Jason Leveille's Blog

The following post will provide a quick (aka, lacking detail and description) guide for securely mounting an encrypted remote TrueCrypt file as a local directory. If you need more information, feel free to leave a comment with your question(s) and I'll do my best to get back to you.

Why?

Do you have sensitive files that you want protected and accessible from a central location? Cool. So do I.

Materials

• I performed these steps on 3 Ubuntu 9.04 machines. Your mileage may vary.
• A remote server that you have SSH/SFTP access to.

Resources

• Embrace Ubuntu
• Ubuntu Forums

On Your Remote Machine

• Log into your remote machine and create a directory (that you will eventually mount)

On Your Local Machine

• Install sshfs

    sudo apt-get install sshfs

• Create a directory that will serve as the local mount point for your remote directory

    mkdir ~/dirname

• Check to see if you can mount a remote directory locally

    sshfs your.remote.ip.address:/remote/directory/to/mount ~/dirname

• Check your desktop to see if you see the mount point. Double click it and create a file w/in the mount point. Visit your remote server and see if the file is there.

• For now, dismount the directory

    fusermount -u ~/dirname

The good stuff. Mounting an encrypted TrueCrypt file as a local directory.

• Specify user_allow_other in fuse.conf

    sudo vi /etc/fuse.conf

• Add the following line to the end of the configuration file:

    user_allow_other

• On 2 different machines I had to restart Ubuntu (in order for the upcoming steps in this guide to work). You may have to do the same.
• Mount your remote directory, but this time specify the allow_other directive (man sshfs for more information)

    sshfs your.remote.ip.address:/remote/directory/to/mount ~/dirname -o allow_other 

• Download and install TrueCrypt. Installation should be pretty painless. Leave a comment here if you experience otherwise.
• Navigate to Applications >> Other >> TrueCrypt ... click it. Proceed with the following steps:
  1. Create Volume
  2. Create an encrypted file container
  3. Standard TrueCrypt volume
  4. Select file, navigate to your local mount point, and enter a name (any name your heart desires)
  5. Click Save, followed by Next
  6. Leave the Encryption Algorithm and Hash Algorithm on their defaults (unless you don't want to). Click Next
  7. Specify the volume size and click Next
  8. Enter a strong password and click Next
  9. Select a FileSystem type of Linux Ext3 and click Next
  10. If you will mount the file on other platforms (such as Windows) select the first option, otherwise select the second. Click Next
  11. Randomly move your mouse and click format
  12. Enter your local system administrator password when prompted
  13. Finally, at the "Volume Created" window, click Exit
• Now, at the main TrueCrypt window, click the "Select File" button
• Navigate to your mount point and select the TrueCrypt volume you just created

• Once selected, click the "Mount" button

• When prompted, enter the TrueCrypt volume password you entered when creating the encrypted volume

• Take a look at your desktop. If this has worked for you, you should see a mount point for your remote directory, as well as a mount point for your TrueCrypt volume. Add a file to the TrueCrypt container and poke around a little bit.

• When you are done, be sure to Dismount your mounted TrueCrypt volume. This can be done by visiting the main TrueCrypt window and selecting the "Dismount" button

Commands (For Quick Reference)

Mount a remote directory

    sshfs your.remote.ip.address:/remote/directory/to/mount ~/dirname -o allow_other

Dismount the remote directory

    fusermount -u ~/dirname