But my first attempt failed. I tried to create a 10GB container and my whole system locked up while zuluCrypt was writing random data to the volume. After that I just created smaller containers with greater success.
can you try to create a 10GB file with random data using dd command?
Your system should not have locked up and the problem could be on the file system level
what version of pclinuxos did you try it on?
I tried to create a 10GB volume and i did noe experience any hangs.
Creating a volume over random data is better because it hides how much data is in the volume.
You can create a container file using dd command and then create a cryptsetup volume on it using zuluCrypt-cli. Will post instructions if you want to use this work around.
At first I didn't manage to copy anything into my containers despite first having cloned the TrueCrypt line in my sudoers file an then starting zuluCrypt as root. I couldn't understand what was wrong until I noticed that "open the volume in read only mode" was ticked in the setup window. This is probably a good safety measure - but only after one has managed to move something into the container.
You are not supposed to run it from root's account, or set up sudo for it.
One of its core feature come into play when it is run from a normal user account.
"open the volume in read only mode" option is remembered so you only need to tick it once if you want your volumes to be opened in the same mode.
But I suppose I have to do some googling to find out precisely how secure the encryption is.
dm-crypt is an infrastructure in the linux kernel that deal with block device encryption,it runs in kernel space.
cryptsetup is a front end to dm-crypt,it runs in user space, demands to be started with root's privileges.
zuluCrypt is a front end to cryptsetup,i am not doing anything clever, all i am doing is take the path to the volume and a passphrase and pass them on to cryptsetup to open the volume.
cryptsetup uses 256 bit aes encryption with cbc mode.
Not having faith in zuluCrypt encryption ultimately means not having faith in the linux crypto functionality.
I can go into the technical s of how these things work if you are curious about them.