Quantcast
Channel: VeraCrypt
Viewing all 7620 articles
Browse latest View live

New Post: Do I need to create one VeraCrypt rescue disk for each disk I encrypt?

February 11, 2017, 9:52 am
$
0
0
Hi,

I need to encrypt about 10 disks. They'll all use same password (and default PIM). I'd hate to have to make and track 10 different rescue disks. So, my questions are:

(1) Can I skip this step?
(2) If needed later on, can I use same rescue disk for any disk encrypted with VeraCrypt (all encryption will be done using same version/build of Veracrypt).

Thank you for your time and help!
Search

New Post: Do I need to create one VeraCrypt rescue disk for each disk I encrypt?

February 11, 2017, 10:17 am
$
0
0
Rescue disk contains keys. Keys are different for all computers. Keys are encrypted by password, PIM and salt.
If keys are damaged the only possibility is rescue disk.

Version: 1.20B2 is better. 1.19 has problem with EFI rescue disk.

New Post: Do I need to create one VeraCrypt rescue disk for each disk I encrypt?

February 11, 2017, 10:53 am
$
0
0
Thank you for your response kavsrf.

I am, at the moment, encrypting the first hard disk. It is the (single) internal SATA hard disk of a laptop. Then, I'll connect (one by one) approx 10 SATA and IDE drives, including both 2.5 inch and 3.5 inch drives, via USB to the same laptop to encrypt them.

If I understand your comment correctly (sorry, I am not as technically savvy as yourself, so please correct me if I am wrong) then it seems that I still need one rescue disk per disk since key will be different for each time I launch encryption as salt may be different for each disk I encrypt (even though pwd may be same and PIM may be default). Is that correct or, in my scenario above, I am okay by having just one rescue file for all external hard disks?

Thanks again.


kavsrf wrote:
Rescue disk contains keys. Keys are different for all computers. Keys are encrypted by password, PIM and salt.
If keys are damaged the only possibility is rescue disk.

Version: 1.20B2 is better. 1.19 has problem with EFI rescue disk.

New Post: Favorite Volumes Not Mounting on Login

February 11, 2017, 8:54 pm
$
0
0
I had a favorite volume configured pre-system encryption that operated as expected. With the "Mount selected volume on logon" option checked - after logging in, Veracrypt presented a window requesting the password.

After encrypting the system with the same password, and ticking the "cache pre-boot authentication password" option - I'm no longer presented the window requesting the password, but the volume doesn't automatically mount either. If I select the volume from the favorites menu or by right-clicking the Veracrypt tray icon and selecting "Mount favorite volumes" it mounts without need of password, as expected.

How can I get this working automatically?

New Post: TRIM Not Working

February 11, 2017, 11:04 pm
$
0
0
In the veracrypt documentation I'm seeing it mentioned that VC doesn't stop the TRIM command - but after encrypting my system partition (SSD) I'm noticing TRIM no longer reports to be working via the "trimcheck" utility. However, instead of the normal "TRIM is WORKING" or "TRIM is NOT WORKING" - I'm getting "CONCLUSION: INDETERMINATE".

(I've tried ticking the "Enable extended disk control codes support" option - but no luck. Would that make any difference? I'm not 100% on what that's actually doing...)

Looking at the drive with a hex editor, I'm not seeing the zeros. However, I'd trimmed the drive shortly before encrypting it, and didn't do a wipe, with over 70% of the drive empty - so I'm assuming what I'm seeing is some result of veracrypt's driver?

Is there a proper way for me to tell if TRIM is actually working or not? I'd very much prefer it were.

New Post: TRIM Not Working

February 11, 2017, 11:38 pm
$
0
0
For data drives VeraCrypt creates virtual disk and emulates disk functions.
For system drive VeraCrypt does not create virtual disk. It works like ordinary disk filter. Probably VeraCrypt should not affect TRIM on system. My system is encrypted on SSD.

New Post: Do I need to create one VeraCrypt rescue disk for each disk I encrypt?

February 11, 2017, 11:47 pm
$
0
0
lonelyseeker wrote:
I am okay by having just one rescue file for all external hard disks?
No. each data container encrypted (external USB disk) contains keys in first 128K and last 128K. So keys are different for each container.

New Post: Bootloader fingerprint fialed Evil Main Attack.. Seems faulse

February 12, 2017, 5:21 am
$
0
0
I don't get this
So I've been home all week, never left my house. I was using my computer all day yesterday and today. I went to shut down the computer to take a shower and when I started it again, I'm getting this error every time I boot it. This is windows 7 Pro by the way. No one was in my place but me.

Note: I have not loaded any rescue disks, I also did not install any software this month. I have also not downloaded any thing via emails. I just checked my load locations with Autoruns.exe, TCPview, and Process Explore. Nothing seems to be loading out of the ordinary. Also, my Win.ini and System.ini seems clean. My temp folders are all empty. What else could this indicate other than the two suggestions in the popup?

