Introduction
Whether creating an encrypted non-system partition or a container, the procedure is pretty much the same. You just have to download the VeraCrypt software and then follow their on-screen instruction.
Procedures
Step 01: Install VeraCrypt
VeraCrypt is freely available for download on their website. Choose the appropriate installation file based on your operating system and requirements. In most cases, it may be the EXE Installer for Windows and the appropriate .deb file for Ubuntu (e.g., Ubuntu 24.04, GUI).
Once downloaded, open the downloaded file and follow on-screen instructions to install.
Step 02: Setup a target partition
This is the partition you want to encrypt. If one isn’t ready already, use the Disk Management tool on Windows and Disks on Ubuntu to format and create a partition of your requirements.
Important
Memorize the characteristics such as name and size of the target partition as you would need to select it in later stages.
Step 03: Create VeraCrypt volume
The following instructions are based on VeraCrypt’s Ubuntu variant. It should very similar on Windows.
- Open VeraCrypt.
- Click on
Create Volume. - Choose
Encrypt a non-system partition/drive, then clickNext. - Choose
Standard VeraCrypt volume. - Select your target partition from the list (TAKE EXTRA CARE WHEN SELECTING THE PARTITION, SELECTION OF WRONG PARTITION WILL RESULT IN UNRECOVERABLE DATA LOSS).
- Encryption option: Go with the defaults if you don’t have any particular interest.
- Passwords: Choose a good password at minimum (greater than 20 characters long). Consider using a different PIM value and optionally use keyfiles for higher security.
- Volume format: If you plan to use the encrypted drive on Windows (optionally and Linux), choose
NTFS, otherwise chooseLinux Ext4. Check the quick format option only if it is a new drive or you do not want to encrypt free spaces within the partition. - Follow on-screen instructions to perform format.
- Once volume is created, click on
Exit.
Good to Know
AES for encryption and SHA-512 for hashing are solid choices for most people. In most cases, your processor will have a built-in hardware to handle AES encryption and decryption making such operation super fast and not affect other works. If unsure, search for your processor here or simply run the
Benchmarkoption on the wizard to determine the fastest algorithm.
Step 04: Mount the encrypted volume
- Open the main VeraCrypt window.
- Select a free slot/drive (e.g., slot no. 1, 2, 3, … on Linux, and drive letter D, E, F, … on Windows).
- Choose
Select Device. - Select the encrypted partition.
- Click on
Mount. - Enter password, PIM, and other requirements then click on
OK.
Step 05 (optional): Set a label for the partition
- Ensure the volume is mounted.
- On Ubuntu, open the Disks app > select the encrypted device > select the gear icon > select
Edit Filesystem> set your label. - On Windows, open the volume properties by right clicking on it > set your label > click on
OK.
That’s it. You’re done. The encrypted volume is now mounted and accessible like a normal drive.
Final notes
- Refer to this album for screenshots from each steps.
- The volume will auto dismount when computer shutdowns or restarts.
- You can manually unmount the volume by clicking on
Unmountbutton from the main VeraCrypt window. - When unmounted, you perform step 04 to mount again.
- On my next post, I’ll show you how to auto-mount this volume on both Windows and Ubuntu as you log into your account.