veracrypt

Create a new volume through a text user interface and use /dev/urandom as a source of random data

$ veracrypt [[-t|--text]] [[-c|--create]] --random-source=[/dev/urandom]

$ veracrypt [[-t|--text]] [path/to/volume] [path/to/mount_point]

$ veracrypt [[-k|--keyfiles]] [path/to/keyfile] [/dev/sdXN] [path/to/mount_point]

$ veracrypt [[-d|--dismount]] [path/to/mounted_point]

veracrypt [options] [volume] [mountpoint]

--auto-mount={partitions|devices|favorites|system}
    Automatically mounts partitions, devices, favorites, or the system encryption. Implies --non-interactive.

--backup-headers
    Backs up the volume headers of the specified volume.

--change
    Changes the password, PIM, or keyfiles of the specified volume.

--create
    Creates a new VeraCrypt volume.

--dismount
    Dismounts the specified volume.

--dismount-all
    Dismounts all mounted VeraCrypt volumes.

--encryption={algorithm}
    Specifies the encryption algorithm to use (e.g., AES, Serpent, Twofish).

--explore
    Opens the mounted volume in a file explorer.

--filesystem={filesystem}
    Specifies the filesystem to use (e.g., FAT, NTFS, ext4).

--hash={hash}
    Specifies the hash algorithm to use (e.g., SHA-512, Whirlpool).

--keyfile={path}
    Specifies a keyfile to use for encryption/decryption.

--list
    Lists mounted VeraCrypt volumes.

--mount
    Mounts the specified VeraCrypt volume.

--pim={PIM}
    Sets the PIM to use when mounting a volume.

--protect-hidden={yes|no}
    Set whether to protect hidden volume when mounting outer volume.

--size={size}
    The size of the volume that should be created.

--non-interactive
    Run the program in non-interactive mode.

--password={password}
    Supply the password for the volume.

--verbose
    Display more information.

--help
    Displays the help message.

VeraCrypt is a free and open-source disk encryption software. It is a fork of the discontinued TrueCrypt project. It allows users to create encrypted volumes or encrypt entire storage devices, protecting sensitive data from unauthorized access.
VeraCrypt uses strong encryption algorithms such as AES, Serpent, and Twofish (or a combination of them) to secure data. It supports various encryption modes and key sizes. It can create virtual encrypted disk files or encrypt entire partitions or storage devices.
VeraCrypt offers features like plausible deniability by creating hidden volumes within a standard volume. It is cross-platform, available for Windows, macOS, and Linux. It has become a widely used tool for protecting data privacy and security.
On Linux, VeraCrypt is typically used via a command-line interface using the `veracrypt` command along with a graphical user interface is commonly available.

Incorrect usage of VeraCrypt, especially during volume creation or mounting, can lead to data loss. Always back up important data before working with encrypted volumes. Losing the password or keyfiles will result in permanent data loss.

VeraCrypt supports plausible deniability through hidden volumes. A hidden volume is stored within the free space of another VeraCrypt volume (the outer volume). This allows a user to deny the existence of the hidden volume if compelled to reveal the password to the outer volume.

Mounting a VeraCrypt volume makes its contents accessible as if it were a regular disk partition. The mountpoint must be an existing directory on the system. Proper dismounting is crucial to prevent data corruption. The `--dismount` or `--dismount-all` options should be used when the volume is no longer needed.

VeraCrypt is a fork of TrueCrypt, a once-popular open-source encryption tool. TrueCrypt development ceased abruptly in 2014, raising security concerns. VeraCrypt was created to address these concerns and continue the development of a secure disk encryption solution.
The initial development of VeraCrypt focused on auditing and improving the security of the TrueCrypt codebase. Over time, new features and improvements have been added, making VeraCrypt a robust and widely used encryption tool. VeraCrypt is still maintained, has an active development and user community.

cryptsetup(8), losetup(8)