Mounting Encrypted VeraCrypt Drive during Boot
Solution 1
The simple thing I've been doing for 5 years now is to simple load it in my ~/.profile. However, since I don't want remount when already mounted, I check if a directory in the mount is present.
if [ ! -d "/media/Data/some_folder" ]; then
veracrypt /dev/sda7 /media/Data
fi
You're probably better off finding something better, but this could work for now. I'd also encourage you to add truecrypt/veracrypt into your sudoers list so you don't have to enter your root password as well. See here: https://askubuntu.com/a/940972/400549
Solution 2
Maybe I can give some hints - but I am not very experienced, so please consider security issues for yourself:
I also tried to mount an external veracrypt-encrypted drive during startup via /etc/rc.local. Therefore I put a small bash-script in /usr/local/sbin. It contained only the veracrypt-mount-command, in which I put in the password:
veracrypt --password=XXXX --mount /dev/sda1
(security issue!)
I observed, that this script did not work if called during startup by /etc/rc.local while it worked without problems when called in TErminal after complete bootup with sudo. In this case the script ran without interaction, did not bring up the GUI and mounted the drive.
In /var/log/syslog I could see then, that the veracrypt command called by rc.local behaved different and expected interaction with the user, e.g. wanted the specification of the mountpoint (where to mount), whether hidden-volume-protection was needed etc.
So for my case it works now with the command-line option --non-interactive:
veracrypt --non-interactive --password=XXXX --mount /dev/sda1
or
if I specify all options, that veracrypt asked for as visible in /var/log/syslog (for this I added one option after the other and restarted...). Example:
veracrypt --fs-options=uid=XX,gid=XX --password=XXXXX --pim=0 -k "" --protect-hidden=no --mount /dev/sdb /PATH/TO/MOUNTPOINT
Besides, duckduckgo found this page for me:
https://wiki.archlinux.org/index.php/TrueCrypt
Maybe - I don't really know - it is possible and better and more convenient to mount veracrypt volumes with cryptsetup...
Related videos on Youtube
10 : 34
01 : 39
03 : 02
02 : 23
09 : 52
14 : 27
19 : 23
07 : 59
Baa
Updated on September 18, 2022Comments
-
Baa over 1 year
I have a single extra HardDrive encrypted with VeraCrypt in Ubuntu Gnome 16.04.
I'd like to use it to store my Documents, Photos etc, but I can't easily redirect the home links if the drive is not mounted at startup.
The command to mount it normally would be:
veracrypt --mount /dev/sda1Typically this brings up a GUI but I think if without one it would let me input the password in the terminal.
Is there anyway I can do this during boot? I've so far attempting putting the line in
/etc/rc.localas another website suggested but it did not work :(If it's relevant, i'm currently booting without the splash screen due to another issue I had with inputting the password to unlock
/Thanks.
-
Baa about 6 yearsAh this is useful, thanks. It could perhaps be combined with using keyfiles instead of passwords, and then using cryptsetup to store the keyfiles. Although I suppose, if the drive storing the script is encrypted anyway, then it wouldn't matter if you use key files or passwords...