My GnuCash Encryption Script - FAQ

I get an occasional email about my site every so often. One reader emailed me about my GnuCash encryption script. There are a couple of threads in forums that link to that page, so I thought that I should address what these threads and the email are about.

I don't want to quote the original email for various reasons, mostly because I didn't add the disclaimer to "the contact page":/contact at the time, so I'll summarize. All my my responses are directly copied and pasted from my email response.

Do I have to use the number 52?

The two digits "52" can be replaced with any one or two digit number. I found this restriction by reading the truecrypt command's man page. I typically need multiple TrueCrypt volumes mounted, so I tend to mount them as 1,2,3,... or 99,98,97... I picked a number in the middle for this script just to prevent any overlap. There isn't any actual reason I chose 52.

What about Pluton's script?

I was asked what the difference is between my script and Pluton's script (check the pastebin link in his post for the source).

There are a couple differences between my script and Pluton's script. I've read his a couple of times this morning. I believe our scripts are trying to do two different things.

My script

• Mounts a TrueCrypt volume as a virtual drive
• Requires admin (root) privileges, or at least permission to use the "mount" command
• Requires TrueCrupt to be installed

His script

• Can be used by any user
• Requires openssl (comes by default on most Linux distros. If you have 'ssh', you have openssl.)
• Only works for one file, but can be extended for a whole directory. I encrypt my bank statements and other documents with my GnuCash file, so I'm going to write the rest of this email as if the script has been extended.

However, one problem I see with pluton's script is how his handles passwords. My script calls the truecrypt command without a password. By doing so, TrueCrypt pops up its own dialog box to handle password entry. I did this for the same reason pluton modified his script: the password would be displayed if someone ran 'ps aux'. I am able to do this because TrueCrypt doesn't need the password again to umount an encrypted volume.

Pluton's script stores the password in RAM because, once you are done using GnuCash, the script needs the password again to re-encrypt the data. Theoretically, someone can read the password in RAM, but this so extremely unlikely that I wouldn't even consider it. If you're working with something very sensitive, such as government financial data, you may need to consider it. Although, you probably wouldn't be using GnuCash if that was the case.

Pluton's script also relies on KDE for knotify, but this can easily be changed to the environment you are using.

Outside of just our two scripts, there is also the matter of TrueCrypt vs. openssl encryption. I believe TrueCrypt is much more secure, but I haven't read enough to definitively say that.

When you create a TrueCrypt encrypted file, you specify the size of the virtual volume. This volume size can't be changed. If you want a 10 GB volume, the encrypted file size will be 10 GB, even if you only have a 200 kB file inside of it.

With openssl, if you have 200 kB worth of files encrypted, the encrypted file will be approximately 200 kB without accounting for any file compression there may be.

On the other hand, if you have 9 GB worth of encrypted files in a 10 GB, the file size will still be 10 GB. While in use, openssl will require 18 GB (9 encrypted, 9 decrypted in the temporary directory).

As for speed, TrueCrypt wins here. With openssl, you have to wait for the files to encrypt and decrypt. There is no waiting with TrueCrypt. Everything is done on the fly. With small files, though, you won't even notice.

Launchers

Are launchers a privacy/security issue? Should I automatically mount my TrueCrypt drive when I log in?

I don't have a problem with launchers. They are just the Linux equivalent of the Quick Launch toolbar in Windows. As for the sudoers file, this is your decision. It is less secure, but you won't have to repeatedly enter your user password when using these scripts. If you are using TrueCrypt at all, you MUST edit the sudoers file. You need permission to sudo mount in order to mount the encrypted volume. Following the instructions in the PDF you've attached should work. By elevating your privileges when running truecrypt, truecrypt itself would have permission to run the mount command.

As for the second half, I personally would never have an encrypted volume mount automatically when I log in. I encrypted it for a reason. I don't want it decrypted the entire time I'm logged in. In my opinion, that defeats the purpose of the encrypted volume. If you want full-system encryption for disasters such as your computer being stolen, there are better tools for that.

The debate over whether sudo should ever be used is as old as the command itself. I don't know enough to say if it is bad or not, but I tend not to use it. Then again, I can become root whenever I need. Many people can't.