Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-05-21 21:30:48 -05:00
Code Activity
Files
a93e5d4214f39a9ea999e9c27eb62f5671df1bec
VeraCrypt/doc/html/en/Mounting VeraCrypt Volumes.html
T
Mounir IDRASSI 6bef9e009c Linux: refine in-kernel NTFS driver selection 
Keep the NTFS kernel-driver option as a generic in-kernel NTFS path rather than an ntfs3-specific path. Add --filesystem=kernel-ntfs and -m kernelntfs routes that select a registered or loadable kernel NTFS driver and mount with -i so mount.ntfs/ntfs-3g helpers are not invoked.

Preserve --filesystem=ntfs3 as a literal pin to the ntfs3 driver. Treat both ntfs3 and kernel-ntfs as mount-only selectors; volume creation continues to use filesystem type NTFS.

The preference and -m kernelntfs path only select an in-kernel NTFS driver when no explicit filesystem type was supplied and blkid detects NTFS.

Treat ntfs as the preferred in-kernel driver on Linux 7.1 and later, where the upstream read/write driver is expected. On earlier kernels, select ntfs only when module metadata identifies the standalone read/write driver and /sys/module confirms it loaded, avoiding ntfs3 read-only ntfs compatibility registrations. Fall back to ntfs3 otherwise, and report a generic kernel-driver error if neither supported driver is available or loadable.

Rename the internal preference/config field to MountNtfsWithKernelDriver, migrate the old MountNtfsWithNtfs3 preference key, and update UI strings, CLI help, documentation, release notes, and translation placeholders accordingly.

Reference: https://github.com/veracrypt/VeraCrypt/issues/1735
2026-05-18 22:19:23 +09:00

