truecrypt.1

来自「基于WINDOWS DDK 编写的文件型文件系统」· 1 代码 · 共 198 行

.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.35.
.TH TRUECRYPT "1" "November 2005" "truecrypt 4.1" "User Commands"
.SH NAME
truecrypt - manage TrueCrypt volumes
.SH SYNOPSIS
.B truecrypt
[\fIOPTIONS\fR] \fIVOLUME_PATH \fR[\fIMOUNT_DIRECTORY\fR]
.br
.B truecrypt
[\fIOPTIONS\fR] \fI-d | --dismount | -l | --list \fR[\fIMAPPED_VOLUME\fR]
.br
.B truecrypt
\fI-h | --help | --test | -V | --version\fR
.SH DESCRIPTION
Manages encrypted TrueCrypt volumes, which can be mapped as virtual block
devices and used as any other standard block device. All data being read
from a mapped TrueCrypt volume is transparently decrypted and all data being
written to it is transparently encrypted.
.SH OPTIONS

VOLUME_PATH [MOUNT_DIRECTORY]
.IP
Open a TrueCrypt volume specified by VOLUME_PATH and map it as a block device
/dev/mapper/truecryptN. N is the first available device number if not
otherwise specified with \fB\-\-device\-number\fR. The filesystem of the mapped volume
is mounted at MOUNT_DIRECTORY if specified.
.PP
\fB\-d\fR, \fB\-\-dismount\fR [MAPPED_VOLUME]
.IP
Dismount and unmap mapped volumes. If MAPPED_VOLUME is not specified, all
volumes are dismounted and unmapped. See below for a description of
MAPPED_VOLUME.
.PP
\fB\-l\fR, \fB\-\-list\fR [MAPPED_VOLUME]
.IP
Display a list of mapped volumes. If MAPPED_VOLUME is not specified, all
volumes are listed. By default, the list contains only volume path and mapped
device name pairs. A more detailed list can be enabled by verbose output
option (\fB\-v\fR). See below for a description of MAPPED_VOLUME.
.PP
MAPPED_VOLUME
.IP
Specifies a mapped or mounted volume. One of the following forms can be used:
.IP
1) Path to the encrypted TrueCrypt volume.
.IP
2) Mount directory of the volume's filesystem (if mounted).
.IP
3) Device number of the mapped volume.
.IP
4) Device name of the mapped volume.
.PP
\fB\-\-device\-number\fR N
.IP
Use device number N when mapping a volume as a block device
/dev/mapper/truecryptN. Default is the first available device.
.PP
\fB\-\-display\-password\fR
.IP
Display password characters while typing.
.PP
\fB\-\-filesystem\fR TYPE
.IP
Filesystem type to mount. The TYPE argument is passed to mount(8) command
with option \fB\-t\fR. Default type is 'auto'.
.PP
\fB\-h\fR, \fB\-\-help\fR
.IP
Display help information.
.PP
\fB\-k\fR, \fB\-\-keyfile\fR FILE | DIRECTORY
.IP
Use specified keyfile to open a volume to be mapped. When a directory is
specified, all files inside it will be used (non\-recursively). Additional
keyfiles can be specified with multiple \fB\-k\fR options. See also option \fB\-K\fR.
.PP
\fB\-K\fR, \fB\-\-keyfile\-protected\fR FILE | DIRECTORY
.IP
Use specified keyfile to open a hidden volume to be protected. See also
options \fB\-k\fR and \fB\-P\fR.
.PP
\fB\-\-mount\-options\fR OPTIONS
.IP
Filesystem mount options. The OPTIONS argument is passed to mount(8)
command with option \fB\-o\fR.
.PP
\fB\-p\fR, \fB\-\-password\fR PASSWORD
.IP
Use specified password to open a volume. Additional passwords can be
specified with multiple \fB\-p\fR options. An empty password can also be specified
("" in most shells). Note that passing a password on the command line is
potentially insecure as the password may be visible in the process list
(see ps(1)) and/or stored in a command history file.
.PP
\fB\-\-password\-tries\fR NUMBER
.IP
Prompt NUMBER of times for a password until the correct password is entered.
Default is to prompt three times.
.PP
\fB\-P\fR, \fB\-\-protect\-hidden\fR
.IP
Write\-protect a hidden volume when mapping an outer volume. Before mapping the
outer volume, the user will be prompted for a password to open the hidden
volume. The size and position of the hidden volume is then determined and the
outer volume is mounted with all sectors belonging to the hidden volume
protected against write operations. When a write to the protected area is
prevented, the whole volume is switched to read\-only mode. Verbose list command
(\fB\-vl\fR) can be used to query the state of the hidden volume protection. Warning
message is displayed when a volume switched to read\-only is being dismounted.
See also option \fB\-r\fR.
.PP
\fB\-r\fR, \fB\-\-read\-only\fR
.IP
Map and/or mount a volume as read\-only. Write operations to the volume may not
fail immediately due to the write buffering performed by the system, but the
physical write will still be prevented.
.PP
\fB\-\-test\fR
.IP
Test all internal algorithms used in the process of encryption and decryption.
.PP
\fB\-\-update\-time\fR
.IP
Do not preserve access and modification timestamps of volume containers and
access timestamps of keyfiles. By default, timestamps are restored after
a volume is unmapped or after a keyfile is closed.
.PP
\fB\-v\fR, \fB\-\-verbose\fR
.IP
Enable verbose output. Multiple \fB\-v\fR options can be specified to increase the
level of verbosity.
.PP
\fB\-V\fR, \fB\-\-version\fR
.IP
Display version information.
.SH EXAMPLES

