# # Derived from source code of TrueCrypt 7.1a, which is # Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed # by the TrueCrypt License 3.0. # # Modifications and additions to the original source code (contained in this file) # and all other portions of this file are Copyright (c) 2013-2017 IDRIX # and are governed by the Apache License 2.0 the full text of which is # contained in the file License.txt included in VeraCrypt binary and source # code distribution packages. # OBJS := OBJS += Application.o OBJS += CommandLineInterface.o OBJS += FavoriteVolume.o OBJS += LanguageStrings.o OBJS += StringFormatter.o OBJS += TextUserInterface.o OBJS += UserInterface.o OBJS += UserPreferences.o OBJS += Xml.o OBJS += Unix/Main.o OBJS += Resources.o ifndef TC_NO_GUI OBJS += FatalErrorHandler.o OBJS += GraphicUserInterface.o OBJS += VolumeHistory.o OBJS += Forms/AboutDialog.o OBJS += Forms/BenchmarkDialog.o OBJS += Forms/ChangePasswordDialog.o OBJS += Forms/DeviceSelectionDialog.o OBJS += Forms/EncryptionOptionsWizardPage.o OBJS += Forms/EncryptionTestDialog.o OBJS += Forms/FavoriteVolumesDialog.o OBJS += Forms/Forms.o OBJS += Forms/InfoWizardPage.o OBJS += Forms/KeyfileGeneratorDialog.o OBJS += Forms/KeyfilesDialog.o OBJS += Forms/KeyfilesPanel.o OBJS += Forms/LegalNoticesDialog.o OBJS += Forms/MainFrame.o OBJS += Forms/MountOptionsDialog.o OBJS += Forms/NewSecurityTokenKeyfileDialog.o OBJS += Forms/PreferencesDialog.o OBJS += Forms/ProgressWizardPage.o OBJS += Forms/RandomPoolEnrichmentDialog.o OBJS += Forms/SecurityTokenKeyfilesDialog.o OBJS += Forms/SelectDirectoryWizardPage.o OBJS += Forms/VolumePasswordPanel.o OBJS += Forms/VolumePropertiesDialog.o OBJS += Forms/VolumeCreationProgressWizardPage.o OBJS += Forms/VolumeCreationWizard.o OBJS += Forms/VolumeFormatOptionsWizardPage.o OBJS += Forms/VolumeLocationWizardPage.o OBJS += Forms/VolumePasswordWizardPage.o OBJS += Forms/VolumePimWizardPage.o OBJS += Forms/VolumeSizeWizardPage.o OBJS += Forms/WaitDialog.o OBJS += Forms/WizardFrame.o endif ifndef DISABLE_PRECOMPILED_HEADERS PCH := SystemPrecompiled.h.gch endif RESOURCES := RESOURCES += ../License.txt.h RESOURCES += ../Common/Language.xml.h ifndef TC_NO_GUI RESOURCES += ../Common/Textual_logo_96dpi.bmp.h RESOURCES += ../Format/VeraCrypt_Wizard.bmp.h RESOURCES += ../Mount/Drive_icon_96dpi.bmp.h RESOURCES += ../Mount/Drive_icon_mask_96dpi.bmp.h RESOURCES += ../Mount/Logo_96dpi.bmp.h endif CXXFLAGS += -I$(BASE_DIR)/Main #------ wxWidgets configuration ------ ifdef TC_NO_GUI WX_CONFIG_LIBS := base else WX_CONFIG_LIBS := adv,core,base endif ifeq "$(TC_BUILD_CONFIG)" "Release" CXXFLAGS += $(shell $(WX_CONFIG) $(WX_CONFIG_ARGS) --cxxflags) WX_LIBS = $(shell $(WX_CONFIG) $(WX_CONFIG_ARGS) --libs $(WX_CONFIG_LIBS)) else CXXFLAGS += $(shell $(WX_CONFIG) --debug $(WX_CONFIG_ARGS) --cxxflags) WX_LIBS = $(shell $(WX_CONFIG) --debug $(WX_CONFIG_ARGS) --libs $(WX_CONFIG_LIBS)) endif #------ FUSE configuration ------ FUSE_LIBS = $(shell $(PKG_CONFIG) fuse --libs) #------ Executable ------ export TC_VERSION := $(shell grep VERSION_STRING ../Common/Tcdefs.h | head -n 1 | cut -d'"' -f 2) #------ Linux package naming ------ ifeq "$(PLATFORM)" "Linux" ifdef TC_NO_GUI INSTALLER_TYPE := console ifeq "$(origin NOSSE2)" "command line" PACKAGE_NAME := $(APPNAME)_$(TC_VERSION)_console_$(PLATFORM_ARCH)_legacy.tar.gz else PACKAGE_NAME := $(APPNAME)_$(TC_VERSION)_console_$(PLATFORM_ARCH).tar.gz endif else INSTALLER_TYPE := gui ifeq "$(origin NOSSE2)" "command line" PACKAGE_NAME := $(APPNAME)_$(TC_VERSION)_$(PLATFORM_ARCH)_legacy.tar.gz else PACKAGE_NAME := $(APPNAME)_$(TC_VERSION)_$(PLATFORM_ARCH).tar.gz endif endif ifeq "$(origin NOSSE2)" "command line" INTERNAL_INSTALLER_NAME := veracrypt_install_$(INSTALLER_TYPE)_$(CPU_ARCH)_legacy.sh INSTALLER_NAME := veracrypt-$(TC_VERSION)-setup-$(INSTALLER_TYPE)-$(CPU_ARCH)-legacy else INTERNAL_INSTALLER_NAME := veracrypt_install_$(INSTALLER_TYPE)_$(CPU_ARCH).sh INSTALLER_NAME := veracrypt-$(TC_VERSION)-setup-$(INSTALLER_TYPE)-$(CPU_ARCH) endif endif #----------------------------------- #------ FreeBSD package naming ------ ifeq "$(PLATFORM)" "FreeBSD" SYSTEMNAME = $(shell uname -n) ifdef TC_NO_GUI INSTALLER_TYPE := console PACKAGE_NAME := $(APPNAME)_$(TC_VERSION)_$(SYSTEMNAME)_console_$(PLATFORM_ARCH).tar.gz else INSTALLER_TYPE := gui PACKAGE_NAME := $(APPNAME)_$(TC_VERSION)_$(SYSTEMNAME)_$(PLATFORM_ARCH).tar.gz endif INTERNAL_INSTALLER_NAME := veracrypt_install_f$(SYSTEMNAME)_$(INSTALLER_TYPE)_$(CPU_ARCH).sh INSTALLER_NAME := veracrypt-$(TC_VERSION)-$(SYSTEMNAME)-setup-$(INSTALLER_TYPE)-$(CPU_ARCH) endif #----------------------------------- $(APPNAME): $(LIBS) $(OBJS) @echo Linking $@ $(CXX) -o $(APPNAME) $(OBJS) $(LIBS) $(AYATANA_LIBS) $(FUSE_LIBS) $(WX_LIBS) $(LFLAGS) ifeq "$(TC_BUILD_CONFIG)" "Release" ifndef NOSTRIP strip $(APPNAME) endif ifndef NOTEST ./$(APPNAME) --text --test >/dev/null || exit 1 endif ifeq "$(PLATFORM_UNSUPPORTED)" "1" @echo; echo "WARNING: This platform may be unsupported. To avoid possible serious problems, please read the chapter pertaining to $(PLATFORM) in Readme.txt."; echo endif endif ifeq "$(PLATFORM)" "MacOSX" prepare: $(APPNAME) mkdir -p $(APPNAME).app/Contents/MacOS $(APPNAME).app/Contents/Resources/doc/HTML mkdir -p $(APPNAME).app/Contents/MacOS $(APPNAME).app/Contents/Resources/languages -rm -f $(APPNAME).app/Contents/MacOS/$(APPNAME) -rm -f $(APPNAME).app/Contents/MacOS/$(APPNAME)_console ifeq "$(TC_BUILD_CONFIG)" "Release" ifdef TC_NO_GUI cp $(BASE_DIR)/Main/$(APPNAME) $(APPNAME).app/Contents/MacOS/$(APPNAME)_console else cp $(BASE_DIR)/Main/$(APPNAME) $(APPNAME).app/Contents/MacOS/$(APPNAME) endif else ifdef TC_NO_GUI -rm -f $(BASE_DIR)/Main/$(APPNAME)_console cp $(BASE_DIR)/Main/$(APPNAME) $(BASE_DIR)/Main/$(APPNAME)_console -ln -sf $(BASE_DIR)/Main/$(APPNAME)_console $(APPNAME).app/Contents/MacOS/$(APPNAME)_console else -ln -sf $(BASE_DIR)/Main/$(APPNAME) $(APPNAME).app/Contents/MacOS/$(APPNAME) endif endif cp $(BASE_DIR)/Resources/Icons/VeraCrypt.icns $(APPNAME).app/Contents/Resources cp $(BASE_DIR)/Resources/Icons/VeraCrypt_Volume.icns $(APPNAME).app/Contents/Resources cp -R $(BASE_DIR)/../doc/html/* $(APPNAME).app/Contents/Resources/doc/HTML cp $(BASE_DIR)/../Translations/* $(APPNAME).app/Contents/Resources/languages echo -n APPLTRUE >$(APPNAME).app/Contents/PkgInfo ifdef VC_LEGACY_BUILD sed -e 's/_VERSION_/$(patsubst %a,%.1,$(patsubst %b,%.2,$(TC_VERSION)))/' ../Build/Resources/MacOSX/Info.plist.legacy.xml >$(APPNAME).app/Contents/Info.plist else sed -e 's/_VERSION_/$(patsubst %a,%.1,$(patsubst %b,%.2,$(TC_VERSION)))/' ../Build/Resources/MacOSX/Info.plist.xml >$(APPNAME)
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>VeraCrypt - Free Open source disk encryption with strong security for the Paranoid</title>
<meta name="description" content="VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files."/>
<meta name="keywords" content="encryption, security"/>
<link href="styles.css" rel="stylesheet" type="text/css" />
</head>
<body>

<div>                      
<a href="https://www.veracrypt.fr/en/Home.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
</div>

<div id="menu">
	<ul>
	  <li><a href="Home.html">Home</a></li>
	  <li><a href="/code/">Source Code</a></li>
	  <li><a href="Downloads.html">Downloads</a></li>
	  <li><a class="active" href="Documentation.html">Documentation</a></li>
	  <li><a href="Donation.html">Donate</a></li>
	  <li><a href="https://sourceforge.net/p/veracrypt/discussion/" target="_blank">Forums</a></li>
	</ul>
</div>

<div>
<p>
<a href="Documentation.html">Documentation</a>           
<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
<a href="System%20Encryption.html">System Encryption</a>
<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
<a href="VeraCrypt%20Rescue%20Disk.html">VeraCrypt Rescue Disk</a>
</p></div>

<div class="wikidoc">
<h1>VeraCrypt Rescue Disk</h1>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
During the process of preparing the encryption of a system partition/drive, VeraCrypt requires that you create a so-called VeraCrypt Rescue Disk (CD/DVD), which serves the following purposes:</div>
<ul style="text-align:left; margin-top:18px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
<li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the
<strong style="text-align:left">VeraCrypt Boot Loader may be damaged</strong>. The VeraCrypt Rescue Disk allows you restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password
 then). In the Rescue Disk screen, select <em style="text-align:left">Repair Options</em> &gt;
<em style="text-align:left">Restore VeraCrypt Boot Loader</em>. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.
