How To Install VeraCrypt on Ubuntu 24.04
Introduction
VeraCrypt is an open-source encryption tool designed to safeguard sensitive data by encrypting files, directories, and storage drives. Install VeraCrypt on Ubuntu 24.04 to take advantage of its enhanced security features. Built as a successor to TrueCrypt, VeraCrypt improves upon its predecessor by addressing known vulnerabilities and ensuring compatibility with modern systems. With its advanced encryption algorithms and support for features like on-the-fly encryption, hidden volumes, and plausible deniability, VeraCrypt is trusted by both individuals and enterprises for secure data protection.
This article explains how to install VeraCrypt on Ubuntu 24.04. You will use VeraCrypt to create and access encrypted volumes using CLI and GUI methods on your workstation.
Prerequisites
Before you begin, you need to:
- Have access to an Ubuntu 24.04 instance.
Install VeraCrypt on Ubuntu 24.04
VeraCrypt is not available in the default package repositories on Ubuntu 24.04. Install the trusted Unit 193 PPA maintained to add the latest VeraCrypt package information to your APT repository sources. Follow the steps below to add the PPA to your APT repository sources and install VeraCrypt on your Ubuntu 24.04 workstation.
Update the server's APT package index.
console$ sudo apt update
Add the VeraCrypt PPA to your APT repository sources.
console$ sudo add-apt-repository ppa:unit193/encryption -y
Update the server's APT package index to apply the PPA repository changes.
console$ sudo apt update
Install VeraCrypt.
console$ sudo apt install veracrypt -y
View the installed VeraCrypt version.
console$ veracrypt --version
Output:
VeraCrypt 1.26.14
Encrypt Volumes Using VeraCrypt
VeraCrypt allows you to protect sensitive data by encrypting volumes. You can create a new encrypted volume or encrypt an external storage device. Follow the steps below to securely encrypt volumes using VeraCrypt on your Ubuntu 24.04 workstation.
Create a new
sample-dirdirectory.console$ mkdir sample-dir
Switch to the new
sample-dirdirectory.console$ cd sample-dir
Create a
randomdata.txtfile using a text editor such asnanoto generate new encryption keys.console$ nano randomdata.txt
Add the following random data to the file. Replace the example data with 320 or more characters of your desired text.
textThe quick brown fox jumps over the lazy dog near a serene lake under a golden sunset. Birds chirp in harmony while leaves rustle softly in the gentle breeze. A small wooden boat sways with ripples, carrying colorful flowers. Nearby, a child sketches the view, capturing the vibrant hues of nature in perfect tranquility. Amid the bustling city streets, a quaint café hides in a quiet alley, its aroma of freshly baked bread wafting through the air.
Save and close the file.
Run the following command to create a new
vctest.vcencrypted volume. ReplaceEnterYourPassword1!with your desired password.console$ sudo veracrypt --text --create vctest.vc --size 200M --password EnterYourPassword1! --volume-type normal --encryption AES --hash sha-512 --filesystem ext4 --pim 0 --keyfiles "" --random-source randomdata.txt
Within the above command:
--text: Specifies that the operation is performed in text mode, suitable for command-line use without a graphical interface.--create: Specifies the file or device to create the encrypted volume. For example, this command creates the volume namevctest.vc.--size: Specifies the size of the volume to be created. In this example the size of the volume in megabytesM. You can also useKfor kilobytes,Gfor gigabytes.--password: Specifies the password for the encrypted volume. Recommend to choose a password consisting of 20 or more characters but you can also create with your desired password. ReplaceEnterYourPassword1!password with your desired password.--volume-type: Specifies the volume type normal or hidden, this command creates a standard volume.--encryption: Specifies the encryption algorithm to be used. This command usesAESthe Advanced Encryption Standard is used for encrypting data. It is fast, secure, and widely supported.--hash: Specifies the hash algorithm to be used.sha-512is a cryptographic hash function used for key derivation in the encryption process.--filesystem: Formats the volume with anext4filesystem. Specifies the filesystem to format the volume so volume is portable with other operating systems such as macOS and Windows.--pim: Personal Iterations Multiplier (PIM) is a special number that allows you to specify the number of times the hashing algorithm executes. The default value is zero.--keyfiles: Specifies additional key files for added security. This command uses the password so you don't need a keyfile and pass the empty string.--random-source: Provides a file containing random data for generating the encryption keys.
