Mount Encrypted Drives

flashMount

#!/bin/sh
# This script uses dislocker-fuse to mount bitlocker'd flash drives

# First off, we need to know the drive to mount.
# For now, it'll need to be passed.  Maybe in the future, we can use dislocker-find or something.
# Anyway, we need to get its recovery key, so we can check to see if we have it saved.
KEYS=$(sudo dislocker-metadata -V $1 | grep 'Recovery Key GUID' | grep -Eo "'.+'")

# http://stackoverflow.com/a/15400047
KEYARRAY=(${KEYS// / })
# Then check to see if we have a recovery key for the volume
UNLOCKED=false
for key in "${KEYARRAY[@]}"; do
	key=(${key//\'/})
	# Once we found the key, unlock and mount the drive!
	if [ -e "/etc/dislocker/$key.key" ]; then
		sudo dislocker-fuse -V $1 -p$(cat /etc/dislocker/$key.key) -- /mnt/enc/flash -o allow_other
		UNLOCKED=true
		break
	fi
done

# If we don't have a recovery key file, then let's just ask the user for their password
if [ "$UNLOCKED" = false ]; then
	sudo dislocker-fuse -V $1 -u -- /mnt/enc/flash -o allow_other
	if [ $? -eq 0 ]; then
		UNLOCKED=true
	fi
fi

if [ "$UNLOCKED" = true ]; then
	sudo mount -t ntfs-3g -o loop,uid=$(whoami),gid=wheel,dmask=002,fmask=003 /mnt/enc/flash/dislocker-file /mnt/flash
fi

veraMount

#!/bin/sh
# Use dm-crypt to mount VeraCrypt flash drives

# Provide the drive to read
sudo cryptsetup tcryptOpen --veracrypt $1 flashCrypt

# Mount the container
# VeraCrypt uses exFAT
sudo mount /dev/mapper/flashCrypt /mnt/flash -o uid=$(whoami),gid=wheel,dmask=002,fmask=003

windowsMount

#!/bin/sh
# Uses dislocker to mount my Windows system drive
# Using Windows 10's AES-XTS

# This uses the bek file
sudo dislocker-fuse -v -V /dev/sda2 -f /etc/dislocker/windows.BEK -- /mnt/enc/windows -o allow_other
sudo mount -t ntfs-3g -o loop,gid=wheel,dmask=022,fmask=133 /mnt/enc/windows/dislocker-file /mnt/windows