Using CryptSetup/crypttab with VeraCrypt without Password
When using VeraCrypt (or TrueCrypt for that matter) without a password the /etc/crypttab file has a special format that is not documented in the crypttab man page. Namely, the key-file must be set to /dev/null and passed as one of the options to crypttab.
For instance, assume you want to mount the container ben with the device at /dev/sdc and the key file at /var/lib/keys/ben.key, then the /etc/crypttab file must have the following entry:
# <target name> <source device> <key file> <options> ben /dev/sdc /dev/null tcrypt-veracrypt,tcrypt-keyfile=/var/lib/keys/ben.key
If the key-file /var/lib/keys/ben.key is placed in the <key file> column, then cryptsetup will counter-intuitively prompt for a password. Similarly, if the <key file> column is set to none, then cryptsetup will fail opening the container believing, again counter-inutiively, that there is no key file for the container. Intuitively, setting /dev/null in the <key file> column will make cryptsetup attempt to read the key from /dev/null but the tcrypt-keyfile option will take over and the container will be mounted as expected.
For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.