</li><li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
If the <strong style="text-align:left">VeraCrypt Boot Loader is frequently damaged
</strong>(for example, by inappropriately designed activation software) or if <strong style="text-align:left">
you do not want the VeraCrypt boot loader </strong><strong style="text-align:left">to reside on the hard drive
</strong>(for example, if you want to use an alternative boot loader/manager for other operating systems), you can boot directly from the VeraCrypt Rescue Disk (as it contains the VeraCrypt boot loader too) without restoring the boot loader to the hard drive.
 Just insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.
</li><li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, it is possible that the
<strong style="text-align:left">master key or other critical data are damaged</strong>. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct
 password then). In the Rescue Disk screen, select <em style="text-align:left">Repair Options</em> &gt;
<em style="text-align:left">Restore key data</em>. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.<br style="text-align:left">
<br style="text-align:left">
Note: This feature cannot be used to restore the header of a hidden volume within which a
<a href="Hidden%20Operating%20System.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
hidden operating system</a> resides (see the section <a href="Hidden%20Operating%20System.html">
Hidden Operating System</a>). To restore such a volume header, click <em style="text-align:left">
Select Device</em>, select the partition behind the decoy system partition, click
<em style="text-align:left">OK</em>, select <em style="text-align:left">Tools</em> &gt;
<em style="text-align:left">Restore Volume Header</em> and then follow the instructions.<br style="text-align:left">
<br style="text-align:left">
WARNING: By restoring key data using a VeraCrypt Rescue Disk, you also restore the password that was valid when the VeraCrypt Rescue Disk was created. Therefore, whenever you change the password, you should destroy your VeraCrypt Rescue Disk and create a new
 one (select <em style="text-align:left">System</em> -&gt; <em style="text-align:left">
Create Rescue Disk</em>). Otherwise, if an attacker knows your old password (for example, captured by a keystroke logger) and if he then finds your old VeraCrypt Rescue Disk, he could use it to restore the key data (the master key encrypted with the old password)
 and thus decrypt your system partition/drive </li><li id="WindowsDamaged" style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
If <strong style="text-align:left">Windows is damaged and cannot start</strong>, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select
<em style="text-align:left">Repair Options</em> &gt; <em style="text-align:left">
Permanently decrypt system partition/drive</em>. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation. Note that this feature cannot be used to decrypt a hidden
 volume within which a <a href="Hidden%20Operating%20System.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
hidden operating system</a> resides (see the section <a href="Hidden%20Operating%20System.html">
Hidden Operating System</a>).<br style="text-align:left">
<br style="text-align:left">
Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps:&nbsp;If you have multiple operating systems installed on your computer,
 boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer
 and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click Select Device, select the affected system partition, click OK , select System &gt; Mount Without Pre-Boot Authentication, enter your pre-boot-authentication
 password and click OK. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).
</li><li style="text-align:left; margin-top:0px; margin-bottom:0px; padding-top:0px; padding-bottom:0px">
Your VeraCrypt Rescue Disk contains a <strong style="text-align:left">backup of the original content of the first drive track</strong> (made before the VeraCrypt Boot Loader was written to it) and allows you to restore it if necessary. The first track typically
 contains a system loader or boot manager. In the Rescue Disk screen, select Repair Options &gt; Restore original system loader.
</li></ul>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
&nbsp;</div>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
<em style="text-align:left">Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will
<strong style="text-align:left">not</strong> be able to decrypt the system partition or drive without the correct password.</em></div>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
To boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible
 that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS
 configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for
 information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the
 VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.</div>
<p>If your VeraCrypt Rescue Disk is damaged, you can create a new one by selecting
<em style="text-align:left">System</em> &gt; <em style="text-align:left">Create Rescue Disk</em>. To find out whether your VeraCrypt Rescue Disk is damaged, insert it into your CD/DVD drive and select
<em style="text-align:left">System</em> &gt; <em style="text-align:left">Verify Rescue Disk</em>.</p>
</div><div class="ClearBoth"></div></body></html>