TrueCrypt on Fedora Linux

Update 2015: Support and development of TrueCrypt have, of course, now ended, although an independent audit of TrueCrypt revealed no severe security problems. I’d suggest the TrueCrypt fork VeraCrypt as a replacement.

Note: I’m using Fedora 19 here. Results will vary on different versions.

If you’re trying to run the TrueCrypt virtual disk encryption software on your Fedora desktop — or Realcrypt, the renamed version from the RPMFusion repos — you may be getting a series of error messages:

Failed to obtain administrator privileges. Sorry, you must have a tty to run sudo. Newer versions of sudo automatically determine whether a terminal is required. ('requiretty' option is obsolete).

Open up a terminal window, run visudo and comment out the requiretty line:

#Defaults    requiretty

Entering your password again, you get another error message:

Failed to obtain administrator privileges: [your username] is not in the sudoers group. This incident will be reported. 

To give yourself sudo rights, add yourself to the wheel group:

$ usermod [your_username] -a -G wheel

(You’ll need to log out and log back in for any permissions change to take effect.)

So now you’re all set, right? No, you fire up TrueCrypt and try to mount your archive again, only to be confronted with this:

Failed to set up a loop device: /path/to/truecrypt/archive

In Linux, a loop device permits a file that simulates a physical storage device (e.g., an archive file like a CD-ROM image, or TrueCrypt volume) to be accessed like a real storage device (e.g., a hard disk or USB stick). That way you can browse the archive and perform file operations on it just like you would your /root and /home volumes. But each loop device has to be mounted on your filesystem like any other storage device, usually as /dev/loop0, /dev/loop1, and so forth.

Version 3 of the Linux kernel added a new loop-control device that allows for dynamically creating and destroying loop devices as needed in /dev/. The loop-control device lives at /dev/loop-control.

But since loop-control is a relatively new feature, any application that hasn’t been updated to call the loop-control hook won’t be able to create a new loop device if needed. And since TrueCrypt hasn’t seen a major new release in almost two years — and its last release wasn’t too long after kernel 3 — it’s unaware of /dev/loop-control.

So for now you can manually create a loop device for TrueCrypt to use:

$ mknod -m 0660 /dev/loop0 b 7 0

Finally, you can fire up TrueCrypt, open your archive, and enter your passwords normally.


Leave a Reply

Your email address will not be published. Required fields are marked *