Encrypted volume works in Windows but not Linux
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hello!
This is a very weird issiue I am having where I generally try to troubleshoot myself if I have a problem, although this is on a whole new level.
Problem: My encrypted volume (external 2.5") was working perfect when using Linux, I tried mounted it on Windows and now it does not work in Linux. Only on Windows.
Installation: Encrypted the external fully with VeraCrypt Stable (1.22, march build) and used "Standard VeraCrypt volume" with the AES(Twofish(Serpent)) and SHA-512 and no special PIM, lastly I checked the "I will mount the volume on other platforms".
Usage: I been using this encrypted external only on Linux (Kubuntu, 17.04 with the same VeraCrypt version stated above) with no problems at all. I succussfully mount the external into Windows 10 and edit some files and here is where my problem occurs. When typing the same password used on Windows and previously in Linux when decryptning I got this error message below:
"Auto-mount failed due to one or more of the following:
Same settings still applies on the Linux dist, so I try with "TrueCrypt Mode", still not works. Updated just new to 1.23BETA and still does not work! I am amazed, how do I get this working on Linux?
This issue is very strange indeed and the only explanation is that something happened in Windows that made the volume header not accessible by Linux.
In the latest Linux 1.23-BETA3 version, I have added an option to mount the volume using the embedded backup header as seen in the screenshot below. Can you please mount the volume on your Linux machine with this option checked? if it works, this would confirm that the issue is linked to the main volume header although I don't understand how this could have happened.
Also, can you please give more details about the drive you are using? model, capacity, 4K or 512e mode? Thank you.
Hi Mounir!
Just checked that box and still does not work, same error.
Model: Seagate 500LM030 (2 months old, no prior data before purchase and encrypted with VeraCrypt). My sole reasson to buying two internal HDD and use them as backup and VeraCrypt as a the main encryption tool.
File format: exFAT (Multi-plattform for Linux/Window)
Cabinet: MANTISTEK, Mbox 2.5
Althought I do not know what "4K or 512e mode" is, how can I obtain that info?
Last edit: The Snackbar 2018-08-19
Hi once again Mounir!
I mounted the external HDD and wrote them some essential information about the external. Question should I try to repair the filesystem? It works perfectly well on Windows, however tried updating my BIOS, changing USB and removing the external cabinet and inserting once again without any good results.
Type: Normal
Read-Only: No
Hidden Volume Protected: No
Encryption Algorithm: AES(Twofish(Serpent))
Primary Key Size: 768 bits
Secondary Key Size (XTS Mode): 768 bits
Block Size: 128 bits
Mode of operation: XTS
PKCS-5 PRF: HMAC-SHA-512
Volume Format Version: 2
Embedded Backup Header: Yes
Thank you for all these details.
Since the backup header didn't work on Linux while everything is OK on Windows, the only explanation is that the offset of data on physical disk are not the same between Linux and Windows! Thus, VeraCrypt doesn't read the same data on Linux and on Windows.
This is impossible normally since disks expose their sector the same way across all operating systems. I suspect that in your case this has to do with the MantisTek USB enclosure that you are using for your HD: somehow after connecting it to Windows, it changed the way it is communicating with the host (firmware update?) and so after putting it back to Linux it doesn't expose the same disk sectors view as it did before.
Repaiting filesystem will have no effect because the issue is at sector level and it is caused by the fact that the disk enclosure is not returning the same data at the same offset between Windows and Linux.
All these elements show that nothing can be done on the software side since this is really a communication issue with the disk for which I have no explanation.
Is it possible for you to put the disk in different encluser and see if it works better?
A test that you can do is to use the cross-platform application wxHexEditor to read the content of the first sector of the encrypted partition on both Linux and Windows. If my analysis is correct, you will not get the same value. If official Linux binary of wxHexEditor doesn't work on your machine, you can use the one I compiled from source and that is available at https://www.idrix.fr/wxHexEditor.tar.bz2.
One thing I suspect is that the partition you are using doesn't start on an offset that is multiple of 4096. Can you please run the tool ListDrivesTool available at https://sourceforge.net/projects/veracrypt/files/Contributions/ and report the output associated with your disk?
Hi Mounir!
I solved the problem by doing a file repair through VeraCrypt in Windows. Works in Windows and Linux now...weird problem but hey it is solved.
Maybe you should put it into the FAQ?
Last edit: The Snackbar 2018-08-23
@idrassi
I am having the interoperatbility problem with a encrypted partition between Windows and Linux with a standard WD MyPassport 4TB HDD, which I think is quite a common device. I would like to see if you theory is correct and tried to to measurements with wxHexEditor. I failed to get the tool to record the raw Windows partition. I only could read the mounted partition, but mounted by Veracrypt. So I think it would be expected that the unmounted Linux and the mounted Windows would be different? Did you acutally use this tool to read a raw encrpyted partition in Windows? Is there a specific trick to achive that?
Just for clarity, which method did you use to repair the VeraCrypt filesystem?
Windows GUI:
Windows Explorer > Right click on mounted drive > Properties > Tools > Error Checking
VeraCrypt GUI:
VeraCrypt GUI > right click on the mounted volume > select Repair Filesystem
Command prompt run as Admin:
chkdsk /R /F "Drive Letter goes here":
Ex: chkdsk /R /F P:
Last edit: Enigma2Illusion 2018-08-23
I tried to do that.
Worked on Linux.
Failed on Windows. How to read the 1st sector of an unmounted disk in windows?
To mount it I would need to run VeraCrypt. I checked Linux against the veracrypt mounted ones and they are totally different. Does that makes sense?
I have the same issue as the OP with a standard WD Passport 4TB disk. I would like to use them both in Linux and Windows. Possible?
Last edit: Tiger Beard 2019-07-27
I found the source of the problem.
It was a hardware issue. The Linux system had a PCIe USB3.0 card hat caused the problem. I swapped it for a new USB3.0 PCIe card and I could open the veracrypt volume like in windows.
This is very interesting, because any other UBS drives and sticks worked fine with that adapter. The error "Bad superblock" only appeared with veracrypt. I did not expect that this kind of behaviour could be caused by faulty hardware.
Thanks Tiger
PS: I still would be interested to know how to read the first raw sector of an veracrypt in Windows with the great wxHexEditor tool (thanks for the tip), but its not urgent any more.