truecrypt /root/volume.tc /mnt/tc
.IP
Map a volume /root/volume.tc and mount its filesystem at /mnt/tc.
.PP
truecrypt \fB\-d\fR
.IP
Dismount and unmap all mapped volumes.
.PP
truecrypt \fB\-d\fR /root/volume.tc
.IP
Dismount and unmap a volume /root/volume.tc.
.PP
truecrypt \fB\-d\fR /mnt/tc
.IP
Dismount and unmap a volume mounted at /mnt/tc.
.PP
truecrypt \fB\-vl\fR
.IP
Display a detailed list of all mapped volumes.
.PP
truecrypt \fB\-\-device\-number\fR=\fI1\fR /dev/hdc1 && mkfs /dev/mapper/truecrypt1
.IP
Map a volume /dev/hdc1 and create a new filesystem on it.
.PP
truecrypt \fB\-P\fR /dev/hdc1 /mnt/tc
.IP
Map and mount outer volume /dev/hdc1 and protect hidden volume within it.
.PP
truecrypt \fB\-p\fR "" \fB\-p\fR "" \fB\-k\fR key1 \fB\-k\fR key2 \fB\-K\fR key_hidden \fB\-P\fR volume.tc
.IP
Map outer volume ./volume.tc and protect hidden volume within it.
The outer volume is opened with keyfiles ./key1 and ./key2 and the
hidden volume with ./key_hidden. Passwords for both volumes are empty.
.SH DIAGNOSTICS
Exit status
.B 0
is returned if all requested actions completed successfully, otherwise
.B 1
is returned. Kernel module reports errors via system log with facility
.BR "kern" ". See"
.BR "syslogd" "(8) for more information."
.SH "REPORTING BUGS"
Report bugs at <http://www.truecrypt.org/bugs>.
.SH COPYRIGHT
Copyright \(co 2004-2005 TrueCrypt Foundation. All Rights Reserved.
.br
Copyright \(co 1998-2000 Paul Le Roux. All Rights Reserved.
.br
Copyright \(co 2004 TrueCrypt Team. All Rights Reserved.
.br
Copyright \(co 1999-2005 Dr. Brian Gladman. All Rights Reserved.
.br
Copyright \(co 1995-1997 Eric Young. All Rights Reserved.
.br
Copyright \(co 2001 Markus Friedl. All Rights Reserved.
.SH "SEE ALSO"
.B http://www.truecrypt.org/documentation.php
.br
.BR "mount" "(8), " "umount" "(8), " "losetup" "(8), "
.BR "fuser" "(1), " "mkfs" "(8), " "fsck" "(8), " "dmsetup" "(8)"