Laughing: 

My goal is to have encrypt personal data on my USB stick that I can read on every computer (windows) plus also at home under Linux. And if I would lose my USB stick, I do not want that somebody can read it  :Exclamation: 

Dmsetup comes with device-mapper, you probably have it on your computer already. If not emerge the device-mapper. You do not have to do anything with dmsetup, but you have to setup the device-mapper correctly.

This means

```
rc-update add device-mapper boot
```

To have the fellow running  :Evil or Very Mad: 

The second thing is to setup all necessary in the kernel. 

```
CONFIG_DM_MULTIPATH=y

CONFIG_DM_CRYPT=y

CONFIG_BLK_DEV_DM=y
```

I enabled all the stuff in Cryptographic API that truecrypt shows on its GUI.

So just the fine tuning remains, currently I can just mount as root not as regular user.

----------

## dye464

Hey lindegur,

right now i'm installing everything thanks for the help, i didn't had device-mapper installed.

btw. today http://en.gentoo-wiki.com/wiki/TrueCrypt got back and it's everything mentioned there  :Smile: 

Also how to mount as normal user with sudo.

----------

## ramsesxi

 *Yarik wrote:*   

> Try/test truecrypt-6.1.ebuild
> 
> https://bugs.gentoo.org/show_bug.cgi?id=245322
> 
> If somebody check it on amd64, please write result here.

 

works fine for me. Running 2.6.27-xen-r2

/Ramses XI

----------

## Yarik

I make overlay for Truecrypt.

http://code.google.com/p/yarik-overlay/

Please test.

----------

## geowapa

Hello Yarik,  Thanks for the ebuild.   I've tried your ebuild from the overlay and it builds fine on my system however truecrypt is not working for me.  I'm running 2.6.26-gentoo-r3    fuse is enabled and running.  

I get an ioctl error from the mount.  The first one I solved, so I'm posting here in the event it might help someone else. 

First the following two errors in "dmesg" 

device-mapper: table: 253:0: crypt: unknown target type

device-mapper: ioctl: error adding target to table

The problem here was I failed to build the dm-crypt device-mapper target.  Once that was fixed, I now get:

device-mapper: table: 253:0: crypt: Error allocating crypto tfm

device-mapper: ioctl: error adding target to table

Postings elsewhere suggest that the encryption type is not found in the kernel, but that does not seem to be the case here.  I've enabled all of the crypto options and rebuilt the kernel.

File properties:

 Encryption algorithm: AES

 Key size: 256 bits

 Block size: 128 bits

 Mode of operation: LRW

 PKCS-5 PRF: HMAC-RIPEMD-160

 PKCS-5 iteration count: 2000

Kernel config:

