Does this True Crypt issue has any solving? THanks

Discussion in 'encryption problems' started by andreea, Dec 25, 2014.

  1. andreea

    andreea Registered Member

    Joined:
    Dec 25, 2014
    Posts:
    4
    Hi!
    I am kinda new with true crypt, I heard about it long time ago, but never tried to use it until a few days ago. I want to ask you if there is possible to do the next thing:

    I have 2 hard-disks (1 and 2) and one usb drive. I have 2 OS on those two hard-disks - win xp sp3.
    I want to encrypt the entire 2 hdd or at least the win xp partition. Until here I managed to do it. I don't know how to do the next thing:

    Remove any clue of true crypt encryption from the 2 hdd and boot it only from the usb drive where the loader resides. By "any clue of true crypt encryption" I think that I am talking about the loader. I don't know if there are any other clues that will point out that the hdd is being encrypted. I know that a forensic specialist would know that encryption was used, but it's not my case - law problems. I just want to have the 2nd hdd as unformatted as encryption shows it and no other clues about what encryption program was used - that password confirmation screen which asks you to insert the password.

    My purpose is to have something like this:

    1. If the pc is started without the usb drive connected than it boots the OS from the hdd no 1.
    2. If the pc is started with the usb drive connected than it boots the OS from the hdd no 2. The entire hdd is encrypted and has no clues about truecrypt encryption. Just unformatted capacity and no other references in the mbr or something.

    Is this thing possible? I searched this forum about true crypt issues, but I think I am on the wrong path. A lot of weird things about true crypt "how to" are spinning in my head and I didn't managed to sort this thing out.

    Thank you.
     
    Last edited: Dec 26, 2014
  2. andreea

    andreea Registered Member

    Joined:
    Dec 25, 2014
    Posts:
    4
    I have encrypted the 2nd hdd and moved the truecrypt recovery iso on a usb stick with grub4dos. Both hdd have win xp sp3 as os. When I installed win xp sp3 on the 2nd hdd (the one with the encryption) I had the 1st one disconnected from mainboard.
    In the bios the boot order is: 1. usb stick 2. Cd-rom 3. hdd1 (unecrypted) 4. hdd3 (encrypted).

    At this step I have 2 main problems:


    A. When I use only the usb stick and the 2nd hdd (encrypted one) everything goes well: the tc recovery image from the usb stick is booted and after pasword confirmation the windows from the 2nd hdd is started.

    When I connect both hdds and the pc is booted from the usb stick after password confirmation screen from the usb stick recovery image it says incorect password. I presume that it has to do with that hdd0 and hdd1 thing and the tc recovery iso is trying to boot the unecrypted hdd. I even don't know if I am presuming well. How I could modify this so it will start the 2nd hdd (the encrypted one)? Should I reinstall the os on the 2nd hdd with the 1st one connected, should I decrypt the 2nd and encrypt it again with the 1st one connected and select multi boot from tc encryption process? I have no clue about what should I try to learn and find out. I don't want to have that win xp loader on the 1st hdd letting me to choose which win xp I want to boot. I want them to act as independent hdd.

    B. How should I remove the truecrypt loader from the 2nd hdd, so it will be only on my usb stick, because if the 2nd hdd is set to be booted from bios it shows the truecrypt password confirmation screen and I don't want this.

    Do I have to edit the mbr with a hex editor or just edit/move/delete some files so I will remove any way for that hdd to be booted without the usb stick?

    If my problems are so simple/dumb so nobody wants to explain me how to do it, at least give me a hint to know what should I try to find out.

    Thanks
     
    Last edited: Dec 26, 2014
  3. andreea

    andreea Registered Member

    Joined:
    Dec 25, 2014
    Posts:
    4
    After a few research I managed to do this:

    I extracted the 2nd hdd true crypt mbr iwith hdhack and save it as truecrypt.dat.
    On the usb stick I have: grldr, menu.lst, truecrypt.dat

    The content of truecrypt.dat is:
    timeout 15

    title Encrypted hdd
    rootnoverify (hd2,0)
    chainloader (hd0,0)/truecrypt.dat

    The usb stick boots and after entering the password it says "booting..." and it hangs.

    Am I doing something wrong? What could be the problem?

    Later edit: It seems that even I disconnected the 1st hdd from mainboard and left only the usb stick and 2nd hdd and modified the menu.lst to rootnoverify (hd1,0) it won't continue booting.
    At this moment I have no clue if it has to do with my bios or I am doing something wrong.
     
    Last edited: Dec 26, 2014
Loading...