Krypt - KDE GUI for managing volumes encrypted with LUKS

Krypt is a simple application that sits in the tray, and provides easy access to the list of volumes encrypted with LUKS, that are present in the system. It is possible to quickly decrypt, encrypt back, mount and umount such devices. It also monitors HAL activity, and responds by showing a pop-up with password prompt. When the password is provided KDE's media manager kicks in and does all the job. It is also possible to mount it using Krypt's menu entry. It will mount the volume in exactly the same place where KDE's media manager would do. Krypt also has a list of ignored devices, where user can place all the volumes that he doesn't want Krypt to handle (for example any permanently decrypted and mounted partitions, like encrypted /home). Another useful option makes Krypt automatically encrypt all volumes that are umounted (for example by using KDE media manager's 'Safely remove' option).

• Decrypting and encrypting back LUKS-encrypted devices detected by HAL
• Automatic encryption of volumes when they are umounted (using KDE's media manager, or Krypt)
• Possibility to completely ignore some volumes

• Unknown, non removable, volumes are ignored by default
  All encrypted system partitions will be set to be ignored first time Krypt sees them
  (they can be unignored in their configuration)
• Storing passwords for volumes - either in KDE Wallet, or in Krypt's config file
• Automatic decryption of volumes with passwords stored
• Detailed by-volume configuration
• Decryption/Encryption notifications
• 4 different styles of context menu organization
• German and Polish translations

Get the source of the latest version: krypt-0.2.tar.bz2

		svn co svn://svn.berlios.de/krypt/trunk krypt
	

		make -f Makefile.cvs
		./configure
		make
		sudo make install
	

• Qt >=3.3 <4 library
• KDE 3.5
• DBus >= 0.90 installed and running (I use 1.0.2, but it should work with 0.90)
• HAL >= 0.5.9

Alternatively, Krypt has packages for following distributions:

• Gentoo ebuild: krypt-0.2.ebuild (thanks to Alex Elsayed)
• Arch Linux AUR package: http://aur.archlinux.org/packages.php?ID=15235
• Slackware package: http://www.slacky.eu/index.php?option=com_content&task=view&id=6314&Itemid=65 (thanks to Conraid)

• Configuration of existing volumes (changing passwords)
• Creating new volumes
• KDE4 port

Krypt is based on Kryptomedia tool, created for OpenSuse as a patch for original KDE. The drawback of that solution (at least in other than OpenSuse distributions) was that whenever KDE was updated some of its files had to be modified to get kryptomedia working. This program doesn't need any patches to KDE. If you are interested in different forms of LUKS support for KDE, have a look here:

http://bugs.kde.org/show_bug.cgi?id=113629

http://strony.aster.pl/tanis/kde_luks/kryptomedia.html

Krypt needs HAL and DBus daemons running, so before complaining that it doesn't work, make sure that both these services are working. It is possible, that when you plug in encrypted device, Krypt's password prompt shows up, but even after entering correct password it doesn't disappear, and following attempts to enter it give only an error message, that this device is already mapped. This is not Krypt's fault. It is because HAL can't handle cryptosetup (which is a program used for managing LUKS volumes) properly. To solve this problem you need a version of HAL patched with this: cryptsetup_temp.patch.

To find out more about problems with HAL have a look here:

https://bugs.freedesktop.org/show_bug.cgi?id=12899

http://lists.freedesktop.org/archives/hal/2007-October/009716.html

http://bugs.gentoo.org/show_bug.cgi?id=211591

UPDATE: According to the latest comment here, it is actually bug in udev, not in HAL. It has been fixed in udev commit a0092d28, but I haven't tested it myself. This workaround has been already commited to HAL, so the next version should work properly either thanks to this workaround or updated udev package.

Copyright © 2007, 2008 Jakub Schmidtke