The Alternatives<\/h2>\n
Luckily, there are a few alternatives to Truecrypt. The direct successor of Truecrypt was Veracrypt<\/a>, made by a group of developers who took the source code from Truecrypt and kept it updated.<\/p>\n The project has since grown into an impressive standalone system, but is now showing its age. Old systems, and especially those that deal with security, can only be updated so many times without introducing vulnerabilities.<\/p>\n For this reason, among many others, it\u2019s worth looking a bit further afield for encryption software. My choice would be Tomb.<\/p>\n In some ways, Tomb is pretty similar to other encryption software. It stores encrypted files in dedicated \u201cTomb Folders\u201d, allowing you to quickly see which files you have encrypted.<\/p>\n It also uses a similar encryption standard to Veracrypt, AES-256<\/a>. This standard is Applied by everyone from the NSA to Microsoft to Apple, and is regarded as one of the most secure encryption ciphers available. If you\u2019re new to encryption, it\u2019s worth reading a bit of the background behind the technology<\/a>, but if you just want fast, secure encryption, don\u2019t worry: Tomb will deliver.<\/p>\n There are a couple of big differences with Tomb. The first is that it has been developed specifically for GNU\/Linux systems, cutting out some of the compatibility issues of broader encryption software.<\/p>\n The second is that, although Tomb is open source, it makes use of statically linked libraries so that its source code is hard to audit. That means that it is not considered free by some OS distributors, but when it comes to security software this is actually a good thing: it means that Tomb is less likely to be hacked than completely \u201cfree\u201d software.<\/p>\n Lastly, it has several advanced features like steganography<\/strong>, which allows you to hide your key files within another file. And though Tomb is primarily a command-line tool, it also comes with a GUI interface, gtomb, which allows beginners to use it graphically.<\/p>\n Sold? Well, before I take you through how to use Tomb, it\u2019s worth noting that no encryption software can offer total protection. Tomb will not hide your online computing from your ISP, and nor does it protect files stored in the cloud. If you want to fully encrypt cloud storage, you\u2019ll need to log into your preferred storage service using the Tor browser and a zero-logging VPN. There are plenty of options available here, but Trust Zone<\/a> is a good browser, and Tinc<\/a> is a good VPN tool.<\/p>\n All that said, if you are looking for fast, easy, secure encryption for Ubuntu 16.04, Tomb is undoubtedly the way to go. Let\u2019s get you started.<\/p>\n Because Tomb was made especially for Linux, install is super easy.<\/p>\n A couple of years back, the guys over at SparkyLinux (which is a pretty good Debian derivative in its own right) added Tomb to their official repositories. You can install it on your Ubuntu system by adding these repositories.<\/p>\n To do this, open a terminal and add a repository file:<\/p>\n sudo vi \/etc\/apt\/sources.list.d\/sparky-repo.list<\/p>\n And then add the following lines to the file:<\/p>\n Save and close that file.<\/p>\n You now need to install the Sparky public key, using either:<\/p>\n Or:<\/p>\n You then need to update your repositories, using the standard command:<\/p>\n And then simply install Tomb using apt:<\/p>\n If you want the GUI, install is just as easy. Just use apt to install gtomb:<\/p>\n And that\u2019s it: you should now have a working version of Tomb installed. Let\u2019s look at how to use it.<\/p>\n Tomb is primarily a command line tool, so I\u2019ll cover this usage first. If you are not comfortable with using a terminal, you can skip this section and look below.<\/p>\n Actually, scratch that. If you\u2019ve never used the command line before, Tomb is a great place to start, because it uses simple commands and there is little chance of you messing something up as long as you are careful.<\/p>\n Tomb actually uses a pretty amusing set of commands, all graveyard-themed. Each encrypted folder is referred to as a \u201ctomb\u201d, and (as I\u2019ll come to shortly) they can be worked with using similarly Gothic commands.<\/p>\n First, let\u2019s make a new tomb. You can specify the name and the size of your new tomb, so let\u2019s use \u201cTomb1\u201d, and make it 100mb.<\/p>\n You need root privileges, so open a terminal and type (or copy):<\/p>\n This should give you output similar to:<\/p>\n As the output helpfully states, you now need to create a keyfile to lock your tomb:<\/p>\n If, at this point, you get an error that mentions \u201can active swap partition\u201d, you need to deactivate all of your active swap partititions:<\/p>\n And then run the keyfile command above.