From 752f1283a9027ac5a5400ec5860a068a7eadc923 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 9 Mar 2020 11:56:49 +0100 Subject: Documentation: Add entries for switches now supported by VeraCrypt Format (/keyfile, /tokenlib, /tokenpin and /secureDesktop) --- doc/html/Command Line Usage.html | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) (limited to 'doc/html/Command Line Usage.html') diff --git a/doc/html/Command Line Usage.html b/doc/html/Command Line Usage.html index 91529271..1e199a85 100644 --- a/doc/html/Command Line Usage.html +++ b/doc/html/Command Line Usage.html @@ -107,8 +107,8 @@ If it is followed by n or no: force the displa /secureDesktop -If it is followed by y or yes or if no parameter is specified: display password dialog in a dedicated secure desktop to protect against certain types of attacks.
-If it is followed by n or no: the password dialog is displayed in the normal desktop. +If it is followed by y or yes or if no parameter is specified: display password dialog and token PIN dialog in a dedicated secure desktop to protect against certain types of attacks.
+If it is followed by n or no: the password dialog and token PIN dialog are displayed in the normal desktop. /tokenlib @@ -215,6 +215,23 @@ It must be followed by a parameter indicating the size of the container file tha It must be followed by a parameter indicating the password of the container that will be created. + /keyfile or /k + (Only with /create)
+It must be followed by a parameter specifying a keyfile or a keyfile search path. For multiple keyfiles, specify e.g.: /k c:\keyfile1.dat /k d:\KeyfileFolder /k c:\kf2 To specify a keyfile stored on a security token or smart card, use the following syntax: + token://slot/SLOT_NUMBER/file/FILE_NAME + + +/tokenlib + (Only with /create)
+It must be followed by a parameter indicating the PKCS #11 library to use for security tokens and smart cards. (e.g.: /tokenlib c:\pkcs11lib.dll) + + +/tokenpin + (Only with /create)
+It must be followed by a parameter indicating the PIN to use in order to authenticate to the security token or smart card (e.g.: /tokenpin 0000). Warning: This method of entering a smart card PIN may be insecure, for example, when an unencrypted command + prompt history log is being saved to unencrypted disk. + +  /hash (Only with /create)
It must be followed by a parameter indicating the PRF hash algorithm to use when creating the volume. It has the same syntax as VeraCrypt.exe. @@ -281,6 +298,11 @@ It has no parameters and it indicates that no message box or dialog will be disp /protectMemory  Activates a mechanism that protects VeraCrypt Format process memory from being accessed by other non-admin processes. + +/secureDesktop +If it is followed by y or yes or if no parameter is specified: display password dialog and token PIN dialog in a dedicated secure desktop to protect against certain types of attacks.
+If it is followed by n or no: the password dialog and token PIN dialog are displayed in the normal desktop. +

Syntax

-- cgit v1.2.3