76 lines
6.9 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>VeraCrypt - Free Open source disk encryption with strong security for the Paranoid</title>
<meta name="description" content="VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files."/>
<meta name="keywords" content="encryption, security"/>
<link href="styles.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div>
<a href="Documentation.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
</div>
<div id="menu">
<ul>
<li><a href="Home.html">Home</a></li>
<li><a href="Code.html">Source Code</a></li>
<li><a href="Downloads.html">Downloads</a></li>
<li><a class="active" href="Documentation.html">Documentation</a></li>
<li><a href="Donation.html">Donate</a></li>
<li><a href="https://sourceforge.net/p/veracrypt/discussion/" target="_blank">Forums</a></li>
</ul>
</div>
<div>
<p>
<a href="Documentation.html">Documentation</a>
<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
<a href="Main%20Program%20Window.html">Main Program Window</a>
<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
<a href="Mounting%20VeraCrypt%20Volumes.html">Mounting Volumes</a>
</p></div>
<div class="wikidoc">
<h1>Mounting VeraCrypt Volumes</h1>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
<p>If you have not done so yet, please read the sections &lsquo;<em>Mount</em>&lsquo; and &lsquo;<em>Auto-Mount Devices</em>&lsquo; in the chapter
<a href="Main%20Program%20Window.html"><em>Main Program Window</em></a>.</p>
<h3>Cache Password in Driver Memory</h3>
<p>This option can be set in the password entry dialog so that it will apply only to that particular mount attempt. It can also be set as default in the Preferences. For more information, please see the section
<a href="Program%20Menu.html"><em>Settings -&gt; Preferences</em>, subsection
<em>Cache passwords in driver memory</em></a>.</p>
<h3>Mount Options</h3>
<p>Mount options affect the parameters of the volume being mounted. The <em>Mount Options</em> dialog can be opened by clicking on the
<em>Mount Options</em> button in the password entry dialog. When a correct password is cached, volumes are automatically mounted after you click
<em>Mount</em>. If you need to change mount options for a volume being mounted using a cached password, hold down the
<em>Control</em> (<em>Ctrl</em>) key while clicking <em>Mount</em> or a favorite volume in the
<em>Favorites</em> menu<em>,</em> or select <em>Mount with Options</em> from the <em>
Volumes</em> menu.<br>
<br>
Default mount options can be configured in the main program preferences (<em>Settings -&gt; Preferences).</em></p>
<h4>Filesystem mount options under Linux</h4>
<p>Under Linux, the <em>Mount Options</em> dialog also contains a <em>Mount options</em> field for filesystem mount options. The value entered there is passed to the system <code>mount</code> command with <code>-o</code> when the filesystem inside the VeraCrypt volume is mounted. For example, entering <code>noatime</code> prevents Linux from updating inode access times on filesystems that support this option, reducing metadata writes caused only by file access. Multiple options can be specified as a comma-separated list, for example <code>noatime,nosuid,nodev</code>. Unsupported options are handled by the operating system and may cause mounting to fail.</p>
<p>The Linux preference <em>Mount NTFS volumes with an in-kernel Linux driver</em> is disabled by default. When enabled and no explicit filesystem type was supplied, VeraCrypt probes the decrypted virtual device with <code>blkid -p</code> and mounts detected NTFS filesystems with an available in-kernel NTFS driver instead of the default NTFS backend. VeraCrypt uses <code>ntfs</code> when it is positively identified as a modern read/write driver or expected on Linux 7.1 or later, and otherwise uses <code>ntfs3</code>. Mount helpers such as <code>mount.ntfs</code> and <code>ntfs-3g</code> are bypassed. If NTFS detection fails, VeraCrypt uses the normal automatic filesystem selection. If no supported in-kernel NTFS driver is available or loadable, mounting fails. On the command line, <code>--filesystem=ntfs3</code> pins the in-kernel ntfs3 driver, <code>--filesystem=kernel-ntfs</code> forces VeraCrypt's kernel-driver selection for an NTFS mount, and <code>-m kernelntfs</code> enables the detected-NTFS selection for the current mount. The <code>ntfs3</code> and <code>kernel-ntfs</code> filesystem selectors are mount-only; use <code>NTFS</code> when creating a new NTFS volume. This opt-in option can help on systems where suspend or hibernation can hang if user-space FUSE filesystems such as <code>ntfs-3g</code>/<code>fuseblk</code> are frozen while the kernel is syncing filesystems. The actual mounted filesystem type can be checked with <code>findmnt</code>.</p>
<p>The command line equivalent is <code>veracrypt --fs-options=noatime &lt;volume&gt; &lt;mountpoint&gt;</code>.</p>
<h4>Mount volume as read-only</h4>
<p>When checked, it will not be possible to write any data to the mounted volume.</p>
<h4>Mount volume as removable medium</h4>
<p>See section <a href="Removable%20Medium%20Volume.html">
<em>Volume Mounted as Removable Medium</em></a>.</p>
<h4>Use backup header embedded in volume if available</h4>
<p>All volumes created by VeraCrypt contain an embedded backup header (located at the end of the volume). If you check this option, VeraCrypt will attempt to mount the volume using the embedded backup header. Note that if the volume header is damaged, you do
not have to use this option. Instead, you can repair the header by selecting <em>
Tools</em> &gt; <em>Restore Volume Header</em>.</p>
<h4>Mount partition using system encryption without pre-boot authentication</h4>
<p>Check this option, if you need to mount a partition that is within the key scope of system encryption without pre-boot authentication. For example, if you need to mount a partition located on the encrypted system drive of another operating system that is
not running. This can be useful e.g. when you need to back up or repair an operating system encrypted by VeraCrypt (from within another operating system). Note that this option can be enabled also when using the &lsquo;<em>Auto-Mount Devices</em>&rsquo; or
&lsquo;<em>Auto-Mount All Device-Hosted Volumes</em>&rsquo; functions.</p>
<h4>Hidden Volume Protection</h4>
<p>Please see the section <a href="Protection%20of%20Hidden%20Volumes.html">
<em>Protection of Hidden Volumes Against Damage</em></a>.</p>
</div>
</div><div class="ClearBoth"></div></body></html>
View Git Blame Copy Permalink