These steps were tested on Ubuntu 17.04.
Create a 1 GiB veracrypt file container volume. Name it whatever you like. In my case, I am naming it
veracrypt.img, formatting it as
ext4, and saving it at
/veracrypt.img. Note that this is not an especially secure setup, but rather, meant to demonstrate the basics.
Create a key file. In my case, I am creating a simple file at
/key.file with the following text.
abc123 the password!
cryptsetup if you have not done so already.
apt-get install cryptsetup
Test unlocking your disk using
cryptsetup on the command line.
sudo cryptsetup open \ /veracrypt.img \ --type tcrypt \ --veracrypt \ --key-file /key.file \ veracrypt
If that works, you should see an entry in
You can now confidently create an entry at
/etc/crypttab to automatically unlock the volume at boot.
There are many potential options for Veracrypt in
crypttab, but these worked for me.
# /etc/crypttab veracrypt /veracrypt.img /dev/null tcrypt-veracrypt,tcrypt-keyfile=/key.file
/etc/fstab file can then mount your volume wherever you would like.
# /etc/fstab /dev/mapper/veracrypt /mnt/veracrypt ext4 nofail 0 2