Question regarding Truecrypt and MBR

Discussion in 'Paragon Drive Backup Product Line' started by mike248, Nov 6, 2013.

  1. mike248

    mike248 Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    2
    Hello all,

    After multiple unsuccessful (and painstakingly time-consuming) attempts at creating a complete system and file image with windows 7's built-in image creation wizard (which always ended up in taking more space than it should or producing the infamous 0x8078002A error) i decided to give it a try with Paragon Backup & Recovery Free 2013 instead - And it seemingly worked while also taking much less time (around 8h with windows, 3-4h with paragon, which was nice).

    I'm saying "seemingly" because my main system partition is on a 320gb drive which is fully encrypted in truecrypt AES, while the backup drive i chose is a 2,5inch laptop HDD with 500gb of space, connected via SATA/USB bridge.

    On said backup drive there are now 65 randomly named (and split?) files which seem to comprise the whole backup made by paragon, they are together 240gb in size when packed and somewhere around 300gb if unpacked according to paragon.

    Now, i've read that you will always end up with a fully decrypted backup if you back up your encrypted drive after it's been booted up already... During the backup i chose to include the Master Boot Record of the current system drive as well, and that's what makes me a bit unsure. Let's say the main HDD was stolen and i couldn't access it, could i then restore the backup on any HDD with sufficient space and paragon on it without running into any problems?

    Or will the old backed-up Boot Record hinder any efforts at booting/retrieving the backup so that i'm only able to restore the backup on the original HDD it's been made from? Should i make a second backup without the Master Boot Record just in case?

    - Regards
    mike248
     
  2. Paragon_Matt

    Paragon_Matt Paragon Moderator

    Joined:
    Jan 24, 2011
    Posts:
    399
    From my experience once, you are within the operating system on an encrypted disk the entire disk is de-crypted, that being said I have never used true crypt, I usually use bitlocker, so you should not need to create a secondary single partition backup, but multiple backups never hurt or to have them on multiple external drives should one drive fail.

    Overall the best recommendation I can make it, is to do what you think is in your best interest and makes you comfortable, best practices for backups is more about personal preference.
     
  3. mike248

    mike248 Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    2
    Well, that's kinda why i made this thread in the first place.

    I've never really done this before, so there's lots of unanswered questions for me - My main concern as stated in the OP is that the backup won't be functional on any other HDD than the one it's been made from, possibly because of some kind of boot malfunction due to having copied the master boot record as well.

    I apologize if this didn't come across properly, the OP ended up longer than i planned initially.. :blink:

    I've read up a bit now and apparently people have managed to do just what i'm planning to do with my backup in case of emergency - Allthough no one really mentions if it's important or not to include the Boot Record in the backup.

    Thanks for the help anyways, i'll probably end up with another backup then and practice retrieving it with paragon on another machine.
     
  4. Paragon_Chris

    Paragon_Chris Paragon Moderator

    Joined:
    Feb 28, 2013
    Posts:
    45
    Paragon will restore the HDD with the MBR and first hard disk track, the partitions should be in the same location when restoring so it should not have any problems.

    Paragon includes boot utilities as well to help fix problems with an MBR, as does the Windows installation disk.

    In some circumstances when other software is being used out of the ordinary Windows installation (like using alternate boot loaders or different encryption methods) you may experience problems, so it is always recommended that you test your backups and restores. Some people will do this with a physical environment and a new blank HDD, or if you are using Hard Disk Manager Professional you can test it by restoring to a virtual machine from within your system.
     
  5. brocks

    brocks Registered Member

    Joined:
    Jan 12, 2010
    Posts:
    39
    What follows is based on my experience with the full version of HDM12. It may involve features not on your version.

    Unless you have a brand new drive that's the same size and type as the original, there is no reason to restore the MBR, and many reasons why you shouldn't. If you are restoring to a different drive with different partition sizes, you'll wipe out its partition table and lose access to all your data. If you're restoring to the same drive you took the backup from, at best you'll just overwrite the same info, and at worst (if you have changed any partition sizes since you took the backup), you'll wipe it out, too.

    Note that if you backed up the MBR along with the system partition, you don't have to restore it. The restore process lets you restore the partition without restoring the MBR, which is almost always what you should do.

    In the case of an encrypted system partition, you will have to write a new MBR if you restore it. As you noted, when you back it up, it's decrypted on the fly, just like any other data you read from a TrueCrypt disk that has been mounted with the correct password. If you restore it, you will then have an unencrypted system partition with an MBR that expects an encrypted system partition, so it won't boot -- whether or not you backed up the MBR, and whether or not you restored it.

    Ways around this problem:

    1. (Bad option) Decrypt it via the TrueCrypt decrypt-in-place system utility before you back it up. During decryption, TC will also change the MBR back to normal. This will add several hours to the whole process with a drive your size.

    2. (OK option) Boot from a different drive, do NOT mount the encrypted system partition you're backing up, and back up the partition sector by sector. If you do that, your backup will remain encrypted, and if you restore it sector by sector, then it can use the same MBR. The downside is you have to back up the whole partition, even if it's half empty, which may double how long it takes to back up and restore. If it's almost full, then it won't take much extra time.

    3. (Best option, IMO) Buy a new drive --- they're only about 30 bucks a terabyte now, especially on sale, and Black Friday is coming up. Partition it so your system partition is no more than 60 GB, and put all your data, and as many programs as possible, on other partitions or drives (I'm only using 25 GB for my system partition with Win 8.1 64). Most bloated big name programs have free, portable alternatives that you can put anywhere, like OpenOffice, or PDFXchange, but even if all you move is your data, you should easily get by with a 60GB system partition.

    Mount it, back it up as normal so that unused space, page files, hiberfiles, etc. are skipped, and then it will just take 15 or 20 minutes to back up. It's unencrypted, and Paragon won't back it up to an encrypted partition (only god knows why), so keep a small partition unencrypted just to receive backups, and then immediately copy the backup archive to an encrypted partition, and delete the unencrypted version. Paragon WILL restore from an encrypted partition.

    If you ever have to restore it, again it will just take 15 minutes, but now you have an unencrypted system partition that won't boot because you'll still have an MBR expecting an encrypted partition, so you have to run the Paragon utility that refreshes the MBR (it's standard code for all MBRs, you can probably even do an "fdisk /mbr" from a command line) which is not easy to find, but in my HDM12, you right click on the drive title in the disk map OUTSIDE of any partition area, and select "Update MBR." That replaces TrueCrypt's boot code with the standard MBR code that Windows is expecting. Then it will boot, and then you have to reencrypt it with TrueCrypt, but since it's only 60 GB now, it only takes a half hour or less.

    Sounds like a lot of work, but once you get used to it, it's quick and easy, surely a lot easier than starting from scratch and reinstalling everything.
     
  6. aoz

    aoz Registered Member

    Joined:
    Jun 8, 2005
    Posts:
    223
    my experience with truecrypt

    truecryupt works.
    paragon works

    fire up system.
    (system is now visible to paragon)
    do IMAGE backup of drive. This image to paragon looks the same as an unencrypted drive

    I actualy BACK up that image, to a truecrypt volume, so that the backup is encrypted, but if I have to restore it, I have to move that backup file to a non-encrypted drive (using another machine), but have secure data on the drive and have to do this

    have had new drives bought; restored from the paragon image (which came \from the backup of the truecrypted prior backed up drive) and that image restored to the NEW drive as unencrypted; I then encrypted it with truecrypt

    (went from conventional Hard drive to a SSD, actually very easy to upgrade it

    nick