Truecrypt woes

Background

Solving disk problems is a little more complicated when devices are encrypted. You need to keep in mind that a filesystem on an encrypted device can’t be seen unless the device is decrypted. Here is a few problems I’ve come in touch with, together with solutions that have worked for me.

Error unmounting a volume

Error message which may occur when trying to unmount truecrypt volume:

device-mapper: create ioctl failed: Device or resource busy

 

Trying to remove the volume with cryptsetup gives a similar message:

sudo cryptsetup remove /dev/mapper/truecrypt1
Device /dev/mapper/truecrypt1 is busy.

 

As the error messages implies, something is keeping the volume open. If lsof doesn’t show anything, it might be an active NFS export keeping it busy.

sudo /etc/init.d/nfs-kernel-server stop
* Stopping NFS kernel daemon                                          [ OK ]
* Unexporting directories for NFS kernel daemon...                    [ OK ]

Try removing again with cryptsetup.

 

Error mounting a volume

If the unmount was done incorrectly, perhaps due to a power-failure, the filesystem is dirty and needs to be checked with fsck. This should be done with the filesystem unmounted. You still need to provide the password to open the volume, but you must tell truecrypt not to mount it.

On the command-line this is done with the following command:

truecrypt --filesystem=none /dev/sdx

To accomplish the same thing in the graphical environment, you need to check the Do not mount option, as seen in this picture:

Truecrypt; Do not mount option

 

Now it’s possible to fsck the volume:

sudo fsck /dev/mapper/truecrypt1

 

You now need to detach the volume, so you can open/mount it:

sudo truecrypt -d /dev/sdx

 

Finally you can mount the volume again in the usual manner.

truecrypt /dev/sdx /your/path

 

This entry was posted in Linux and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *