GUI for CRYPTSETUP.
Retrying. I believe my ticket was closed prematurely.
mercedes508 6 days ago
Actually we decided to move away from TrueCrypt for several reasons:
So we probably won’t be doing effort to support TrueCrypt more than what we do now in Tails.
I think I have been misunderstood. I was suggesting that a GUI be created to allow users to open encrypted containers. A simple UI that translates command line options into something graphical. Many novice users use both tails and encryption. Making it easy for them to open their drives or containers would improve usability regardless of what program they used to create them. As we both know, cryptsetup is able to open luks, truecrypt, veracrypt, and likely many other containers. This isn’t direct support for true or veracrypt. It is support for simplifying what cryptsetup is already capable of. Just because you create a checkbox that informs cryptsetup of the target container type doesn’t tell users to use true/veracrypt. It just means cryptsetup can open it. Users should spend as little time in terminal as possible. Such would only allow the initiated to benefit from the inclusion of cryptsetup. IMO tails and encryption go hand in hand. It would be unwise for a technical novice to be forced (due to difficulty opening containers via terminal) to carry around unencrypted sensitive data just to able to leak them using tails. Not cool.
#1 Updated by sajolida 2016-02-07 16:11:05
- Status changed from New to Duplicate
- Priority changed from Elevated to Normal
- Target version deleted (
- Starter deleted (
We already provide GNOME Disks to create and open encrypted volume with a graphical interface, see https://tails.boum.org/doc/first_steps/persistence/configure/.
So we’re back on debatting TrueCrypt/VeraCrypt support and mercedes pointed you to our policy regarding this.
#2 Updated by sajolida 2016-02-07 16:11:53
Sorry, the proper link is: https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/.
#4 Updated by Tonda 2016-02-08 20:11:10
I wasn’t aware of that utility. Nice!.
The reality is that many users still use truecrypt and veracrypt to encrypt their data. I fully understand that the restrictive license is incompatible with Tails policy. This doesn’t mean that Tails cannot make it easier for users to access their data. The capability of opening true/vera containers already exist in tails. I’m simply proposing that it be made easier by extending something like the Gnome utility or create a custom UI capable of opening any container type. This would be of great value to the community and cater to the diversity of the user-base.
From my previous experience (about 2 months ago), my encrypted drive did not just show up in the explorer menu. Before going into the decryption procedure I first had to jump into terminal have all the drives in my machine listed, pick out the right drive label then proceed to issue several commands. Then when done I had to jump back into terminal and issue two more commands just close and dismount my drive. I’ve on several occasions copied and pasted (for the sake of convenience and correctness) these commands only to have them fail after troubleshooting (checking commands, spelling, spacing, etc). I restart Tails and viola! It works! That might suggest a bug. I don’t know.
All of this might seem fine to the technically competent but I fear the whole procedure is leaving many users in the cold. Considering the popularity of those encryption tools, I believe it’s only fair that Tails at least make it easy to open their respected containers.
Thank you for your time. :)
#5 Updated by Tonda 2016-02-12 22:48:01
I’m sorry. Was the request and reasoning not acceptable. Wouldn’t a gui help a large portion of the TAILS user base? Have you run this by everyone or are you the only one that makes these decisions? I don’t see the problem with what I proposed. You seem very inflexible. If I can get this written will you at least consider integration? I’m uncertain if this is about the lack of time/resources or and outright disdain for anything other than dm-crypt. Please clarify without being rude.
#7 Updated by intrigeri 2016-02-13 01:03:26
I agree that what you’re asking for would be nice. We’ve ben tracking it in
Feature #6337. It is the only result I see on our Redmine when looking for open tickets and the “truecrypt” query string. I’m sorry that you didn’t find it, and that none of the people who answered you pointed you to it. Anyway: you’ll see that work is needed upstream. Help is welcome there, and as explained by mercedes508 and sajolida earlier, this is pretty low in our priorities, so better look for help elsewhere regarding adding the feature you would like to see in udisks, and then in GNOME.