I changed the system password (Using the same identical pass) and the error went away. It seems more like a bad sector on the drive type of issue. I never made a rescue disk, so nothing was compromised with that.
Search

New Post: Corrupted (?) file container - Need suggestions on how to recover

February 12, 2017, 6:43 am
$
0
0
Hello,

I am unable to access 300GB encrypted file container on a 500GB USB HDD (MBR and single NTFS partition). The container most likely is also NTFS. It was created with VeraCrypt version 1.17 and always worked flawlessly. I am sure of the password. Later I also started trying accessing it with VC version 1.19. The container is standard (not hidden), has no PIM, no keyfiles and I do not have backup header extracted. I tried various ways and combinations of mounting it - as read-only, as removable medium and using backup embedded header. No luck. Later I tried running chkdsk /r /f /x and HD Tune 2.55 (slow) Error Scan on the drive, but no issues were found.

What are my other options to try getting into that thing?

What happened? File corruption without any traces?

I don't think I even have to say that I am really determined to get to my files ;)

Thanks and best regards,
Adam

New Post: A "safe" open source password manager (?)

February 12, 2017, 7:08 am
$
0
0
Just because Vera Crypt is good in encrypting files and similar data, does not mean it is a good password-safe. Encryption is the base of the security and storing the data somwhere is the other similarity. However, there are dis-similarities. VeraCrypt hooks into the filesystem of the operating system. The password manager hooks into the keyboard and/or the cut-n-paste buffers of the human interface. That's a totally different system.

New Post: Favorite Volumes Not Mounting on Login

February 12, 2017, 7:09 am

New Post: AES+Twofish+Serpent too slow for system drive?

February 12, 2017, 7:15 am
$
0
0
Deckard2019 wrote:
Thanx for the link.
Is updating to 1.20 Beta 2 only necessary when using UEFI?
Yes. Even using Legacy mode, I would recommend 1.20 Beta 2 since the release is stable with no reported issues.

Deckard2019 wrote:
I use Windows 10, but in Legacy mode. Then there will be no issue with the Rescue Disk, right?
No reported problems on the forums.

New Post: A "safe" open source password manager (?)

February 12, 2017, 7:17 am

New Post: Using VeraCrypt though CMD or Terminal to create encrypted File containers ...

February 12, 2017, 7:27 am
$
0
0
The above just somehow got me hooked. I'm in the process of defining something similar myself: Create an online backup using veracrypt containers, be sure the data is transvered encrypted and the password is relative save and safe.

For a start, your ideas are a little over-complicated and have some issues.

You cannot create a true random key using some script. There has to be some random seed to generate the key. THats why veracrypt requres some mouse movements to create a key. These mouse movements cannot be sctipted, since they then are less random.... On the other hand, once you have created a good key, you donnot need a new one for every backup.

Then the password handling: There are some what-ifs in there, like what if the printer is out of ink or out of paper once it prints? THe idea to not have it online is relative good, however, since you use it for backup be sure you have it once you need id. My idea for the password storage is to use a commandline based password safe. There should be one or two around. Most have relative good pasword generators for hard-to-guess passwords. Just use them to create the password.

In the end, it is my idea to use a vera-crypt container on an online storage facility. I have one that offers the webdav protocol. Since I generate the veracrypt volume locally, I know the data is encrypted once it is sent over the line. Hence using https (from the webdav protocol) is sufficient.

Now just do it on a commandline. For msWindows I'd say to use powershell, for unix/linux/macos, just use the available shell/terminal. Once you have it all commandline based dump it in a file and you have the base of the script.

New Post: New Encryption Cipher

February 12, 2017, 7:34 am
$
0
0
From a development point of view, I'd say veracrypt cannot add every cypher around. However, it would be nice if VeraCrypt can be extended with an api (program interface) to use an own cypher. Then everyone can use the great VeraCrypt system and use their own cyphers for test/evaluate/hide their own cyphers.
Search

New Post: 2 Factor Authentication

February 12, 2017, 7:43 am
$
0
0
Some kind of 2 factor authentication can be nice. This can be yubikey, google, sms, microsoft or what-ever-system. In the end, on linux systems there is something called Pluggable Authentication Module. That is an interface for authentication for which there are many interfaces. I expect the google 2fa can be one of them. Hence, I'd advice VeraCrypt to create an interface for pam-modules (or an other one, maybe more platform independent).

For now, there effectively is already some 2 factor authentication if you need one for security reasons. Use a key-file and a password.

New Post: Support For F2FS Filesystem

February 12, 2017, 7:56 am
$
0
0
As far as I see F2FS, it is tailor made for use on samsung ssd-s. How would you use it for VeraCrypt?

If you want to use it inside a veracrypt container, just create your container without a filesystem and let linux create your f2fs filesystem in this container.

