+ Post New Thread
Results 1 to 14 of 14
How do you do....it? Thread, Truecrypt Help in Technical; We are about to test trucrypt on some new laptops and have a couple of questions some of you may ...
  1. #1

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11

    Truecrypt Help

    We are about to test trucrypt on some new laptops and have a couple of questions some of you may be able to offer some wisdom on:

    1) We typically have two partions on our laptops the first is the sytem and all files and the second contains a ghost image of a factory setup (used to recover in disasters if needed!). Should we just encrypt the whole drive or ignore the backup partition and just encrypt the system partition?

    2) Do people encrypt the Host Protected Area?

    3) Does anyone have any experience with Ghosting an encrypted laptop. Just thinking if we set one up and encrypt it can we still image it to another identical laptop or is it best to image the laptops prior to running truecrypt and then run truecrypt individually on each laptop?

    Would be interested in hearing peoples experiences on the above.

    Thanks
    Dimas

  2. #2
    TheLibrarian
    Guest
    1/ Encrypting the backup partition would not be much use, you would have difficulty getting to it if you needed to restore the backup.

    2/ We routinely destroy the HPA, but I'd say same as #1.

    3/ If you want to Ghost an encrypted partition / disk you would use the -ia switch which would image the disk sector by sector this includes every sector, even unused ones, because Ghost can not tell what is needed and what isn't. We decided to go with a normal image and encrypt afterwards, particularly as some laptops now have >300Gb HDD's which is one heck of a large image when you use -ia.

  3. #3

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    Hi Librarian

    Thanks for the info, just to confirm with the HPA would you recommend not encrypting it?

  4. #4
    TheLibrarian
    Guest
    I would definitely not encrypt the HPA, getting access to it if you need it would be next to impossible if you encrypt it.

  5. #5

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    One other question if I may, how do you then reimage an encrypted laptop? Do you have to decrypt it prior to imaging as this would massively increase the reimaging time? Thanks

  6. #6
    TheLibrarian
    Guest
    Decrypt I'm afraid, although I'm not sure what a hot image would do, I assume it would take an unencrypted image.

  7. #7

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Quote Originally Posted by TheLibrarian View Post
    Decrypt I'm afraid, although I'm not sure what a hot image would do, I assume it would take an unencrypted image.
    If you leave it hot too long it might melt the case, you should watch out for that

  8. Thanks to powdarrmonkey from:


  9. #8


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,573
    Thank Post
    228
    Thanked 851 Times in 730 Posts
    Rep Power
    294
    surely if you ghosted an image to an encrypted drive it would just overight it wouldnt it?

  10. #9

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    Yeah tried restoring a local image (unencrytped) to the encrypted system partition but it wouldnt boot afterwards and the TruCrypt bootloader was still present. I am just concered as to how we go about reimaging all these laptops six months down the line once they have been encrypted. I understand you can decrypt them and then send an image out and recrypt but the whole decrypt and recrypt process seems to take around 8 hours as opposed to one hour reimaging before!

  11. #10

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    Anyone know how to backup the boot sector prior to running truecypt and then possibly restoring the boot sector if I copy an unecypted image across? Thanks

  12. #11
    TheLibrarian
    Guest
    If you had used the -ib switch when taking the image, that would have backed up the boot sector too. IIRC you have to use the -ib switch when you push to image out too.

    Failing that, you can boot to the XP repair console on the CD and use fixboot IIRC.

    You can also use GDISK or GDISK32.

  13. #12

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    OK thanks that switch sounds exactly what I after, will test it out.

  14. #13

    Join Date
    May 2009
    Posts
    103
    Thank Post
    11
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    Thanks the IB switch worked perfectly and an image taken with it could be restored to an encrypted partition (if it was pushed out using the IB switch again). Is there a way of using the IB switch or something else on partition imaging as we only seem to have it working on disk imaging?

    Thanks

  15. #14
    TheLibrarian
    Guest
    Quote Originally Posted by ba9ag View Post
    Thanks the IB switch worked perfectly and an image taken with it could be restored to an encrypted partition (if it was pushed out using the IB switch again). Is there a way of using the IB switch or something else on partition imaging as we only seem to have it working on disk imaging?

    Thanks
    Sorry I didn't get back to you, I've been off for a while.

    As far as I know, there is no way of using the -ib switch when imaging partitions.

SHARE:
+ Post New Thread

Similar Threads

  1. Truecrypt encryption algorithm
    By CheeseDog in forum How do you do....it?
    Replies: 8
    Last Post: 16th September 2009, 11:25 PM
  2. Truecrypt with Vista?
    By FN-GM in forum Windows Vista
    Replies: 11
    Last Post: 16th March 2009, 04:21 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •