Archive for May, 2009
Automatically loading a truecrypt share at startup
I’m toying with the idea of moving all of my data into the cloud, or rather, keeping all of my data dropbox so that I can access if from 2 different machines and have those changes synced without thinking, and so that I’m less dependent on any single piece of hardwire.
However, although I want some data to be present on all the machines I use, I don’t want all data to be present on every machine I use, and I don’t think I can easily have several dropbox shares.
One solution is to keep some of the data in a truecrypt volume which is automatically mounted on some machines but not on others.
For this purpose I adapted the following bash init script from here. This takes a truecrypt file, reads a password from disk and mounts the file in my home directory. I’m suspicious that there might be problems with conflicts when dropbox updates the truecrypt file whilst it is already mounted… but we’ll see. (dropbox has version control so I should be moderately safe).
Note that this approach may place your volume password into the list of processes – so you might prefer not to use this on shared machines. Also, you probably would want to change the umask and the owner of the share.
#!/bin/bash # # /etc/rc.d/init.d/truecrypt # # Mounts the /home partition with truecrypt. # # chkconfig: 2345 90 10 # description: Truecrypt # processname: truecrypt [ -x /usr/bin/truecrypt ] || (echo "truecrypt can't be found" ; exit 1) RETVAL=0 prog="truecrypt" desc="Truecrypt" start() { echo -n "Mounting encrypted volume..." uid=$(cat /etc/passwd | grep moment | cut -d ':' -f 3) truecrypt -t --fs-options='umask=000,user' --non-interactive VOLUMNE_FILE VOLUME_MOUNT_POINT -p "$(cat PASSWORD_FILE)" RETVAL=$? [ "$RETVAL" == "0" ] || (echo "FAIL" ; exit 1) echo "OK" } stop() { echo -n "Unmounting encrypted volume..." truecrypt -t -d /home/moment/cryptshare RETVAL=$? if [ "$RETVAL" == "0" ]; then echo "OK"; else echo "FAIL"; fi; } case "$1" in start) start ;; stop) stop ;; restart) stop start RETVAL=$? ;; condrestart) [ -e /var/lock/subsys/$prog ] && restart RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart}" RETVAL=1 esac exit $RETVAL
Not sure whether this is a good use of time…