Taking a very long time for veracrypt to load when key file is specified in...
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
When trying to mount a volume in my Ubuntu 14.04 LTS using command line, the 'Enter Password' window takes too long to open (around 1-2 minutes). It shows "Please wait. This process may take a long time..." during this time. This happens only when I specify a key file in the command, example when I use
veracrypt -k key_file volume_path mount_directory
it takes a long time, while if I just use
veracrypt volume_path mount_directory
it comes instantly, where I can just specify the key file location through the UI. I have also installed Truecrypt and it does not show this behaviour, i.e., the 'Enter Password' window comes instantly in Truecrypt. The actual mounting of the volume only take a very few seconds after entering password. It should not take this long to just display the "Enter password" window regardless of whether key files are specified in the command line or not. Please fix this issue as this is important to me because I use scripts to mount/unmount Veracrypt volume.
Another issue is, I do not understand how I can mount using Truecrypt mode from command line. If i use this
veracrypt -tc -k key_file volume_path mount_directory
I get the error. "Unexpected parameter 'mount_directory'", and if I use
veracrypt -tc -k key_file volume_path
I get the 'Enter Password' window with 'Truecrypt mode' selected, but 'Keyfiles' not selected. Please let me know how to correctly use Truecrypt mode directly from command line (with key file)
Hi,
Concerning the long delay to open the password dialog when a keyfile is specified, it is caused by the fact that we try to mount the volume using an empty password first and then after it fails we show the password dialog.
Actually, this behavior was inherited from TrueCrypt but it doesn't cause delay in TrueCrypt because its key derivation is very quick, so checking with a wrong password is barely noticeable.
I agree that this should be solved. The easiest way is to remove implicit empty password when a keyfile is specified and to force those who use only a keyfile without password to explicitly specify an empty password (e.g. -p "").
This will break existing scripts for those using empty passwords but the alternative of explicitly specifying empty password is an easy fix.
I have committed such change: https://sourceforge.net/p/veracrypt/code/ci/ca64f3870b062c375666c5b697b0209d992dced8/
You can download the 1.12-BETA Linux installer that contains this: https://sourceforge.net/projects/veracrypt/files/VeraCrypt Nightly Builds
Concerning your second issue with TrueCrypt mode, it was fixed in Git previously and you can use the 1.12-BETA to have the correct behavior.
I installed the 1.12-BETA version on my PC using the link you specified and can confirm that the issues I raised have indeed been resolved. Thank you very much for this prompt response. Now, I can use Veracrypt the same way I used Truecrypt. Also, I find the new PIM feature (user specified number of iterations instead of the default one) very useful and thank you for adding it.