In Veracrypt you can save mounted volumes as favorites which makes it easier to mount those volumes when starting Veracrypt. Although the container and mount path are saved you still need to enter the volume’s password and key if needed for each volume being mounted. On top of that, when using Linux you’ll be prompted to enter your Linux account password for sudo. With several volumes to mount this can be time-consuming and cumbersome.
Fortunately, Veracrypt includes the ability to manage encrypted volumes from the command-line. You can supply the password and key to mount the volumes on the commannd-line in the terminal. You can put these commands in a script to mount multiple volumes. Running from script will allow you to mount several volumes and only have to enter your Linux password for sudo once. However, putting passwords in scripts is a big security risk.
A better way is to have the script prompt for the password. The following script will mount multiple volumes and only prompt for the password one time. To make this work I set the password for the Veracrypt volumes the same as my Linux system password. The script will pass the sudo password (which is the same as the Veracrypt password) to the Veracrypt command satisfying the sudo prompt.
#!/bin/bash
# Mount/unmount Veracrypt (Truecrypt) volumes on Dell laptop
# v2 - Check for mounted volumes and unmount if found. Otherwise mount volumes.
# save and change IFS
OLDIFS=$IFS
IFS=$'\n'
RUNDATE=`date +%Y%m%d` # append date to file
LOGFILE='/home/joey/script.log'
LOCKFILE='/home/joey/Temp/veracrypt.lock' # file to indicate volumes should be mounted
SCRIPT=`basename "$0"` # get name of this script
echo -------------------------------------------------------------------------- | tee -a "$LOGFILE"
echo "Executing script: $SCRIPT" | tee -a "$LOGFILE"
# prompt for password
echo "Enter Password (not echoed): "
read -s PASSWORD
echo "NOTE: If prompted to enter 'Administrator' password, ignore it."
# Check for lock file. If exists unmount volumes else mount volumes
if [ -f $LOCKFILE ]; then
echo "Lock file found." | tee -a "$LOGFILE"
echo "Attempting to un-mount Veracrypt volumes" | tee -a "$LOGFILE"
# Unmount Veracrypt volumes
veracrypt --text --dismount
# Display system notification
notify-send "Veracrypt" "Veracrypt volumes unmounted." -t 0 -u Normal -i /usr/share/icons/mate/48x48/status/changes-prevent.png
# Remove lock file
rm $LOCKFILE
else
echo "Attempting to mount Veracrypt volumes" | tee -a "$LOGFILE"
# PUT KEYLESS VOLUMES FIRST
# Volume 2
VCSLOT=2
VCVOLUME=/home/joey/e6ef0971-7801-442f-9f6c-f3f945922efb
VCMOUNT=/media/veracrypt2
VCPASSWD=$PASSWORD
VCKEYFIL=
echo "Mounting volume $VCVOLUME to mount point $VCMOUNT" | tee -a "$LOGFILE"
echo $PASSWORD | veracrypt --text --mount $VCVOLUME $VCMOUNT --password $VCPASSWD --pim 0 --keyfiles "$VCKEY" --protect-hidden no --slot $VCSLOT --verbose
# Volume 1 - requires key
VCSLOT=1
VCVOLUME=/home/joey/3c1547fa-1ad3-11eb-adc1-0242ac120002
VCMOUNT=/media/veracrypt1
VCPASSWD=$PASSWORD
VCKEY=/home/joey/.safe/3c1547fa-1ad3-11eb-adc1-0242ac120002.key
echo "Mounting volume $VCVOLUME to mount point $VCMOUNT" | tee -a "$LOGFILE"
echo $PASSWORD | veracrypt --text --mount $VCVOLUME $VCMOUNT --password $VCPASSWD --pim 0 --keyfiles "$VCKEY" --protect-hidden no --slot $VCSLOT --verbose
# List volumes
echo "Mounted Veracrypt volumes:" | tee -a "$LOGFILE"
echo $PASSWORD | veracrypt --text --list | tee -a "$LOGFILE"
# Display system notification
notify-send "Veracrypt" "Veracrypt volumes mounted." -t 0 -u Normal -i /usr/share/icons/mate/48x48/status/changes-prevent.png
# Create lock file
echo $(date) > $LOCKFILE
fi
# restore IFS
IFS=$OLDIFS
echo "Script completed: `date`" | tee -a "$LOGFILE"
echo -------------------------------------------------------------------------- | tee -a "$LOGFILE"
When the above script is run in terminal it prompts for the password and using “tee” outputs log entries to the screen and a file.
joey@HAVEN-E6520:~$ Scripts/veracrypt.v2.sh -------------------------------------------------------------------------- Executing script: veracrypt.v2.sh Enter Password (not echoed): NOTE: If prompted to enter 'Administrator' password, ignore it. Attempting to mount Veracrypt volumes Mounting volume /home/joey/e6ef0971-7801-442f-9f6c-f3f945922efb to mount point /media/veracrypt2 Volume "/home/joey/e6ef0971-7801-442f-9f6c-f3f945922efb" has been mounted. Mounting volume /home/joey/3c1547fa-1ad3-11eb-adc1-0242ac120002 to mount point /media/veracrypt1 Volume "/home/joey/3c1547fa-1ad3-11eb-adc1-0242ac120002" has been mounted. Mounted Veracrypt volumes: 2: /home/joey/e6ef0971-7801-442f-9f6c-f3f945922efb /dev/mapper/veracrypt2 /media/veracrypt2 1: /home/joey/3c1547fa-1ad3-11eb-adc1-0242ac120002 /dev/mapper/veracrypt1 /media/veracrypt1 Script completed: Mon 12 Sep 2022 12:33:50 AM EDT -------------------------------------------------------------------------- joey@HAVEN-E6520:~$
Running the script again causes it to dismount the volumes.
joey@HAVEN-E6520:~$ Scripts/veracrypt.v2.sh -------------------------------------------------------------------------- Executing script: veracrypt.v2.sh Enter Password (not echoed): NOTE: If prompted to enter 'Administrator' password, ignore it. Lock file found. Attempting to un-mount Veracrypt volumes Script completed: Mon 12 Sep 2022 12:34:04 AM EDT -------------------------------------------------------------------------- joey@HAVEN-E6520:~$
Resources
https://linuxhint.com/how-to-install-and-use-veracrypt-on-ubuntu/
https://arcanecode.com/2021/06/14/veracrypt-on-the-command-line-for-windows/
Charles Haven 