diff options
Diffstat (limited to 'doc/html/Command Line Usage.html')
| -rw-r--r-- | doc/html/Command Line Usage.html | 75 |
1 files changed, 64 insertions, 11 deletions
diff --git a/doc/html/Command Line Usage.html b/doc/html/Command Line Usage.html index 29964e6a..c463b04c 100644 --- a/doc/html/Command Line Usage.html +++ b/doc/html/Command Line Usage.html @@ -10,8 +10,8 @@ </head> <body> -<div> -<a href="https://www.veracrypt.fr/en/Home.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a> +<div> +<a href="Documentation.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a> </div> <div id="menu"> @@ -27,7 +27,7 @@ <div> <p> -<a href="Documentation.html">Documentation</a> +<a href="Documentation.html">Documentation</a> <img src="arrow_right.gif" alt=">>" style="margin-top: 5px"> <a href="Command%20Line%20Usage.html">Command Line Usage</a> </p></div> @@ -37,7 +37,7 @@ <h1>Command Line Usage</h1> <p>Note that this section applies to the Windows version of VeraCrypt. For information on command line usage applying to the <strong>Linux and Mac OS X versions</strong>, please run: veracrypt –h</p> -<table border="1" cellspacing="0" cellpadding="0"> +<table border="1" cellspacing="0" cellpadding="1"> <tbody> <tr> <td><em>/help</em> or <em>/?</em></td> @@ -49,7 +49,7 @@ </tr> <tr> <td><em>/hash</em></td> -<td>It must be followed by a parameter indicating the PRF hash algorithm to use when mounting the volume. Possible values for /hash parameter are: sha256, sha-256, sha512, sha-512, whirlpool, ripemd160 and ripemd-160. When /hash is omitted, VeraCrypt will try +<td>It must be followed by a parameter indicating the PRF hash algorithm to use when mounting the volume. Possible values for /hash parameter are: sha256, sha-256, sha512, sha-512, whirlpool, blake2s and blake2s-256. When /hash is omitted, VeraCrypt will try all possible PRF algorithms thus lengthening the mount operation time.</td> </tr> <tr> @@ -107,8 +107,8 @@ If it is followed by <strong>n</strong> or <strong>no</strong>: force the displa </tr> <tr> <td><em>/secureDesktop</em></td> -<td>If it is followed by <strong>y</strong> or <strong>yes</strong> or if no parameter is specified: display password dialog in a dedicated secure desktop to protect against certain types of attacks.<br> -If it is followed by <strong>n</strong> or <strong>no</strong>: the password dialog is displayed in the normal desktop.</td> +<td>If it is followed by <strong>y</strong> or <strong>yes</strong> or if no parameter is specified: display password dialog and token PIN dialog in a dedicated secure desktop to protect against certain types of attacks.<br> +If it is followed by <strong>n</strong> or <strong>no</strong>: the password dialog and token PIN dialog are displayed in the normal desktop.</td> </tr> <tr> <td><em>/tokenlib</em></td> @@ -123,6 +123,7 @@ If it is followed by <strong>n</strong> or <strong>no</strong>: the password dia <td><em>/cache</em> or <em>/c</em></td> <td>If it is followed by <strong>y</strong> or <strong>yes</strong> or if no parameter is specified: enable password cache; <br> +If it is followed by <strong>p </strong>or<strong> pim</strong>: enable both password and PIM cache (e.g., /c p).<br> If it is followed by <strong>n </strong>or<strong> no</strong>: disable password cache (e.g., /c n).<br> If it is followed by <strong>f </strong>or<strong> favorites</strong>: temporary cache password when mounting multiple favorites (e.g., /c f).<br> Note that turning the password cache off will not clear it (use /w to clear the password cache).</td> @@ -175,6 +176,20 @@ Note that turning the password cache off will not clear it (use /w to clear the <p>Please note that this switch may be present several times in the command line in order to specify multiple mount options (e.g.: /m rm /m ts)</p> </td> </tr> +<tr> +<td><em>/DisableDeviceUpdate</em> </td> +<td>Disables periodic internel check on devices connected to the system that is used for handling favorites identified with VolumeID and replace it with on-demande checks.</td> +</tr> +<tr> +<td><em>/protectMemory</em> </td> +<td>Activates a mechanism that protects VeraCrypt process memory from being accessed by other non-admin processes.</td> +</tr> +<tr> +<td><em>/signalExit</em> </td> +<td>It must be followed by a parameter specifying the name of the signal to send to unblock a waiting <a href="https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/waitfor" target="_blank">WAITFOR.EXE</a> command when VeraCrypt exists.<br> +The name of signal must be the same as the one specified to WAITFOR.EXE command (e.g."veracrypt.exe /q /v test.hc /l Z /signal SigName" followed by "waitfor.exe SigName"<br> +This switch is ignored if /q is not specified</td> +</tr> </tbody> </table> <h4>VeraCrypt Format.exe (VeraCrypt Volume Creation Wizard):</h4> @@ -200,6 +215,23 @@ It must be followed by a parameter indicating the size of the container file tha It must be followed by a parameter indicating the password of the container that will be created.