Encryption with VeraCrypt
Backup and Recovery
Now is a good time to think about backing up the contents of your hard disk. If something goes wrong with the encryption process, you will want to keep a backup of your files in order to be able to restore the system. The files can (or should) of course also be stored on an encrypted data carrier that can be easily mounted by a booted system.
Next, select whether you have one or several operating systems installed on your data carrier. Then click Next and set the encryption parameters as described above. You are then taken to the PIN entry screen. Of course, you cannot select any files here, because you do not have access to the hard disk at system boot time.
VeraCrypt sets the keyboard layout to English when you enter the password. This is because only the BIOS settings are available at boot time before the operating system possibly adopts your choice of keyboard layout. You need to take this into account, especially if you want to use nonstandard characters in your password. You will normally have an English keyboard layout, but to be on the safe side and make sure that the BIOS is not playing tricks on you with a country-specific language setting, it is a good idea to display the password so that you can enter the password with your local keyboard layout in case of an emergency.
VeraCrypt also lets you create your own VeraCrypt rescue medium. This helps you to repair a defective VeraCrypt bootloader and also – with the correct password, of course – to permanently decrypt the system partition again, for example, to repair a defective Windows system. You need to burn the ISO image you create to a CD/DVD or transfer it to a USB stick. If you encrypt several systems with VeraCrypt, you will need an individual rescue medium for each system.
Before the encryption process starts, you need to define the delete options for the existing system files. You can overwrite files multiple times to prevent an attacker from restoring them – even after overwriting the free disk areas with the encrypted volume. Now take note of the recovery instructions and warnings before starting the obligatory pre-test. The computer reboots and Windows launches again after you enter the password. VeraCrypt displays a success message for the test after the reboot.
Click on Encrypt and say yes to warning prompts. The encryption process then starts. You will need some patience, depending on the size of your data carrier. Once the process has completed, you can close the dialog box and will see your system partition mounted in the drive overview. Of course, you cannot eject the drive. To protect your data, shut down the system.
After restarting, you will be prompted to enter the key. Remember that you must type the key with an English keyboard layout. In addition to the password, you will be asked to enter a PIM if you set one. If you have not set a PIM, you can simply press Enter to confirm, otherwise you need to enter the correct value here. The operating system then boots in the usual way, and you can work with virtually no loss of performance.
Conclusions
Encrypting data, especially on mobile devices, is essential in the corporate environment. As an alternative to BitLocker, VeraCrypt offers a sophisticated approach to encrypting data carriers. It protects USB memory sticks, hard disks, and your system partition (though only when the computer is switched off or not connected). Hidden volumes also give users the ability to credibly deny the existence of any such volumes, should someone attempt to force you to hand over your data.
With the steps covered in this article, you can encrypt your computer with VeraCrypt. Keep in mind, however, that secure passwords are an important security aspect.
Infos
- BitLocker: https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/
- TrueCrypt: https://truecrypt.sourceforge.net/
- E4M: https://en.wikipedia.org/wiki/E4M
- VeraCrypt download: https://www.veracrypt.fr/en/Downloads.html
- VeraCrypt on GitHub: https://github.com/veracrypt/VeraCrypt
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.
-
Plasma Desktop Will Soon Ask for Donations
The next iteration of Plasma has reached the soft feature freeze for the 6.2 version and includes a feature that could be divisive.
-
Linux Market Share Hits New High
For the first time, the Linux market share has reached a new high for desktops, and the trend looks like it will continue.
-
LibreOffice 24.8 Delivers New Features
LibreOffice is often considered the de facto standard office suite for the Linux operating system.
-
Deepin 23 Offers Wayland Support and New AI Tool
Deepin has been considered one of the most beautiful desktop operating systems for a long time and the arrival of version 23 has bolstered that reputation.
-
CachyOS Adds Support for System76's COSMIC Desktop
The August 2024 release of CachyOS includes support for the COSMIC desktop as well as some important bits for video.
-
Linux Foundation Adopts OMI to Foster Ethical LLMs
The Open Model Initiative hopes to create community LLMs that rival proprietary models but avoid restrictive licensing that limits usage.
-
Ubuntu 24.10 to Include the Latest Linux Kernel
Ubuntu users have grown accustomed to their favorite distribution shipping with a kernel that's not quite as up-to-date as other distros but that changes with 24.10.
-
Plasma Desktop 6.1.4 Release Includes Improvements and Bug Fixes
The latest release from the KDE team improves the KWin window and composite managers and plenty of fixes.
-
Manjaro Team Tests Immutable Version of its Arch-Based Distribution
If you're a fan of immutable operating systems, you'll be thrilled to know that the Manjaro team is working on an immutable spin that is now available for testing.