Truecrypt on OpenSolaris

Recently I've been playing around with TrueCrypt on Solaris. TrueCrypt is a cross-platform (Linux, MacOS, Windows, FreeBSD) application which provides disk encryption. On the non-windows platforms it uses FUSE.

As I've been involved with getting FUSE ported to OpenSolaris and work on security technologies for Sun it seemed to be a suitable project. Porting TrueCrypt to Solaris hasn't been entirely straightforward.

Apart from all the usual issues with OS specific code, TrueCrypt is also a C++ application which uses wxWidgets. Luckily for me wxWidgets is now included in later builds of OpenSolaris so I didn't need to port that, unluckily for me the GNU C++ compiler ABI and the Solaris C++ compiler ABI are incompatible which meant that I had to port TrueCrypt to SunStudio. Not only had I to contend with TrueCrypt but FUSE on Solaris is also relatively immature and I hit a number of issues (including panics) when trying to make FUSE and TrueCrypt work well together. The relevant FUSE bugs (fixed a week or two ago) are 4067, 3523 and 6441.

The port is by no means finished, in fact there are still some major problems but I have managed to get as far as creating a new volume, mounting that volume and reading and writing data. Here's a screen-shot:

Comments:

Thanks for this info. I'm really looking forward to being able to install a working Truecrypt port/package for OpenSolaris! This will mean I can finally use my OpenSolaris laptop without having to run a VirtualBox with Windows XP so I can access all my old TrueCrypt volumes!

Posted by Nick on March 03, 2009 at 07:49 AM CST #

Is the intention to use TrueCrypt as is for vol management and cross platform support etc. or integrate it into zfs?

Posted by Aaron on March 09, 2009 at 06:26 AM CDT #

Keep up the good work! I'm really looking forward to this so I can get rid of my Ubuntu virtual machine.

Posted by Dave on March 10, 2009 at 02:36 AM CDT #

Aaron:
There is no currently no official plan for TrueCrypt. So far I've been working on this in my "spare" time. Saying that however, I would be extremely surprised if we were to integrate this into ZFS. ZFS with native crypto support is coming soon. The main advantage I see for TrueCrypt is that it that it is works on many platforms (MacOS, Linux, Windows, FreeBSD).

Posted by Mark Phalan on March 15, 2009 at 11:43 PM CDT #

We are using Truecrypt due to its cross platform nature extensively and a port to Opensolaris (my Desktop platform of choice) would be a real help. That would do away with the need of running a VM in order to access the data on the USB keys. I'd also offer to be a BETA tester should you decide you need a BETA site. Thanks for the work!

Posted by Andreas Pleschutznig on March 16, 2009 at 12:43 AM CDT #

I would also be interested in being a Beta tester.

Posted by Paul Harper on March 28, 2009 at 05:58 PM CDT #

Hi

Very interesting article. Could you please tell us how you installed truecrypt?

I want so badly to get truecrypt in Open Solaris.
Can you tell us step by step how you did it?

Posted by Goliath on April 08, 2009 at 06:28 AM CDT #

I would also be interested in being a Beta tester, especially on 2009.06 brand new release.

Posted by Daniel Popiniuc on June 03, 2009 at 05:32 PM CDT #

Keep up the good work - TrueCrypt on OpenSolaris would be awesome!

Posted by Steve on June 21, 2009 at 05:07 PM CDT #

I also want to beta test this on opensolaris. I use truecrypt on windows and linux, and would LOVE to have it on OpenSolaris. Let us know when we could help test partially working betas.

Posted by Neal Pollack on July 07, 2009 at 09:16 AM CDT #

I'm really interested in how far the progress with the port of TrueCrypt for OpenSolaris actually is?
Is there something you can say about how stable the recent version is?
Do you think it will be possible to use this OpenSolaris TrueCrypt port as a binary under Solaris 10?

Posted by Felix on October 13, 2009 at 08:37 PM CDT #

The port of TrueCrypt has not been worked on basically since this blog post. Most of the problems I ran into were related to the FUSE port to Solaris - particularly the lack of direct_io. Until we improve FUSE on Solaris TrueCrypt won't be viable there.
There is no port of FUSE for Solaris to S10 and I doubt that anyone is working on it or planning it.

Posted by Mark Phalan on October 13, 2009 at 09:58 PM CDT #

Hello, Mark.

Have there been any updates to OpenSolaris FUSE and TrueCrypt in particular since the last comment? Some turbulent 4 months have passed, but perhaps somebody had time to improve things? :)

Posted by Jim Klimov on February 01, 2010 at 09:11 PM CST #

Hi Jim,

No updates. In fact it seems that FUSE on Solaris is basically dead as it has no-one working on it with any regularity. I hope that at some point we'll see a userspace filesystem framework for Solaris (maybe FUSE maybe something different) which will allow TrueCrypt to work.

Posted by Mark Phalan on February 02, 2010 at 07:29 PM CST #

I'm desperate to get this working as I have a number of client requirements that require cross-platform encrypted containers. Are you able to release patches or even a tarball of the modified source? Getting it to build under Sun Studio is giving me headaches :-( Thanks!

Posted by Tom Kranz on July 01, 2010 at 10:08 PM CDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

mbp

Search

Categories
Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today