mounting veracrypt from backup
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
PC with MBR partition table, first partition linux with grub, second
partition windows 7. further data partitions behind. Installed
veracrypt 1.23-hotfix2 on windows 7, encrypted windows 7 partition
as system partition all default parameters (HMAC-SHA-256). Works/boots fine.
Want to understand if/how in emergency i can mount backup:
Simple backup of windows/veracrypt partition with dd, trying to
mount with veracrypt from linux, entering PIM 200000, but then it
hangs forever.
In the process of trying to figure out what i could do wrong i also
stumbled over the --slot option, but could not find any explanation
what it is good for, and why/when i would need to use it.
First, can you tell me the command you used to create dd backup of that partition? Also, when you say entering a pim of 200000, this is quite a huge value. In case you don't already know, PIM stands for Personal Iterations Multiplier, basically i beleive it multiplys the default iterations by the number that you use for pim, which means the higher the number, the more security but the longer it takes to decrypt, a value this big will make it extremely long to decrypt it which could explain why it seems like it hangs forever, depending on your hardware a pim this big could make it take hours to open.
Since you said that booting straight into it works fine, do you enter the same PIM? The PIM should have been setup when first encrypting, the value needs to be entered the same each time wether it's booting into it, or even opening the backup.
We would also have to be sure that the dd image backup completed successfully without errors, being sure the backup is not corrupt and it's mounted properly. dd is sort of an advanced tool, you might be better off using a tool like clonezilla which makes it easier to perform such operations. If you prefer using dd manually, thats ok as long as you fully undertand it's options and how to properly use it, may help to use a tool like pv (Pipeline viewer) to view progress of data between input/output, if your not already using it. If your on debian based system, you can install it through apt on the command line.
I do not use veracrypt cli, I use the gui but from what i've seen I beleive the --slot is used to specify the slot number (1, 2, 3 , 4 ...) what you see in the gui, for it to mount. You know when you mount a volume on linux through veracrypt it'll mount to /media/veracrypt1 or /media/veracrypt2 ... the number will be different depnding on its slot number used. There obviously can't be more than 1 folder in that path with the same name, thats why this is used.
I'm probably not the best to assist you in this case, but figured I'd give some pointers as I know no one else yet has replied to you yet.