TC disk repair and Vera full disk encryption question

Topics: Technical Issues, Users Discussion
Jan 12, 2015 at 10:53 AM
Hello

I know that this isn't Truecrypt list but since the project is derived from that and it's officially dead I think this is the best place to ask these questions:

1, Is it possible to do whole disk encryption with Vera? Like I have a 1TB drive where I want to install 3 linuxes and windows 7 and windows8 on all different partitions and not bothering about doing any encryption from inside the OS-es rather encrypting the entire drive and unlocking it at once at start?

If it's not possible which other reliable encryption methods exist for this?



2, I really hope I can get some clues about this question from devs and mbr wizards:

a, I had a 300GB disk with 1 Win7 partition truecrypt encrypted on it. (No system reserved partition was created)
b, TC loader was written into MBR
c, I installed debian wheezy for another partition with luks and lvm so my partitions would look like:
sda1-Windows7 TC
sda2-Linux EXT2 boot
sda5-Linux cryptoroot

Now what happend was, although I specified it for linux NOT to install grub to the MBR it did install it to the VBR (Volume Boot Record) of the windows partition. I found this after a lot of researching.

What happens when the computer started:

1, TC password menu comes in
2, If I push ESC it goes with the second bootable partition which is the linux boot where I manually installed grub into and loads linux (this works as it should)

3, If I enter the password --> Now this is where it supposed to load windows7 it drops me into the grub boot menu again

Now as I figured since truecrypt is in the MBR not Grub, then the only thing this grub menu can be coming from after I entered the password is:

a, It wrote itself into the core.img area https://upload.wikimedia.org/wikipedia/commons/thumb/1/18/GNU_GRUB_on_MBR_partitioned_hard_disk_drives.svg/400px-GNU_GRUB_on_MBR_partitioned_hard_disk_drives.svg.png

b, It wrote itself into the VBR of the windows partition ( I guess theis would not be encrypted by the OS encryption )

What can I do to put the windows loader back there? I tried fixmber etc it seems it dont want to get rid of the grub after truecrypt.

Many thanks!
Jan 13, 2015 at 7:42 AM
Edited Jan 13, 2015 at 7:42 AM
Yesterday I sucessfully managed to recrypt the windows partition BUT that grub loader thingy still left in the VBR (Not the MBR because there is TrueCrypt which is in the MBR).

If I have /dev/sda1 on chainloader in grub then it let me boot windows which makes absolutely no fucking sense for me.

How is that possible that grub able to even update this VBR? That would mean it is not encrypted. Why not ? You leaking data this way.