How to Encrypt Linux Partitions with VeraCrypt on Ubuntu

If you have sensitive data on your computer, it should be protected by encryption. Because without encryption, that data will be viewable and accessible to everyone that has access to your system. So instead of leaving the data wide open for everyone, why should not hide it using encryption. Encryption is important in transmission as well as for storage of data. Encryption modifies the information to make it unreadable by everyone except those having a key to convert the information back to its original and readable form.

With Linux, there are several options to add encryption. VeraCrypt is an open source tool for encrypting a file, folders, and entire partition. This tool is quite easy to use. It is not only available for Linux but also for Windows and Mac OS. In this article, I will show you how to encrypt a partition in Linux using a VeraCrypt.

For this article, I am using Ubuntu 18.04 LTS for describing the procedure.

Download VeraCrypt

VeraCrypt can be downloaded from VeraCrypt website downloads page. Make sure to download the file specified for Linux.

Install VeraCrypt on Ubuntu

Open file manager. On the right-pane, click on Downloads. Then locate the downloaded VeraCrypt setup. Right-click on archived setup and select Extract Here option.

Extract Veracrpyt archive

Double click on the extracted folder to open it. In this new folder, right click on blank space then click on Open in Terminal. Alternatively, you can use the cd command to navigate to the extracted folder.

Open in Terminal

In the extracted setup folder, there is an option to use either the GUI or command line setup to install VeraCrypt. Also, there are 32-bit and 64-bit setup. You can choose the option depending upon the requirements of your system.

To install VeraCrypt, run the following command:

$ ./veracrypt-1.2.3-setup-gui-x64

In the GUI setup, click on Install VeraCrypt.

Start Veracrypt installer

Accept terms and conditions by clicking on I accept and agree to be bound by the license terms.

Accept Terms and Conditions

To start the installation, click Ok.

Start Installation

The installation will start in a separate Terminal window. If prompted for the sudo password, enter the password. When the installation completes, press Enter to exit the window.

Verycrypt Installation Finished successfully

Launch VeraCrypt

You can launch the newly installed VeraCrypt application from Terminal or from Dash menu.

Launch Veracrypt

Encrypt partitions using VeraCrypt

There are two options for creating an encrypted volume using VeraCrypt:

  • Encrypted file container: It generates a virtual encrypted disk within a file.
  • The encrypted volume within a partition or drive: It encrypts an existing hard drive, hard drive partition, or an external disk.

Here are the steps towards encrypting a partition:

  1. Create an encrypted volume
  2. Mount encrypted volume
  3. Dismount the encrypted volume

Now we will perform these steps one by one:

Step 1: Create an encrypted volume

In VeraCrypt application window, click on Create volume.

Create an encrypted volume

In VeraCrypt Volume Creation Wizard, select Create a volume within a partition /drive, then click on Next.

VeraCrypt Volume Creation Wizard

In Volume Type window, there are two options, one creates standard VeraCrypt volume, and others create hidden VeraCrypt volume. Select the volume type and click Next.

standard VeraCrypt volume

Now in the Volume Location screen, click on Select Device. Here you can select the partition that you wish to encrypt. But note that VeraCrypt will erase and format that partition, so all data on it will be erased.

Volume Location

Now select the partition and click OK. After the partition is selected, click on Next to move on the next step.

Select partition that shall be encrypted

In the Encryption Options window, you can select the encryption algorithm. This is the algorithm that will use to encrypt the partition. Select the encryption algorithm and click Next.

Choose encryption algorithm

Then there will be a Volume Password window. Here you can enter the password, that will be used to access the encrypted partition. In case, you lost this password, you will no longer have access to data.

After entering the password, click on Next.

Set a password

Now in the Format Options window, choose the file system type from the drop-down, menu. Then click Next.

Choose Filesystem type

Now you are prepared for creating a volume. In the Volume Format window, click on Format. It will start formatting and create the volume.

Volume format

When the process is completed, it will prompt the notification that volume has successfully created. Click OK.

Veracrypt volume successfully created

Step 2: Mount the encrypted volume

Now mount the volume that you have just created. From the VeraCrypt window, click on Select Device.

Select device

Now select the required partition and press OK.

Select partition

Once the required partition is selected, click on Mount.

Mount partition

It will prompt for the password. Enter the password that you have set while creating the encrypted volume and click OK.

Enter password to decrypt partition

Now you can see the volume has been mounted.

Mounted volume

Now open the Ubuntu file manager and click on Other Locations, you will see the mounted volume. Now you can use it as a normal drive. You can open this volume, add, edit, and delete files from it.

Mounted volume visible in file manager

Step 3: Dismount the encrypted volume

Once you are done, you will need to dismount the volume. To do this, open VeraCrypt, select the volume and then click Dismount.

Unmount volume

Now every time you will need to access the encrypted volume, you have to mount the volume by entering the password. It will then be accessible to everyone that has access to the system. Therefore, it is necessary to dismount the volume when you no longer needed it. If you do not dismount the volume, it will remain mounted and will open to everyone accessing the system.

So that is the way you can use VeraCrypt to encrypt your partition. You can also use it to encrypt the entire drive, and even individual folders and external drives like USB.