Saya mencoba membuat volume tersembunyi di baris perintah. Langkah-langkah dari dokumentasi adalah:

When using the text user interface, the following procedure must be
 followed to create a hidden volume:
  1) Create an outer volume with no filesystem.
  2) Create a hidden volume within the outer volume.
  3) Mount the outer volume using hidden volume protection.
  4) Create a filesystem on the virtual device of the outer volume.
  5) Mount the new filesystem and fill it with data.
  6) Dismount the outer volume.
  If at any step the hidden volume protection is triggered, start again from 1).

Inilah yang telah saya lakukan:

Buat volume luar tanpa sistem file:

$ veracrypt -t -c -k '' --pim=0 --encryption=aes --hash=sha-512 --random-source=/dev/urandom --volume-type=normal --filesystem=none -p $pass --size=10M test

Done: 100.000%  Speed:  1.8 MB/s  Left: 0 s

The VeraCrypt volume has been successfully created.

Buat volume tersembunyi di dalam volume luar

$ veracrypt -t -c -k "" --pim=0 --encryption=aes --hash=sha-512 --random-source=/dev/urandom --volume-type=hidden --filesystem=none -p $pass2 --size=2M test

IMPORTANT: Inexperienced users should use the graphical user interface to create a hidden volume. When using the text interface, the procedure described in the command line help must be followed to create a hidden volume.

Done: 100.000%  Speed:  380 KB/s  Left: 0 s

The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listedin the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that thehidden volume exists, even when the outer volume is mounted.

WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME!

Pasang volume luar menggunakan perlindungan volume tersembunyi

$ veracrypt -t -k "" --pim=0 -p $pass --protect-hidden=yes --protection-keyfiles='' --protection-pim=0 --protection-password=$pass2 --filesystem=none test
The hidden volume is now protected against damage until the outer volume is dismounted.

WARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windowsmay report this as a write error ("Delayed Write Failed" or "The parameter is incorrect").

$ veracrypt -t -l test
1: /tmp/test /dev/loop0 -

Satu hal yang perlu diperhatikan di sini adalah bahwa jika saya memasangnya tanpa perlindungan volume tersembunyi saya dapatkan /dev/mapper/veracrypt1 dari pada /dev/loop0, dan saya dapat memformatnya tanpa masalah.

Buat sistem file pada perangkat virtual dari volume luar

$ mkfs.ext4 -v /dev/loop0                                              
mke2fs 1.43.4 (31-Jan-2017)
fs_types for mke2fs.conf resolution: 'ext4', 'small'
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
Stride=0 blocks, Stripe width=0 blocks
2496 inodes, 9984 blocks
499 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=10223616
2 block groups
8192 blocks per group, 8192 fragments per group
1248 inodes per group
Filesystem UUID: 80ee6d69-1438-493d-84cc-1d3fa289737d
Superblock backups stored on blocks:
        8193

Allocating group tables: done
Writing inode tables: done
Creating journal (1024 blocks): done
Writing superblocks and filesystem accounting information:    
Warning, had trouble writing out superblocks.

Jika saya turun sekarang ini memberitahu saya itu mencegah menulis ke volume tersembunyi

$ veracrypt -t -d             
Warning: WARNING: Data were attempted to be saved to the hidden volume area of the volume "/home/matthewh/sandbox/crypt/test"!

VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and the operating system may have reported a write error ("Delayed Write Failed", "The parameter is incorrect", etc.). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted.

We strongly recommend that you restart the operating system now.

Dan jika saya mencoba me-mount-nya dengan filesystem, ia mengkonfirmasi korupsi:

$ veracrypt -t -k "" --pim=0 -p $pass --protect-hidden=yes --protection-keyfiles='' --protection-pim=0 --protection-password=$pass2 test mount            
Error: mount: wrong fs type, bad option, bad superblock on /dev/loop0,
       missing codepage or helper program, or other error

       In some cases useful info is found in syslog - try
       dmesg | tail or so.

Apakah saya melakukan sesuatu yang salah di sini?

Matthew
sumber