<\/p>\n It might take a few minutes to generate a keyfile, depending on the speed of your system. After it is done, however, you\u2019ll be asked to enter a new password to secure the key:<\/p>\n Enter it twice, and your new keyfile will be made.<\/p>\n You now need to lock your tomb using your new key. You can do this like this:<\/p>\n You will be asked to enter your password. Do this, and you should get something like the following output:<\/p>\n Now everything is set up, you can start using your new tomb.<\/p>\n A note here: because I\u2019m just showing you what to do, I\u2019ve stored my key and tomb in the same directory (in this case $HOME). You shouldn\u2019t do this \u2013 store your key somewhere else, preferably where no-one but you is going to find it.<\/p>\n You\u2019ll need to remember where you stored it, however, because you need it to unlock your tomb. To do this, enter:<\/p>\n Enter your password, and you should be in. Tomb will generate something like:<\/p>\n And then you should see your new tomb, mounted in the finder window.<\/p>\n You can now save and open files from the tomb, but note that you will need root privileges in order to do so.<\/p>\n To unmount your tomb after you have finished using it, close it by using:<\/p>\n Or, if you want to force close all open tombs, you can use:<\/p>\n If you are uncomfortable using the command line, or simply just want a graphical interface, you can use gtomb. Unlike a lot of GUI wrappers, gtomb is pretty straightforward to use.<\/p>\n Let\u2019s look at how to set up a new tomb using gtomb. First, launch gtomb from the Menu. It will probably look like this:<\/p>\n Everything is pretty self-explanatory, but for the sake of completeness I\u2019ll run through how to set up your first tomb.<\/p>\n To start, click on the first option, \u201cdig\u201d. Click OK, and then choose a location.<\/p>\n Next, enter the size of your tomb:<\/p>\n You\u2019ve now got a new tomb, but you need to make a key before you can use it. To do this, click \u201cforge\u201d from the main menu:<\/p>\nWhy Tomb?<\/h2>\n
Installing Tomb on Ubuntu 16.04<\/h2>\n
deb https:\/\/sparkylinux.org\/repo stable main\ndeb-src https:\/\/sparkylinux.org\/repo stable main\ndeb https:\/\/sparkylinux.org\/repo testing main\ndeb-src https:\/\/sparkylinux.org\/repo testing main<\/pre>\n
sudo apt-get install sparky-keyring<\/pre>\n
wget -O - https:\/\/sparkylinux.org\/repo\/sparkylinux.gpg.key | sudo apt-key add -<\/pre>\n
sudo apt-get update<\/pre>\n
sudo apt-get install tomb<\/pre>\n
sudo apt-get install gtomb<\/pre>\n
Using Tomb<\/h2>\n
Using Tomb Through The Command Line<\/h3>\n
sudo tomb dig -s 100 Tomb1.tomb<\/pre>\n
tomb . Commanded to dig tomb Tomb1.tomb\ntomb (*) Creating a new tomb in Tomb1.tomb\ntomb . Generating Tomb1.tomb of 100MiB\n100 blocks (100Mb) written.\n100+0 records in\n100+0 records out\n-rw------- 1 Tomb1 Tomb1 100M Jul 4 18:53 Tomb1.tomb\ntomb (*) Done digging Tomb1\ntomb . Your tomb is not yet ready, you need to forge a key and lock it:\ntomb . tomb forge Tomb1.tomb.key\ntomb . tomb lock Tomb1.tomb -k Tomb1.tomb.key<\/pre>\n
sudo tomb forge Tomb1.tomb.key<\/pre>\n
sudo swapoff -a<\/pre>\n
![\"\"](\"https:\/\/afaghhosting.net\/blog\/wp-content\/uploads\/2018\/01\/how-to-encrypt-files-with-tomb-on-ubuntu-16-04-lts.png\" "\\"\\"")
<\/a><\/p>\nsudo tomb lock Tomb1.tomb -k Tomb1.tomb.key<\/pre>\n
tomb . Commanded to lock tomb Tomb1.tomb\n\n[sudo] Enter password for user Tomb1 to gain superuser privileges\n\ntomb . Checking if the tomb is empty (we never step on somebody else's bones).\ntomb . Fine, this tomb seems empty.\ntomb . Key is valid.\ntomb . Locking using cipher: aes-xts-plain64:sha256\ntomb . A password is required to use key Tomb1.tomb.key\ntomb . Password OK.\ntomb (*) Locking Tomb1.tomb with Tomb1.tomb.key\ntomb . Formatting Luks mapped device.\ntomb . Formatting your Tomb with Ext3\/Ext4 filesystem.\ntomb . Done locking Tomb1 using Luks dm-crypt aes-xts-plain64:sha256\ntomb (*) Your tomb is ready in Tomb1.tomb and secured with key Tomb1.tomb.key<\/pre>\n
sudo tomb open Tomb1.tomb -k path\/to\/your\/Tomb1.tomb.key<\/pre>\n
tomb (*) Success unlocking tomb Tomb1\ntomb . Checking filesystem via \/dev\/loop0\nfsck from util-linux 2.27.1\nTomb1: clean, 11\/25168 files, 8831\/100352 blocks\ntomb (*) Success opening Tomb1.tomb on \/media\/Tomb1<\/pre>\n
sudo tomb close<\/pre>\n
sudo tomb slam all<\/pre>\n
Using Tomb Through The GUI<\/b><\/h3>\n
![\"\"](\"https:\/\/afaghhosting.net\/blog\/wp-content\/uploads\/2018\/01\/how-to-encrypt-files-with-tomb-on-ubuntu-16-04-lts-1.png\" "\\"\\"")
<\/a><\/p>\n![\"\"](\"https:\/\/afaghhosting.net\/blog\/wp-content\/uploads\/2018\/01\/how-to-encrypt-files-with-tomb-on-ubuntu-16-04-lts-2.png\" "\\"\\"")
<\/a><\/p>\n
![\"\"](\"https:\/\/afaghhosting.net\/blog\/wp-content\/uploads\/2018\/01\/how-to-encrypt-files-with-tomb-on-ubuntu-16-04-lts-3.png\" "\\"\\"")
<\/a><\/p>\n