This project has moved and is read-only. For the latest updates, please go here.

Help, cannot create usb recovery disk and recover mbr/decrypt drive.

Topics: Technical Issues, Users Discussion
Nov 20, 2016 at 10:19 PM
Edited Nov 20, 2016 at 10:47 PM
First some important things to mention:

Ok so I was stupid enought to trust linux distro not to mess up my drives but it did. Drive A was fully encrypted with Windows it was main boot drive. On Drive B I did install linux (it is seperate drive not partition). Now the funny thing is that it looks like linux made grub on Drive A even when I did choose Drive B as installation drive. So now when PC boots up there is grub with option to booty up linux go to setting or boot up Windows 10 on /dev/sdX. When I choose Windows 10 then it does not go to Veracrypt password screen but instead lauches Windows diagnostic tools every single time.

it is not possible to mount partition or full drive in linux Veracrypt as I get incorrect passtword etc. error and yes password was typed correctly. Automount does not work either.

I did make sure I boot from Drive A by removing/disabling other boot devices in BIOS.

Becase I do not use cd-rom drive anymore when Veracrypt prompted me to create recovery disk I did choose to burn it later but it created the recover file. Now here is where the mess starts. I did copy this file to external drive and now tried to make from it bootable usb dongle without success.

First of all it is not iso file, it does not have any extension. it is 1835008 bytes big file (funny thing is that my NAS sees it as tif file). Becase now I have only linux to create bootable usb and trust me it is pain in ass to do it in linux I tried to use dd tool, and that said:

sudo dd if=rescuefile of=/dev/sde1 did not work pedrive won't boot
changing file name to rescuefile.iso and then again making sudo dd if=rescuefile.iso of=/dev/sde1 did not work pendrive won't boot.

That said can someone tell me how to make veracrypt usb dongle?
Nov 21, 2016 at 10:46 AM
Edited Nov 21, 2016 at 10:52 AM
First, you should use sudo dd if=rescuefile of=/dev/sde (NOT sde1). I reckon, that sde is your flash disk and you know this will overwrite content of the sde device.

If you still can't boot your recovery iso and you have used MBR, the fix is quite simple, but time consuming, because you will have to install windows on yet another drive, encrypt it yet again just to extract the mbr from this new installation (using dd again) and put the extracted mbr onto the old drive (using dd), which has mbr overwritten by linux grub now. But do this only if you are sure you can follow how-to exactly, because if you make even a little mistake, you can lose everything. Start with learning the difference like sde (device) and sde1 (first partition on device e), I doubt anyone could have advised you to copy iso to sde1.

Btw. linux expressly asks during install something like if you are using multiple systems, have special boot loader there, and if it can place grub on first drive. Do not blame linux, it asked and your answer was wrong. But don't worry, I did not know myself how to corectly answer that, so I have cowardly installed linux with the veracrypted drive disconnected ;-)
Nov 21, 2016 at 12:59 PM
Edited Nov 21, 2016 at 2:54 PM
I did try with /dev/sde it will also not boot.
Trust me it did not ask me where I want grub. I did install elementary by choosing drive B entering city account info choosing lvm etc. but there was no prompt about multi boot or even question where to place grub in elementary install wizard. I had the same issue in Apricity before my drive was encrypted. It also without asking put grub on windows drive. Now I need to somehow get other win 10 :/ because I did update.
Nov 21, 2016 at 6:37 PM
Edited Nov 21, 2016 at 6:49 PM
I'm sure that both Debian and Mint asked me (recent versions of course). I'm not sure about CentOS, but that's a different purpose distro.

Here's actual veracrypt 1.19 MBR backup from win 10 64 bit system:!3NNMdLKH3pgn/vcmbr-bin

I have no idea if boot loader changes with different PKCS, but you can try mine above, in my testing machine I have used the default sha256.

On linux I'd do this to restore: (replace X for actual device with windows system, like sda)
sudo dd if=/tmp/vcmbr.bin of=/dev/sdX bs=446 count=1

Then try to boot and vc prompt should appear. Please note, that you won't be able to boot linux anymore, so you should backup your linux mbr first, which is done using sudo dd if=/dev/sdX of=/tmp/linuxmbr.bin bs=512 count=1 (512 means you will save partition layout too, restore 446 is because you don't want to overwrite your partition layout with mine, which is surely different.

Good luck.