Console

DiskCryptor console version command switches

Beginning from the DiskCryptor version 0.3, in addition to the graphical
user interface (GUI), the program also has the command line interface
dccon.exe, allowing for the control of most of the program's
functions. On execution of dccon.exe file without parameters, the
program lists a brief description of the available commands.

Disk and partition naming conventions

Some of the commands require user to specify a disk or a partition, to
which they are going to be applied. A disk partition can be specified
either by a sequence number, or by a mounting point. There is a sequence
number for any partition, even if it does not have a mounting point, and
it looks like this, - pt0, pt1... pt[n]. The mounting point of a
partition, is either the letter of the disk, or its full path (when
mounting a partition to NTFS directory). To list the partitions, you can
launch the program with the -enum switch.

The commands for working with the bootloader, require specification of a
physical disk instead of a partition. Disks are being named as
hd0, hd1... hd[n], and you can see their list by executing program
with the -boot enum switch.

Program component installation/removal switches

Command Action
-version Displays program version.
-install Installs DiskCryptor driver in the system.
-remove Removes DiskCryptor driver from the system.
-update Updates DiskCryptor driver to a newer version.

Commands for operations with disk partitions

In order to execute these commands, the DiskCryptor driver must be
installed. Driver installation or update can be performed with the
commands listed in the previous switch group.

Command Action
-enum Displays information about all supported disk partitions.
-info [device] Displays information about a partition.
-mount [device] Prompts for a password and mounts an encrypted partition.
-mountall Attempts to mount all encrypted partitions, passwords to which reside in the memory. If no partitions were possible to mount, then a password is prompted to be entered, and the program tries to mount partitions again.
-unmount [device] [-f] Dismounts the mounted partition. The "-f" key allows to dismount a partition even if it has open or in use files.
-unmountall Forcibly dismounts all mounted partitions. All open files will be forced to close.
-encrypt [device] [wipe mode] [key params] Encrypts an unencrypted partition. The "wipe mode" parameter allows to utilize safe data wipe algorithms, to destroy the original contents of the partition, in order to prevent the data recovery using magnetic force microscopy.
-decrypt [device] [enc params] Decrypts an encrypted partition. Partition has to be mounted when executing this command.
-chpass [device] [enc params] Changes the password of an encrypted partition. Partition has to be mounted when executing this command.
-reencrypt [device] [enc params] Performs re-encryption of all data, including the change of master key. Allows to change an encryption algorithm.
-format [device] [params] [enc params] Creates an empty encrypted partition. To specify a file system, please use keys -raw, -fat, -fat32, -exfat and -ntfs. Key -q performs quick format, without filling the whole partition with random numbers. Appropriate to apply when formatting a partition that was previously encrypted with DiskCryptor.
-backup [device] [file] [enc params] Creates a backup copy of partition's functionary information for its recovery in case of damage or accidental formatting.
-restore [device] [file] [enc params] Restores partition's functionary information from a backup copy.
-enciso [src] [dst] [params] Encrypts CD/DVD .iso image. This command allows for creation of encrypted optical disk media.

enc params - standard set of encryption settings that includes the
following switches:

Command Action
-p [password] Allows to set password from command line.
-kf [keyfiles path] Allows to use key files.
-op [password] Enter old password from command line. (only -chpass).
-np [password] Enter new password from command line. (only -chpass).
-okf [keyfiles path] Enter old key file from command line. (only -chpass).
-nkf [keyfiles path] Enter new key file from command line. (only -chpass).

Functionary commands

Command Action
-clean Wipes cached passwords from driver's memory.
-addpass Add password to the passwords cache, for automatic mount purpose.
-benchmark Performs a speed test of cryptographic functions.
-config Evokes program configuration menu.
-bsod Wipes all passwords and keys from memory, and performs an emergency termination of system's operation.
-keygen [file] Generates a random 64 byte key file.

Commands for operations with bootloader

To be able to boot Windows from an encrypted partition, you need to
install DiskCryptor's bootloader. When encrypting the boot or system
partitions, the program will offer to automatically install bootloader
with a default configuration. By default, the bootloader is being
installed on HDD, that has last been used to boot the system from.
Please note, that a system is not necessarily located on a boot HDD,
which can be the case with multi-boot configurations. It is possible to
install bootloader on HDD, CD/DVD and USB disks. The switches of this
group of commands are accessible without installing the program.

Command Action
-boot -enum Displays information about physical disks.
-boot -setmbr [hdd] Installs bootloader on HDD with a default configuration.
-boot -delmbr [hdd] Removes bootloader from HDD.
-boot -updmbr [hdd] Updates bootloader to a newer version with all settings kept intact.
-boot -setpar [partition root] Installs bootloader on an external device. The command works with USB disks. In case if device is not formatted as bootable, then the program will offer to format it. As a parameter, the command accepts the letter of a partition or the path to its mounting point.
-boot -makeiso [file] Creates an .iso image for booting from a CD/DVD disk.
-boot -makepxe [file] Creates an image for network boot via PXE.
-boot -config [hdd/file] Evokes bootloader configuration menu. As a parameter, it is possible to point to physical disks, partition letters (only for external devices) or a path to the bootloader image file.

Disk Speed test utility commands

The diskspeed.exe utility is provided for testing read/write speed of
disk partitions. The testing can be performed either in a linear read
mode, or in an sequential read/write mode. First mode corresponds to the
speed of working with partition, when copying large files. And the
second mode outputs the speed, corresponding to operations performed
with a large number of small files.

diskspeed [disk] [type] [-b] [block size]
  disk  - determine disk for test speed
  type  - test type
    -r  - linear read test
    -rw - chunked read/write test
  -b    - test block size in KBytes (optional)

Examples of use:

diskspeed c: -r
diskspeed c: -rw -b 1024