If you want to use it as a storage place for veracrypt containers, I'd advice to create a thin-provisioned container. Use your prefered filesystem inside the container.

Be noted samsung offers disk encryption on various of their ssd-s this encryption. That encryption is ment to be used in conjunction with their ssd's It is hardware acceleraded (encryption in the ssd) and hooks to the tpm chip in your system if you have one.

If you'd like to use veracrypt on a partion in an SSD, be noted that the entire partition will be written to on encryption. Hence, better to leave some more space free for the ssd, so do not use all the data you see on te interface, better leave about 5 to 10 % open as an unused partition.

New Post: veracrypt volume in multiple files...

February 12, 2017, 9:15 am
$
0
0
Veracrypt as a partition can grow to terabyte size. However, veracrypt in a container file has the limit of the file size of the storing filesystem.

With other filesystems-in-a-file it is possible to have this file chopped in handsome files, like chunks of about 600 MByte (for cd-images), 2 GB (the max filesize on fat) and such. Right now, I bounced to a max file syze of 50 MByte to be used on a webdav connected drive! This is an mswindows limitation, a registry setting that can be extended to about 4 GB, still a boundary.

Hence my feature wish: Can a veracrypt container be chopped in user-selectable size files?

The other advantage can be that if the veracrypt container is stored on a system like dropbox, google-drive or onedrive, the update-transfer should not be the entire volume every time, but only the touched files.

Writing this last idea, it can be a security risk if not all the files have the same timestamp. Hence, it could be an option to touch all files on umount and/or touch random other files on write actions.

New Post: Favorite Volumes Not Mounting on Login

February 12, 2017, 9:52 am
$
0
0
Enigma2Illusion wrote:
Uncheck the options you enabled and use System Favorites.

https://veracrypt.codeplex.com/wikipage?title=System%20Favorite%20Volumes
That does work - and it's what I've been doing in the interim, however I'd rather the volumes not be mounted for all users. Am I misinterpreting how the favorites are designed to work here? The documentation leads me to believe this /should/ result in the drives being mounted.

New Post: TRIM Not Working

February 12, 2017, 9:56 am
$
0
0
kavsrf wrote:
For data drives VeraCrypt creates virtual disk and emulates disk functions.
For system drive VeraCrypt does not create virtual disk. It works like ordinary disk filter. Probably VeraCrypt should not affect TRIM on system. My system is encrypted on SSD.
Right right - so it's very possible what I'm seeing in-place of the zeroes I'm expecting is what VC is interpreting those zeroes to be after decryption (I don't suppose it bothers to differentiate between files and free space - since that would cause a host of other issues).

BUT, the behavior does appear to have changed at least somewhat.

Any idea if IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES is actually required for TRIM? I'm wondering if the extended disk control codes not being enabled are causing some issues with it.
Viewing all 7620 articles
Browse latest View live
Search

Latest Images

Telangana Human Rights Commission (TGHRC) seeks report from revenue dept on...

Telangana Human Rights Commission (TGHRC) seeks report from revenue dept on...

July 19, 2025, 7:29 pm
Crisis-hit NHS fat cats raking in MASSIVE salaries as frontline services cry...

Crisis-hit NHS fat cats raking in MASSIVE salaries as frontline services cry...

July 19, 2025, 2:11 pm
NBC Sports’ Super Bowl commercial cost revealed after Fox made $800 million...

NBC Sports’ Super Bowl commercial cost revealed after Fox made $800 million...

July 19, 2025, 2:04 pm
WATCH: What you need to know about the Pacquiao-Barrios title fight

WATCH: What you need to know about the Pacquiao-Barrios title fight

July 19, 2025, 6:46 am
Review: Skil PWRCore 20 18-Gauge Brad Nailer

Review: Skil PWRCore 20 18-Gauge Brad Nailer

July 19, 2025, 5:00 am
Why Not Try Sanity?

Why Not Try Sanity?

July 19, 2025, 4:17 am
Inside sick ‘child fight clubs’ where gangs lure teens into savage street...

Inside sick ‘child fight clubs’ where gangs lure teens into savage street...

July 19, 2025, 3:59 am
Met Eireann’s 24-hour weather alert kicks in with ‘heavy rain’ and ‘isolated...

Met Eireann’s 24-hour weather alert kicks in with ‘heavy rain’ and ‘isolated...

July 19, 2025, 3:00 am
Manny Pacquiao vs Mario Barrios undercard thrown into chaos as fighter is...

Manny Pacquiao vs Mario Barrios undercard thrown into chaos as fighter is...

July 19, 2025, 2:52 am
Former Hampton Roads Baseball Star Honored by Mets as Number is Officially...

Former Hampton Roads Baseball Star Honored by Mets as Number is Officially...

July 19, 2025, 12:45 am
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>