The above command creates a
200MBVeraCrypt encrypted volume namedvctest.vcusing the AES encryption algorithm and SHA-512 hashing. It sets the filesystem toext4, uses a specified password, and provides a random data file for generating encryption keys. The volume type is normal, with no key files or custom PIM.Output:
Done: 100.000% Speed: 79 MiB/s Left: 0 s The VeraCrypt volume has been successfully created.
Mount the VeraCrypt Volume
Run the following command to mount the encrypted
vctest.vcvolume to the/mntdirectory.console$ sudo veracrypt --text --mount vctest.vc /mnt --password EnterYourPassword1! --pim 0 --keyfiles "" --protect-hidden no --slot 1 --verbose
Within the above command:
--mount: Specifies the Mount point where the volume will be accessible. For example/mntdirectory.--slot: Specifies the slot number to use for mounting the volume.1Mounts the volume in slot1. VeraCrypt supports multiple slots for mounting multiple volumes simultaneously.--verbose: Displays the command progress.
Output:
Volume /home/example_user/dir1/vctest.vc has been mounted.Switch to the
/mntdirectory to access the volume.console$ cd /mnt
You can now create, read, and write files within the mounted directory.
View all mounted VeraCrypt volumes and verify that the `
console$ veracrypt --list
Your output should be similar to the one below.
1: /home/linuxuser/vctest.vc /dev/mapper/veracrypt1 /mnt
Dismount VeraCrypt Volumes
Switch to your user's home directory.
console$ cd
Dismount a volume using its filename. For example, dismount the
vctest.vcvolume.console$ sudo veracrypt --dismount vctest.vc
--dismount: Dismounts all mounted VeraCrypt volumes, ensuring data security when not in use.Dismount the volume using its mount directory such as
/mnt.console$ sudo veracrypt --dismount /mnt
Dismount a volume using its slot number (Alternative method).
console$ sudo veracrypt --text --dismount --slot 1
Dismount all mounted volumes.
console$ sudo veracrypt --dismount
List all mounted volumes to verify the changes.
console$ veracrypt --list
Output:
Error: No volumes mounted.
You can access VeraCrypt on an Ubuntu 24.04 desktop workstation using its graphical user interface (GUI) application. This method provides a more intuitive experience for creating volumes without running CLI commands. Follow the steps below to open VeraCrypt on your Ubuntu 24.04 desktop and create encrypted volumes.
Click the Applications menu and open VeraCrypt from the list of options.
Click Create Volume within the VeraCrypt interface.
Select Standard VeraCrypt Volume (normal encryption) or Hidden VeraCrypt Volume (concealed encryption) to create.
Click Select File to choose a location to store the encrypted volume.
Navigate to your desired directory enter a name, such as
MyDatato assign the volume file and click Save.Verify the volume path and click Next.
Select your desired encryption algorithm, such as
AES, and a hash algorithm such asSHA-512.Click Next to proceed to specify the volume size.
Enter your desired encrypted volume size and Click Next.
Enter a strong password to encrypt the volume. In addition, enable PIM (Personal Identification Module) to configure additional protection.
Enter your desired PIM value. A default value of
0implies 458 iterations for header key generation.
Select your desired file system format to assign the volume. For example,
FAT,NTFS, orexFAT.Move your mouse randomly within the window to generate a cryptographic key and click Format.
Click Close to quit the volume creation wizard.
Click Select File and choose the encrypted volume within the main VeraCrypt interface.
Click Mount, and enter the volume password when prompted to mount it.
Verify that the mounted volume is available and ready to use in the VeraCrypt window.
Optional: Uninstall VeraCrypt on Ubuntu 24.04
Follow the steps below to uninstall VeraCrypt on Ubuntu 24.04 if required.
Uninstall VeraCrypt.
console$ sudo apt autoremove veracrypt -y
Remove the VeraCrypt PPA from your APT repository sources.
console$ sudo add-apt-repository --remove ppa:unit193/encryption -y
Update the server's APT package index to apply the changes.
console$ sudo apt update
Conclusion
You have successfully installed VeraCrypt Ubuntu 24.04 and encrypted volumes using the CLI and GUI methods. VeraCrypt enhances data security by allowing you to encrypt files, directories, and drives to securely access them on your workstation. For more information and configuration options, visit the VeraCrypt documentation.