Thursday, June 2, 2011

DM-Crypt on Synology with Truecrypt 7

You may get an issue with Truecrypt on your synology about the ioctl and the device mapper (dm). Do "dmesg" when you try and use truecrypt to mount an image and see if it complains about a missing module.

The issue is because the synology default kernel lacks the required device mapper crypto module and the crypto modules XTS and LRW.

You can compile these using an ubuntu/linux host and the Synology cross-compile tools and sources. See my post on compiling a kernel module.

 

Alternatively, if you are on a synology 1511+ or similar (running a x86 processor - do "uname -a" to check), leave me a comment and i will email you the pre-compiled modules)

 

 

12 comments:

  1. Hello,

    Thanks for your howto for Truecrypt on Synology 1511+

    I still have the problem with dm-crypt none existing module.

    Could you please send me your pre-compiled modules ?

    Thanks,

    ReplyDelete
  2. Hi,

    Since you seem expert in compiling kernel modules for Synology, I have a question for you:
    I have DS-411+II, which has the same CPU and runs the same kernel as your 1511.
    When I ran DSM 3.2 I had no problem using pl2303.ko and usbserial.ko for my prolific USB to Serial adapter. I downloaded the kernel modules from the web.
    When I switched to DSM 4.0 they stopped working. DSM 4.0 uses the same kernel as 3.2 (2.6.32-12), so I don't understand why these modules stopped to work (no attachement to /dev/ttyUSB0). I tried to compile the drivers by myself (used x86_64. not i686. ARCH=x86_64, and succeeded in making the ko files however NAS couldn't boot with these drivers...)
    Can you please compile these drivers for me, or explain to me what has gone wrong?
    You can mail me at lebovitz at gmail

    ReplyDelete
  3. Sorry the email should be lebovitzn at gmail

    ReplyDelete
  4. Hi,

    I have a Synology 1511+ and would like to save myself the trouble of compiling the modules to get TrueCrypt running on my system. Can you email me the pre-compiled modules? My email address is kevin.loveland at gmail.

    Also, do you mount your TrueCrypt volume automatically when booting your NAS or do you have to mount it manually?

    Thanks,
    -kevin

    ReplyDelete
  5. Hi Kevin,

    Sorry I did this as an exercise to recover data from a couple of truecrypt volumes, I've since moved away from using it due to the pain.

    Unfortunately I have upgraded to the latest DSM and don't have a suitable compiled module.

    ReplyDelete
    Replies
    1. Why did you move away from it and what did you move to?

      I backup all of my machines to my Synology 1511+ and would like to maintain an offsite encrypted copy of the data as described here: http://forum.synology.com/enu/viewtopic.php?f=160&t=41568.

      I would just like to understand your experience with the painfulness of using truecrypt before I embark on the "adventure".

      Delete
    2. Hi Kevin,

      I actually use the built in Synology encryption. It is using the well known eCryptFs linux software (used by google, ubuntu, etc) so I'm sure of it's reliability. The best thing about it, which is important to me, is that if the NAS fails, I know I can use a regular linux box to recover data (As long as you have the encryption key. I recommend you take 3 copies of the key on high quality USB locked in safe places + a cloud backup of it.)

      To be honest I find it a lot faster than truecrypt.

      When I compiled truecrypt, it was much of a case of get to step X then find solution to problem Y, rinse and repeat until it finally compiled. Then there is further issues of getting the system to mount the volume. You should be OK with a lot of googling, but I don't feel like it is a long term "backup" type solution.

      Delete
  6. Hi,

    thanks for your great guide on how to compile Truecrypt on the Synology 1511! I too have the problem described in your post. Could you please send me the compiled modules at

    xenon007 at gmx.net

    Thanks so much!

    ReplyDelete
  7. Thank You for great tutorials.
    I reached the moment "device-mapper: reload ioctl failed: Invalid argument".
    Could i ask for compiled modules at
    jan.alojzek at gmail

    ReplyDelete
  8. This comment has been removed by the author.

    ReplyDelete
  9. This comment has been removed by the author.

    ReplyDelete
  10. I wonder if you are still around. I have managed to get the modules compiled and loaded for my ARM device, but Truecrypt still will not mount the container:

    Error: mount: mounting /dev/mapper/truecrypt1 on /store/home/test/mtest failed: No such device

    Do you have any clue?

    ReplyDelete