Convert Trucrypt file container by command line (Linux)?

[Ken Taylor]

I have a BUNCH of TC files (containers) which I wish to convert to VC.

[Ken Taylor]

Never mind I think I have it figured out. If not I will add my questions. Sorry

[Ken Taylor]

I knew it could not be this easy. I tried this veracrypt -tc --change=/home/ken/Desktop/test1.tc --new-keyfiles=/home/ken/Desktop/mykey -p="this is a test" which should have added the keyfile "mykey" to the TrueCrypt flavor file "test1.tc" both of which reside on my Desktop on my CentOS 7.5 Linux machine which has VC 1.22 command line and gui installed. I got the helpful error "Incorrect command line specified." What am I missing?

[Adrian Kentleton]

If I were to add a keyfile to a standard VC volume (on Linux Mint 18.n, VC 1.21) I would add -t to the start of the command line, and specify existing and new password (could be the same) and existing and new pim (as --pim=0 , --new-pim=0 if default pim used).

You have to be in 'Use text user interface' mode (-t) since you will be asked to enter random characters as part of the process; it will also ask you for input if you've forgotten to specify other necessary parameters in the command line. It might also output more helpful error messages if you are doing something wrong.

Presumably, --pim=0 is not relevant/necessary when converting TC volumes; I don't know whether -t needs to come before or after -tc (have no legacy volumes to experiment on).

[Ken Taylor]

Thahnks Adrian,
I was missing the -t and I should NOT have been using =. With those changes it seems to proceed. However, it prompts me for a new password, which I do not want, a new PIM which I do not want, 320 random characters which I am not going to type in. I canceled the process at that point. I have about 170 DVD size container/files with baackup data which I wish to batch convert. This is not going to do the trick. I may just build a corresponding VC container and clone it off 170 times. Then I can perhaps prepare a script to open the TC file, open the VC file and copy the contents across. That was my original plan when I came across the conversion concept.
Ken

[Adrian Kentleton]

170 containers is a lot! All same password? All same new keyfile? If so, it should be possible to achieve what you want to do without additional user input ie just change name of container each time.

a. You can input 320 characters of random data from a text file; use the --random-source=<str> option.

b. In Linux. you can equally use = or leave a space; it seems to make no difference. That is eg --pim=0 and --pim 0 are equivalent.

c. Just make --new-password same as the --password, but state it explicitly in the command line. And use --new-pim= whatever you want it to be (or use 0 for VC's default).

Does that not work?

[Adrian Kentleton]

This is the command line with which I successfully added a keyfile to a test VC file on my desktop, called 'test', which had the default PIM, a password 'test', adding a key file called 'key', and a text file called 'random' as a source of random data:

sudo veracrypt -t -C --hash sha512 --encryption aes -p test --pim 0 ~/Desktop/test --new-keyfiles ~/Desktop/key --new-password test --new-pim 0 --random-source ~/Desktop/random

If you do some trivial sudo operation first, no further user input was required at all ie not even the sudo password; the command just completed (and output a success message). Of course, perhaps that you are working on TC volumes may complicate matters.

[Ken Taylor]

Thanks again Adrian,

170 files go back more than 20 years. Originally many of the were PGP Disk containers. When I migrated to TrueCrypt I created TC containers and copied the data to them. I would not bother to convert them again except that VC 1.22 will not cache the password when using TC mode. Sort of a pain if I need to look through several files.

Thanks once more for all your assistance.

Ken