CONFIG_FUSE_FS=m

CONFIG_BLK_DEV_DM=y

CONFIG_BLK_DEV_CRYPTOLOOP=y

CONFIG_DM_CRYPT=m

CONFIG_CRYPTO=y

CONFIG_CRYPTO_ALGAPI=y

CONFIG_CRYPTO_AEAD=y

CONFIG_CRYPTO_BLKCIPHER=y

CONFIG_CRYPTO_HASH=y

CONFIG_CRYPTO_MANAGER=y

CONFIG_CRYPTO_GF128MUL=y

CONFIG_CRYPTO_NULL=y

CONFIG_CRYPTO_CRYPTD=y

CONFIG_CRYPTO_AUTHENC=y

# CONFIG_CRYPTO_TEST is not set

CONFIG_CRYPTO_CCM=y

CONFIG_CRYPTO_GCM=y

CONFIG_CRYPTO_SEQIV=y

CONFIG_CRYPTO_CBC=y

CONFIG_CRYPTO_CTR=y

CONFIG_CRYPTO_CTS=y

CONFIG_CRYPTO_ECB=y

# CONFIG_CRYPTO_LRW is not set

CONFIG_CRYPTO_PCBC=y

# CONFIG_CRYPTO_XTS is not set

CONFIG_CRYPTO_HMAC=y

CONFIG_CRYPTO_XCBC=y

CONFIG_CRYPTO_CRC32C=y

CONFIG_CRYPTO_MD4=y

CONFIG_CRYPTO_MD5=y

CONFIG_CRYPTO_MICHAEL_MIC=y

CONFIG_CRYPTO_SHA1=y

CONFIG_CRYPTO_SHA256=y

CONFIG_CRYPTO_SHA512=y

CONFIG_CRYPTO_TGR192=y

CONFIG_CRYPTO_WP512=y

CONFIG_CRYPTO_AES=y

CONFIG_CRYPTO_AES_586=y

CONFIG_CRYPTO_ANUBIS=y

CONFIG_CRYPTO_ARC4=y

CONFIG_CRYPTO_BLOWFISH=y

CONFIG_CRYPTO_CAMELLIA=y

CONFIG_CRYPTO_CAST5=y

CONFIG_CRYPTO_CAST6=y

CONFIG_CRYPTO_DES=y

CONFIG_CRYPTO_FCRYPT=y

CONFIG_CRYPTO_KHAZAD=y

# CONFIG_CRYPTO_SALSA20 is not set

# CONFIG_CRYPTO_SALSA20_586 is not set

CONFIG_CRYPTO_SEED=y

CONFIG_CRYPTO_SERPENT=y

CONFIG_CRYPTO_TEA=y

CONFIG_CRYPTO_TWOFISH=y

CONFIG_CRYPTO_TWOFISH_COMMON=y

CONFIG_CRYPTO_TWOFISH_586=y

CONFIG_CRYPTO_DEFLATE=y

CONFIG_CRYPTO_LZO=y

# CONFIG_CRYPTO_HW is not set

Any ideas what might be the problem?   4.3a works fine.   

Thanks,

George

----------

## Yarik

Hello George,

try

```
CONFIG_CRYPTO_LRW=y
```

----------

## Aquiles

I know that what you want is to have Truecrypt 6.1 but, have you considered using dmcrypt instead? Some time ago I did some tests with Truecrypt 5.x and dmcrypt and the former was considerably slower than the last (maybe that's changed by now, I don't know). Also, I think dmcrypt is better integrated into the kernel. With Truecrypt I believe you have to recompile the package after a kernel upgrade and things like this.

Anyway, use whatever you think suits better your needs. I just wanted to point out the existence of dmcrypt, in case you didn't know.

----------

## geowapa

 *Yarik wrote:*   

> Hello George,
> 
> try
> 
> ```
> ...

 

That was it!   Thank you very much.  I had avoided the "experimental" kernel code.

----------

## geowapa

 *Aquiles wrote:*   

> I know that what you want is to have Truecrypt 6.1 but, have you considered using dmcrypt instead? .....

 

I'll have to look into it.   I've used truecrypt for several years, so the primary reason I'm using it is inertia, plus it works well for what I use it for.  Thanks.

----------

## Yarik

 *geowapa wrote:*   

>  *Yarik wrote:*   Hello George,
> 
> try
> 
> ```
> ...

 

Well, I will edit wiki, when will have free time.

----------

## Yarik

Yesterday I found what truecrypt-6.1a released and source for 6.1 no longer available.

truecrypt-6.1a.ebuild available in Bugzilla and in yarik-overlay.

Please write about your experience here.

----------

## Fest

Problem when compiling 6.1a on amd64 + gcc-4.3.2.

 *Quote:*   

> /var/tmp/portage/app-crypt/truecrypt-6.1a/work/truecrypt-6.1a-source/Common/SecurityToken.h:205: error: ‘CK_FUNCTION_LIST_PTR’ does not name a type
> 
> make[1]: *** [Keyfile.o] Error 1
> 
> make[1]: *** Waiting for unfinished jobs....
> ...

 

Any suggestions ?

----------

## Yarik

 *Fest wrote:*   

> Problem when compiling 6.1a on amd64 + gcc-4.3.2.
> 
> Any suggestions ?

 

Dou you download 

```

ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11.h

ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11f.h

ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs11t.h

```

headers in /usr/portage/distfiles?

Could you post more detailed build.log?

----------

## dye464

Works perfectly on amd64 gcc-4.1.2.

Thank you Yarik.

----------

## lindegur

Dear Yarik,

I installed you overlay and emerged truecrypt from there and everything worked well  :Laughing: 

Thank you  :Exclamation: 

----------

## Fest

Yarik

Problem solved. I downloaded broken headers. After downloading them again, I re-compiled succesfuly.

Thanks for ebuild

----------

## playerxt

works great but wiki is not up do date,

1. you have to rename the distfile in truecrypt-6.1a.tar.gz

2. Add app-crypt/truecrypt in /etc/portage/package.keywords

it is advisable to combine the wiki with http://code.google.com/p/yarik-overlay/wiki/TrueCrypt

----------

## Yarik

I updated both wiki articles.

Thank you playerxt!

----------

