VeraCrypt: Difference between revisions
Created page with "VeraCrypt is the successor to the popular encryption utility TrueCrypt. TrueCrypt had previously [http://istruecryptauditedyet.com/ been audited] and found to be secure...." |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
VeraCrypt is the successor to the popular encryption utility TrueCrypt. | VeraCrypt is the successor to the popular encryption utility TrueCrypt. | ||
TrueCrypt had previously [http://istruecryptauditedyet.com/ been audited] and found to be secure. | TrueCrypt had previously [http://istruecryptauditedyet.com/ been audited] and found to be secure. | ||
==CLI== | |||
To use the cli, call <code>veracrypt</code> with <code>-t</code> as the first argument. | |||
Some examples output from <code>veracrypt --help</code>: | |||
<pre> | |||
Create a new volume: | |||
veracrypt -t -c | |||
Mount a volume: | |||
veracrypt volume.hc /media/veracrypt1 | |||
Mount a volume as read-only, using keyfiles: | |||
veracrypt -m ro -k keyfile1,keyfile2 volume.hc | |||
Mount a volume without mounting its filesystem: | |||
veracrypt --filesystem=none volume.hc | |||
Mount a volume prompting only for its password: | |||
veracrypt -t -k "" --pim=0 --protect-hidden=no volume.hc /media/veracrypt1 | |||
Dismount a volume: | |||
veracrypt -d volume.hc | |||
Dismount all mounted volumes: | |||
veracrypt -d | |||
</pre> | |||
===Flags=== | |||
* <code>-t</code> use text (CLI) interface | |||
* <code>--non-interactive</code> Add this when scripting with the CLI | |||
==Favoriting== | ==Favoriting== | ||
| Line 10: | Line 42: | ||
* <code>/dev/disk/by-path/</code> | * <code>/dev/disk/by-path/</code> | ||
* <code>/dev/disk/by-id/</code> | * <code>/dev/disk/by-id/</code> | ||
If you're favoriting a partition rather than an entire volume, you can also use: | |||
* <code>/dev/disk/by-uuid/</code> | |||
Notes: | Notes: | ||
* These are all symlinks. You can use <code>ls -l</code> to see what they are. | * These are all symlinks. You can use <code>ls -l</code> to see what they are. | ||
==Mounting on boot== | |||
See [https://www.computercorrect.com/2018/operating-systems/linux/ubuntu/auto-mounting-a-veracrypt-volume-under-ubuntu-debian-linux/ https://www.computercorrect.com/2018/operating-systems/linux/ubuntu/auto-mounting-a-veracrypt-volume-under-ubuntu-debian-linux/] | |||
The basic idea is to use crypttab. You can also use systemd. | |||
Latest revision as of 02:00, 27 May 2020
VeraCrypt is the successor to the popular encryption utility TrueCrypt.
TrueCrypt had previously been audited and found to be secure.
CLI
To use the cli, call veracrypt with -t as the first argument.
Some examples output from veracrypt --help:
Create a new volume: veracrypt -t -c Mount a volume: veracrypt volume.hc /media/veracrypt1 Mount a volume as read-only, using keyfiles: veracrypt -m ro -k keyfile1,keyfile2 volume.hc Mount a volume without mounting its filesystem: veracrypt --filesystem=none volume.hc Mount a volume prompting only for its password: veracrypt -t -k "" --pim=0 --protect-hidden=no volume.hc /media/veracrypt1 Dismount a volume: veracrypt -d volume.hc Dismount all mounted volumes: veracrypt -d
Flags
-tuse text (CLI) interface--non-interactiveAdd this when scripting with the CLI
Favoriting
See https://askubuntu.com/questions/732584/can-veracrypt-use-persistent-mount-points-on-linux
Favoriting Volumes
On linux, you don't want to favorite by /dev/sd[x].
Instead you should use one of the following:
/dev/disk/by-path//dev/disk/by-id/
If you're favoriting a partition rather than an entire volume, you can also use:
/dev/disk/by-uuid/
Notes:
- These are all symlinks. You can use
ls -lto see what they are.
Mounting on boot
The basic idea is to use crypttab. You can also use systemd.