Difference between revisions of "Cool Solution - Encrypted USB sticks for UCC clients"

From Univention Wiki

Jump to: navigation, search
(7 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Cool Solutions Repository}}  
{{Cool Solutions Disclaimer|Repository=yes}}
{{Out of Maintenance}}
= Introduction =
== Archive ==
'''univention-ucc-truecrypt''' allows to mount encrypted truecrypt containers on removable storage devices (USB) on UCC clients. If USB sticks with a truecrypt container (standard name is secure.tct) are connected to the UCC client, a graphical password dialog will prompt for the password and the truecrypt container is mounted (on the standard mountpoint for removable storage devices).
There is a version of this article for [http://wiki.univention.com/index.php?title=Cool_Solution_-_Encrypted_USB_sticks_for_UCC_clients&oldid=12454 UCC 1.0].
= Installation =
On the UCC client, the package '''univention-ucc-truecrypt''' has to be installed.
apt-get --no-install-recommends install univention-ucc-truecrypt
= Configuration of USB storage devices =
The following command can be used to create a 1GB truecrypt container with the password "univention", the name "secure.tct" and the filesystem FAT.
-> truecrypt -t -c secure.tct \
    --volume-type=normal \
    --encryption=AES \
    --hash=RIPEMD-160 \
    -p univention \
    -k "" \
    --random-source=/dev/urandom \
= UCR configuration =
The behavior when mounting truecrypt containers can be configured through the following UCR variables on the UCC client:
* ''ucc/usb/truecrypt/mount/options'' Mount options for the truecrypt device. (default: umask=0000)
* ''ucc/usb/truecrypt/only'' If true, mount only devices with a truecrypt container. (default: false)
* ''ucc/usb/truecrypt/container'' Name of the truecrypt container. (default: secure.tct)
* ''ucc/usb/truecrypt/sessions'' Comma-separated list of xsessions where truecrypt devices are mounted.
= Technical background  =
= Known issues =
* At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ''ucc/usb/truecrypt/sessions'').
* If FAT is used as filesystem, the truecrypt container can have a size of maximum 4GB

Latest revision as of 11:17, 8 September 2017

Produktlogo UCC Version 1.0

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Packages provided by a Cool Solutions Repository are built by Univention, but will not be maintained. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.
Out of Maintenance


There is a version of this article for UCC 1.0.

Personal tools