NTFS formatted truecrypt volumes

I have an encrypted USB drive that I use both with Linux, Mac and MS Windows based systems. The most portable filesystem to use for such a situation is NTFS (FAT has too many limitations and getting a Windows machine to read/write any non M$ filesystem is too much of a hassle.

The most portable disk encryption that I know of is Truecrypt, so that is what I use to encrypt the disk (this Howto is based on version 7.1a).

The Linux version of Truecrypt, however, does not support the creation of NTFS formatted volumes out of the box. You need a couple of addional steps for that. First create a new Truecrypt volume to your liking, but select 'none' as the filesystem type.

After the volume has been created (which can take up to a few hours for a large disk), manually create the NFTS filesystem. This can only be done from the commandline. First map the new volume on a device node:

$ truecrypt --filesystem=none /dev/sdc2
Enter password for /dev/sdc2:
Enter keyfile [none]:
Protect hidden volume (if any)? (y=Yes/n=No) [No]:
Enter your user password or administrator password:

Now validate that the virtual device is present:

$ truecrypt -v -l
Slot: 1
Volume: /dev/sdc2
Virtual Device: <strong>/dev/mapper/truecrypt1</strong>
Mount Directory:
Size: 736 GB
Type: Normal
Read-Only: No
Hidden Volume Protected: No
Encryption Algorithm: AES
Primary Key Size: 256 bits
Secondary Key Size (XTS Mode): 256 bits
Block Size: 128 bits
Mode of Operation: XTS
PKCS-5 PRF: HMAC-RIPEMD-160
Volume Format Version: 2
Embedded Backup Header: Yes

Create the filesystem (if you do not specify the -f option, mkfs.ntfs will first fill the complete volume with zero's, which is quite useless on a freshly encrypted volume):

$ sudo mkfs.ntfs -f -L TRUECRYPT /dev/mapper/truecrypt1
[sudo] password for michielf:
Cluster size has been automatically set to 4096 bytes.
Creating NTFS volume structures.
mkntfs completed successfully. Have a nice day.

This completes the procedure. You can now use the disk on any Linux, Mac or Windows machine with Truecrypt installed.

Comments

I tried to make an encrypted

I tried to make an encrypted USB drive but I failed to do so. I just liked to make my system secure. I need guidance.

I loved FAT system. FAT is

I loved FAT system. FAT is better in so many ways. NTFS is good if there is any networking or anything similar to networking.

FAT is not better than NTFS

FAT is not better than NTFS in any way. FAT does not support NTFS features like journaling, quota, encryption on the fly (EFS), security permissions and large volume size for example.