Automatically mount a TrueCrypt volume at Login (Mac OS X tip)

Everyone these days is banging on at us about taking more care of our personal data, but we’re a lazy bunch you & me and like every other bit of advice we get, we tend to push it to the back of our minds unless it’s easy to follow. Securing your personal data is all very well, but quite frankly it can be a pain in the butt if every time you login to your Mac you have to launch a program and navigate through various options to get something done.

I’m just as guilty and having installed TrueCrypt on the Mac some months ago, I’d barely given it a second thought until I had to get it to automatically mount a volume on my Windows XP work laptop the other day. In Windows it’s a relatively straightforward taks to get TrueCrypt to run at startup and then automatically mount your ‘favourite’ volumes. Doing the same under Mac OS X took a little more effort! Yes Mac OS X can automatically mount network volumes if you simply drag the relevant icon into your User Account/Login items, but sadly this doesn’t seem to work for TrueCrypt volumes, so here we go…

For the purposes of this exercise I use the excellent Lingon utility to create an agent that runs when I login, but it should be just as easy to do this using a script, or even an Automator Action – the syntax of the actual command line will be the same.

Lingon details

Lingon details

Assuming you have already installed TrueCrypt in your Applications folder, create the volume you want mounted at login if you haven’t already done so. In my case I created a folder called Document_Store in the root of my ‘user’ folder, and then created a 2Gb TrueCrypt file called ‘docvault‘ inside it.  What you now need to do is work out the full pathname of your TrueCrypt file – in my case it’s:

/Users/macbitz/Document_Store/docvault

…where ‘macbitz’ is my user name, Document_Store is the name of the folder I created to hold my TrueCrypt files, and docvault being the name of the file I want to automatically mount.

Now fire up Lignon and click on the + button to create a new agent and choose User Agents from the list. First thing to do is to give your agent a name – in my case I called it ‘com.truecrypt.mount_docvault’ but you can call it whatever makes sense to you. Next step is to tell Lingon what application to run by using the ‘Choose’ button and navigating to where you installed the TrueCrypt application. Once you’ve done this, you should see some text in the ‘What’ box that looks something like:

/Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt

…that’s Lingon telling your Mac what application to run. The next thing you need to do is add the parameters that tell TrueCrypt what it’s supposed to do. In our case we want TrueCrypt to mount a file called ‘docvault’ and to put it somewhere where it’s easily accessible, like a volume on the desktop, so we add the following text into the Lingon ‘What’ window after the TrueCrypt stuff

--mount /Users/macbitz/Document_Store/docvault /Volumes/VAULT

Once you’ve done that you’ll have a long command line that looks like this:

/Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt
--mount /Users/macbitz/Document_Store/docvault /Volumes/VAULT
Custom icon

Custom icon

One last thing is to tell Lingon when it should run your command. Do this by ticking the box that says – Run it when it is loaded by the system (at startup or login). Now if you’ve done this correctly then the next time you login to your Mac, TrueCrypt will load, and then prompt you for the password to access the encrypted file before mounting it in the location specified. In my example I asked TrueCrypt to mount the file as a volume called ‘VAULT’ which then appears on my desktop (as per my Finder preferences). With a little bit of imagination you can even create a custom icon for your encrypted volume (see left) which Finder kindly remembers. If you want to auto-mount your TrueCrypt volume using a script then just put the TrueCrypt command line and it’s parameters into a compiled script that you run as a login item.

Nicest of all, TrueCrypt is free so now you’ve got no excuse for not locking up your super-secret data away from prying eyes! Having said that, the authors of both TrueCrypt and Lingon are happy to accept donations.

Mounting Windows network drives at login (OS X tip)

Windows users will be familiar with the ability to map network drives and to have those drives connect automatically when they next login to their PC. For all its ease-of-use, Mac OS X seems to lack that ‘Reconnect at logon‘ functionality, forcing users to come up with an alternative.

As a new Mac user I hunted around for a solution, and something that didn’t cost any money or require a certificate in programming to implement. The most common solution by far in the various Mac forums is to manually connect to the chosen network drive (using the Go – Connect to server option in Finder), and to then drag the resulting volume icon into your Login Items in the System Preferences – Account Settings. That’s all well and good, but the only problem with that approach is that a window will automatically open on your desktop for each connected drive when you logon.

I eventually found a slightly slicker way of doing this which isn’t too complicated, requiring you to simply create a short script. It works as follows:

1. Go to your applications folder and open the folder called AppleScript.

2. Run the Script Editor. A small window will appear, showing a blank page.

3. Copy the following text into the top half of the window…

tell application “Finder”
try
mount volume “smb://<username>:<pwd>@<servername_or_address>/<sharename>

on error


display dialog “Unable to mount network volume.” & return & return & ¬
“The network, target server or share may be unavailable.” & return & return & ¬
“Click OK to continue.” buttons {“Okay”} default button 1
end try
end tell

4. New edit the above text as follows:

  1. Replace <username> and <pwd> with the required username and password if necessary. If it’s a public share then just replace them with something like ‘Guest’ and ‘null’ as they’ll get ignored.
  2. Replace <servername_or_address> with the name of your server/PC (if you use DNS) or simply the IP address of the machine (if you don’t know what DNS is)!
  3. Finally, replace <sharename> with the name of the Windows share you wanto to connect to. Equally you can use the dollar symbol to connect to hidden shares, e.g. F$ for the hidden administrative share of the F: drive on a Windows server.

5. The next step is to compile your script to check for errors, so click on the Compile button to check all the syntax is OK.

6. Now you need to save the script as an executable application. Click File – Save As and make sure you’re saving it as an ‘Application’. Give the saved file a meaningful name and choose where to save it. I put all my scripts in a folder called ‘Scripts’ in my documents folder.

7. The final step is to drag the icon of the script you’ve just created into the Login Items list for your account (in System Preferences / Accounts).

That’s it! Next time you login a window will pop up asking if you want to run the script. Just click on run or cancel (useful if you’re a laptop user away from your network). If you click ‘run’ the the script will run in the background and will automatically connect to your network drive. If you want to connect to multiple network drives, then either create multiple scripts, or better still simply repeat the ‘try… end try’ section the required number of times, specifying a different network drive to connect to in each case.

The one word of caution is that if you need a username and password to connect to the network share, then they’ll be stored in your script as plain text, so use with caution…

Hope this helps.