truecrypt full disk encryption with multi partitions

Discussion in 'privacy technology' started by gotpwnt, Oct 14, 2014.

  1. gotpwnt

    gotpwnt Registered Member

    Joined:
    Oct 14, 2014
    Posts:
    4
    so it was the time of the day to reformat the system. i backed everything up and reinstalled windows7

    then i reinstalled truecrypt 7.1a and set up back all my volumes, expect one.

    i tried many times to put the same password in, thinking it will work. but it would just say 'incorrect password or not a truecrypt volume'.

    after spending 4 hours on figuring out the problem, i found the cause. My ssd has 3 partitions on it, windows, 100mb, and game partition. When i used truecrypt i used it to encrypt the whole system drive. which covered these 3 partitions.

    Now when i reformatted, in the setup i did the usual thing. deleted the windows partition and created the new partition (obviously i completely forgot that the whole system drive was encrypted, not just the individual windows partition). As the result this caused the game partition to not work any more. Its not really important as it has games on it, but one directory makes it important. It has this one file directory with all my damn accounts and passwords for all the important things. its not grave or live threatening just damn annoying to do such a stupid mistake.

    Is there a way to recover it? Is there a manual which explains how the whole drive encrypts the individual partitions?
     
  2. gotpwnt

    gotpwnt Registered Member

    Joined:
    Oct 14, 2014
    Posts:
    4
    bump for help please
     
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    I have answered this question many dozens of times over at the TC forums before it was taken down. I frankly "hate" the fact that the TC software (as publicly distributed in their binary) even allows the option to do full disk encryption. The better and safer configuration is to WDE the system disk and THEN individually/separately encrypt the non-system partitions. If you want to be "lazy" (joking) you can use the same password and enable auto mount so that you only enter your PBA password and they all open upon boot. This configuration has HUGE advantages as you are now finding out. When you use full disk instead of system disk encryption you are placing the needed data (encryption header data) to open the entire disk on the C drive. If that drive gets hosed you not only lose the system disk access but the entire platter is beyond reach to you! By separating the encryption you have unique and different volume headers and can create/save the unique headers for each partition outside of the system disk.

    The generic windows installer (thank you MicroSoft - not!!) trashes the non-system partitions almost every single time. The unfortunate thing is that now the header data you need to open those non-system partitions no longer exists. They were in the system disk but you just wrote over that data. Its gone!

    Sorry you are learning this the hard way, but you won't be the last to start "this thread". Take the time to encrypt as I describe and keep volume header backups on all volumes. Header backups are small and fast to create (128k).

    Sage advice: since you are using windows 7 you will have a much better experience with TC if you move the 100 mb reserve partition completely inside the system disk. That reserve partition creates nothing but problems and it is so easy to move. Links are all over the net for how to do it. If you can't find one come back and ask. I use linux for all my stuff here, but my home machines all run 7 WITHOUT a reserve partition. My opinion.

    Maybe someone else reading along this thread has a link handy. My collection of windows "tasks" is in an archive since I now use Linux.
     
  4. gotpwnt

    gotpwnt Registered Member

    Joined:
    Oct 14, 2014
    Posts:
    4
    even if i have the truecrypt rescue disk and remember the password, the answer is "its all gone, sorry :'("
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    You had never mentioned that you still had the rescue disk. Let me consider it for awhile. The issue is how to "call out to" the non-system disk since the encryption model you used placed the needed header data on the system disk/loader. I will make inquiries with some other folks and see if anyone has developed a model for this.

    Those windows installer disks are TC's worst enemy. I only backup using third party software and all the restores go like clockwork.
     
Loading...