</td> </tr> <tr> +<td> /keyfile or /k</td> +<td> (Only with /create)<br> +It must be followed by a parameter specifying a keyfile or a keyfile search path. For multiple keyfiles, specify e.g.: /k c:\keyfile1.dat /k d:\KeyfileFolder /k c:\kf2 To specify a keyfile stored on a security token or smart card, use the following syntax: + token://slot/SLOT_NUMBER/file/FILE_NAME</td> +</tr> +<tr> +<td><em>/tokenlib</em></td> +<td> (Only with /create)<br> +It must be followed by a parameter indicating the PKCS #11 library to use for security tokens and smart cards. (e.g.: /tokenlib c:\pkcs11lib.dll)</td> +</tr> +<tr> +<td><em>/tokenpin</em></td> +<td> (Only with /create)<br> +It must be followed by a parameter indicating the PIN to use in order to authenticate to the security token or smart card (e.g.: /tokenpin 0000). Warning: This method of entering a smart card PIN may be insecure, for example, when an unencrypted command + prompt history log is being saved to unencrypted disk.</td> +</tr> +<tr> <td> <em>/hash</em></td> <td>(Only with /create)<br> It must be followed by a parameter indicating the PRF hash algorithm to use when creating the volume. It has the same syntax as VeraCrypt.exe.</td> @@ -250,13 +282,34 @@ It has no parameters and it indicates that no message box or dialog will be disp <td>Do not verify that VeraCrypt Rescue Disks are correctly burned. <strong>WARNING</strong>: Never attempt to use this option to facilitate the reuse of a previously created VeraCrypt Rescue Disk. Note that every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk even if you use the same password. A previously created VeraCrypt Rescue Disk cannot be reused as it was created for a different master key.</td> </tr> +<tr> +<td>/nosizecheck</td> +<td>Don't check that the given size of the file container is smaller than the available disk free. This applies to both UI and command line.</td> +</tr> +<tr> +<td>/quick</td> +<td>Perform quick formatting of volumes instead of full formatting. This applies to both UI and command line.</td> +</tr> +<tr> +<td>/FastCreateFile</td> +<td>Enables a faster, albeit potentially insecure, method for creating file containers. This option carries security risks as it can embed existing disk content into the file container, possibly exposing sensitive data if an attacker gains access to it. Note that this switch affects all file container creation methods, whether initiated from the command line, using the /create switch, or through the UI wizard.</td> +</tr> +<tr> +<td><em>/protectMemory</em> </td> +<td>Activates a mechanism that protects VeraCrypt Format process memory from being accessed by other non-admin processes.</td> +</tr> +<tr> +<td><em>/secureDesktop</em></td> +<td>If it is followed by <strong>y</strong> or <strong>yes</strong> or if no parameter is specified: display password dialog and token PIN dialog in a dedicated secure desktop to protect against certain types of attacks.<br> +If it is followed by <strong>n</strong> or <strong>no</strong>: the password dialog and token PIN dialog are displayed in the normal desktop.</td> +</tr> </tbody> </table> <h4>Syntax</h4> -<p>VeraCrypt.exe [/tc] [/hash {sha256|sha-256|sha512|sha-512|whirlpool |ripemd160|ripemd-160}][/a [devices|favorites]] [/b] [/c [y|n|f]] [/d [drive letter]] [/e] [/f] [/h [y|n]] [/k keyfile or search path] [tryemptypass [y|n]] [/l drive letter] [/m {bk|rm|recovery|ro|sm|ts|noattach}] +<p>VeraCrypt.exe [/tc] [/hash {sha256|sha-256|sha512|sha-512|whirlpool |blake2s|blake2s-256}][/a [devices|favorites]] [/b] [/c [y|n|f]] [/d [drive letter]] [/e] [/f] [/h [y|n]] [/k keyfile or search path] [tryemptypass [y|n]] [/l drive letter] [/m {bk|rm|recovery|ro|sm|ts|noattach}] [/p password] [/pim pimvalue] [/q [background|preferences]] [/s] [/tokenlib path] [/v volume] [/w]</p> -<p>"VeraCrypt Format.exe" [/n] [/create] [/size number[{K|M|G|T}]] [/p password] [/encryption {AES | Serpent | Twofish | Camellia | Kuznyechik | AES(Twofish) | AES(Twofish(Serpent)) | Serpent(AES) | Serpent(Twofish(AES)) | Twofish(Serpent) | Camellia(Kuznyechik) | Kuznyechik(Twofish) | Camellia(Serpent) | Kuznyechik(AES) | Kuznyechik(Serpent(Camellia))}] [/hash {sha256|sha-256|sha512|sha-512|whirlpool|ripemd160|ripemd-160}] - [/filesystem {None|FAT|NTFS|ExFAT|ReFS}] [/dynamic] [/force] [/silent]</p> +<p>"VeraCrypt Format.exe" [/n] [/create] [/size number[{K|M|G|T}]] [/p password] [/encryption {AES | Serpent | Twofish | Camellia | Kuznyechik | AES(Twofish) | AES(Twofish(Serpent)) | Serpent(AES) | Serpent(Twofish(AES)) | Twofish(Serpent) | Camellia(Kuznyechik) | Kuznyechik(Twofish) | Camellia(Serpent) | Kuznyechik(AES) | Kuznyechik(Serpent(Camellia))}] [/hash {sha256|sha-256|sha512|sha-512|whirlpool|blake2s|blake2s-256}] + [/filesystem {None|FAT|NTFS|ExFAT|ReFS}] [/dynamic] [/force] [/silent] [/noisocheck] [FastCreateFile] [/quick]</p> <p>Note that the order in which options are specified does not matter.</p> <h4>Examples</h4> <p>Mount the volume <em>d:\myvolume</em> as the first free drive letter, using the password prompt (the main program window will not be displayed):</p> @@ -269,4 +322,4 @@ It has no parameters and it indicates that no message box or dialog will be disp <p>Create a 10 MB file container using the password <em>test</em> and formatted using FAT:</p> <p><code>"C:\Program Files\VeraCrypt\VeraCrypt Format.exe" /create c:\Data\test.hc /password test /hash sha512 /encryption serpent /filesystem FAT /size 10M /force</code></p> </div> -</div><div class="ClearBoth"></div></body></html>
\ No newline at end of file +</div><div class="ClearBoth"></div></body></html> |