Drive Snapshot imaging truecrypt system

I am familiar with DS, but not with truecrypt ; i have a laptop with 3 partitions:
p.1 an unencrypted xp , p.2 an encrypted win 7, p.3 unencrypted data partition.

Option 1 : i go to xp. ( or a pe disk os) open DS , the encrypted partition = "unknown filesystem" .50 gb. so i guess if i want to make an image ( of the encrypted system) i have to choose "sector by sector" , so the image will be 50 gb( the actual data = 8 gb) .

Option 2 : is to make an image while in the unencrypted win 7 ( size is 8 gb) make a TC file container on a external disk and store the image there.
This file container has to have an equally strong password as the encrypted system( or the same password? ).

Option 3 : would be to use the aes encryption from DS itself , i don't know if the DS encryption is as strong as TC encryption, but again, this DS image has to have an equally strong password as the encrypted system( or the same password? ).
Id like some feedback from users with hands on experience with this issue.
Thanks

 

Not sure if this would work for you but what I do on my encrypted partition is this:
1) boot Clonezilla off of USB
2) Do a bit for bit backup to my external hdd

Because I did a bit for bit back up everything is still encrypted just like my actually hdd. The downside to this method is that the password is of course the same but you can always backup and than use true crypt to change the password on your computer. Also when using true crypt full disk encryption I have found a number of backup programs that do no work properly such as macrium reflect free which doesnt image the disk properly.

If you go with option two or three just make sure the password is NOT the same as you pre boot password. Also instead of a volume if you can I would recommend encrypting the entire partition of the hdd and maybe with something like a cascade. This is what I do for my windows backup images.

 

Thanks,I am not familiar with Clonezilla , if DS doesn't work i'll look into it.

I am trying to avoid bit by bit , it could be done but then i will have to shrink the partition so as to not have to do a 50 gb backup.

What would be the advantage encrypting the entire partition instead of a container?

 

In my use encrypting the volume has had much better performance vs a container of equal size. This is my experience and is probably more personal opinion however I also read somewhere (will post a link once I find it) that containers are more susceptible to corruption. Not sure if that's true but again personal preference as I prefer storing large amounts of data encrypted and it's just easier to encrypt a partition than worry about volumes.

If you are trying to avoid bit for bit encryption I recommend experimenting with different programs as not all work with true crypt because of the way it encrypts the drive. Another thing to check out would be DiskCryptor which is another open source encryption suite similar to true crypt but uses a different technique to encrypt the drive so programs "see" the data as unencrypted and don't have the problems backing it up. There is a post over here about it.

 

Option 1' : boot pe disk os, launch TrueCrypt plugin or Traveler Disk (portable) version of TrueCrypt and mount the encrypted partition (and external backup drive too if TC encrypted), launch DS and make a regular backup of the mounted (temporarily unencrypted) partition so the image will be less than 8 GB.

That's how I use both TrueCrypt and DiskCryptor. My external hard drives are encrypted either by built-in hardware based encryption or TrueCrypt. I've done many DS restores of images made this way and never had a problem, although DS would sometimes give some meaningless error message at the end of the restore. Obviously the encrypted partition had to be mounted first and the restore was then made to the mounted volume (not the raw host partition which also shows up in DS gui).

Note: I used TC to encrypt my system partition too on some computers and made DS backups after booting to it. These online backups also always restored fine. (I restored them from bartpe after mounting the encrypted system partition first. I had the bartpe TC plugin configured to remove drive letters from the raw encrypted partitions, prompt for password, then mount the encrypted partitions to the same drive letters i used for them in windows).

 

@pajenn
Thank you for the detailed guide i,m going to follow this ,this is what i was looking for .
Cheers