Can a volume be decrypted on-the-fly?
I think from reading the TrueCrypt User Guide.pdf that the answer is no, in particular where I read "1. Mount the TrueCrypt volume. 2. Move all files from the TrueCrypt volume to any location outside the TrueCrypt volume. 3. Dismount the TrueCrypt volume." it really means that I have to drag/Robocopy the contents to a safe place (or two) before playing around with stuff. (Good advice in any case, right?)
That suggests to me that I should have another spare large external drive lying around, which I don't, so it will be off-to-the-store for another external drive.
In which case I may as well leave the original drive encrypted and use the new drive as the unencrypted one.
TrueCrypt (7.0a) Decrypting a volume
-
- PlutoniumLounger
- Posts: 15615
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
TrueCrypt (7.0a) Decrypting a volume
There's nothing heavier than an empty water bottle
-
- Administrator
- Posts: 12604
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: TrueCrypt (7.0a) Decrypting a volume
If you encrypt your system volume with TrueCrypt then it has the capability of decrypting this "on the fly". See the online documentation
Please note that TrueCrypt can in-place decrypt only system partitions and system drives (select System > Permanently Decrypt System Partition/Drive). If you need to remove encryption (e.g., if you no longer need encryption) from a non-system volume, please follow these steps:
- Mount your TrueCrypt volume.
- Move all files from the TrueCrypt volume to any location outside the TrueCrypt volume (note that the files will be decrypted on the fly).
- ...
StuartR
-
- PlutoniumLounger
- Posts: 15615
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: TrueCrypt (7.0a) Decrypting a volume
Thanks for the response, Stuart, but unless I'm mis-reading the documentation, this applies only to system partitions and drives, which to my mind would be the C: partition on my laptop hard drive.StuartR wrote:If you encrypt your system volume with TrueCrypt then it has the capability of decrypting this "on the fly". See the online documentationPlease note that TrueCrypt can in-place decrypt only system partitions and system drives (select System > Permanently Decrypt System Partition/Drive). If you need to remove encryption (e.g., if you no longer need encryption) from a non-system volume, please follow these steps:
- Mount your TrueCrypt volume.
- Move all files from the TrueCrypt volume to any location outside the TrueCrypt volume (note that the files will be decrypted on the fly).
- ...
Any other data partition on the laptop hard drive, or any external drive partition and I'd need to do what TrueCrypt says - move (copy?!) the files away before removing the encryption.
no?
There's nothing heavier than an empty water bottle
-
- Administrator
- Posts: 12604
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: TrueCrypt (7.0a) Decrypting a volume
This is correct, but if you are doing regular backups then all you need to do with your data partitions is your normal backup, then wipe the partition and restore the backup.ChrisGreaves wrote:...unless I'm mis-reading the documentation, this applies only to system partitions and drives, which to my mind would be the C: partition on my laptop hard drive.
Any other data partition on the laptop hard drive, or any external drive partition and I'd need to do what TrueCrypt says - move (copy?!) the files away before removing the encryption...
StuartR
-
- PlutoniumLounger
- Posts: 15615
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: TrueCrypt (7.0a) Decrypting a volume
Thanks, but (I hate sounding so darned NEGative ...) The encrypted 500GB external drive is an accumulated backup of my 100GB laptop since about the year 1734 , and is my means of exhuming files that have been deleted from the laptop.StuartR wrote:This is correct, but if you are doing regular backups then all you need to do with your data partitions is your normal backup, then wipe the partition and restore the backup.
To void the 500GB drive and then run a normal evening backup means that I would lose my archives and end up only with a snapshot of the laptop 100GB as it stands today.
The exercise would be a duplicate of my receiving an encrypted external drive from a 3rd party or client and being asked to decrypt it. Without access to their source, I'd be forced into buying a spare external drive large enough to accommodate the encrypted data, drag it all across, then void the original (3rd-party) drive.
From what I can see, one may as well just buy a new external drive.
Here's the current situation: on Saturday I want to have another shot at image backups. I could go out and buy an extra external drive to receive the images, boot from a rescue disk and practice restoring from the external drive, or I could make use of the 180 GB unused on the 500GB drive. Sadly the entire drive is encrypted, all 500GB of it. It is, after all, a backup of the laptop which holds confidential client data.
If I could decrypt the drive on-the-fly, I'd do so, and then play with my image files over the weekend, and late Sunday night, burn the good image files to DVD, and recrypt the external drive.
Now I'm thinking that the entire process is
(1) time-consuming in dragging 320 GB of data to a new drive
(2) time-consuming in re-crypting late Sunday night
(3) time-consuming in dragging 320 GB of data back from the new drive
It just doesn't make sense.
Better I go buy a spare drive and use that as my toy for the weekend.
If I thought I could let the decryption run overnight Friday and be ready Saturday morning, I'd do that.
The exercise seems overloaded with extra work, and a risk factor. The store down the street has 250GB for about $cdn100, and I haven't bought an external drive in over 6 months ...
There's nothing heavier than an empty water bottle
-
- Administrator
- Posts: 12604
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
-
- PlutoniumLounger
- Posts: 15615
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: TrueCrypt (7.0a) Decrypting a volume
Thanks.StuartR wrote:I agree, spend the $cdn100
Can you get it to me by 5pm?
There's nothing heavier than an empty water bottle
-
- NewLounger
- Posts: 2
- Joined: 08 Nov 2011, 06:47
Re: TrueCrypt (7.0a) Decrypting a volume
Hi!
I managed to get workaround solution for in-place, on-the-fly DECRYPTION! You can decrypt SYSTEM encrypted volumes in place, but can't other non-system data partitions as it says in Truecrypt's manual. It was funny to me because it is an amazing piece of software (because of recent hardware acceleration support ) but that thing is a major flaw.
I'm just like you ("since about the year 1734..."-> I think that way I can travel thru time ) so copying files instead of cloning partition is not acceptable.
I used Linux (if Truecrypt is amazing, Linux is godlike ) to get this workaround:
1. mount volume/partition (with "fdisk -lu" determine which disk is your target) that you want to decrypt in-place using header backup of truecrypt volume (this is not necessary but in means of precautions, it's good idea) by typing in terminal/console:
2. type in terminal to see name of newly mounted device (it's something like '/dev/mapper/truecrypt1'):
3. clone that virtually decrypted device to same partition from which it is read (yes!, this is not mistake and I guarantee that you will not lose any data; I tried this many times):
4. when cloning of those gibibytes is over, you must readdress "new" partition (subtract 512 sectors, now not used by 256kiB of truecrypt's header+backup_of_header) with parted utility
EXAMPLE:
Partition editing device HDD #2 where used to be enrypted partition:
Use sectors as units to view start;end;size of partitions:
List partitions to screen:
You get something like this on screen:
Then, taking actions, delete that partition (only in MBR table, not erasing/filling with zeroes!); making new partition NTFS (or FAT32 or whatever your OS/Windowz is able to see/recognize) on same place where was old partition just make end sectors OLDVALUE-512
Then again check if everything is ok, start;end-512;size-512
5. Try to boot in windowz and make disk check.
I managed to get workaround solution for in-place, on-the-fly DECRYPTION! You can decrypt SYSTEM encrypted volumes in place, but can't other non-system data partitions as it says in Truecrypt's manual. It was funny to me because it is an amazing piece of software (because of recent hardware acceleration support ) but that thing is a major flaw.
I'm just like you ("since about the year 1734..."-> I think that way I can travel thru time ) so copying files instead of cloning partition is not acceptable.
I used Linux (if Truecrypt is amazing, Linux is godlike ) to get this workaround:
1. mount volume/partition (with "fdisk -lu" determine which disk is your target) that you want to decrypt in-place using header backup of truecrypt volume (this is not necessary but in means of precautions, it's good idea) by typing in terminal/console:
Code: Select all
truecrypt --mount /dev/sdb2 -m=headerbak
Code: Select all
df -h
Code: Select all
dd if=/dev/mapper/truecrypt1 of=/dev/sdb2 conv=noerror,notrunc
EXAMPLE:
Partition editing device HDD #2 where used to be enrypted partition:
Code: Select all
parted /dev/sdb
Code: Select all
unit s
Code: Select all
print
Then, taking actions, delete that partition (only in MBR table, not erasing/filling with zeroes!); making new partition NTFS (or FAT32 or whatever your OS/Windowz is able to see/recognize) on same place where was old partition just make end sectors OLDVALUE-512
Code: Select all
rm 1
Code: Select all
mkpart
p
ntfs
2048
1953522542
Code: Select all
print
You do not have the required permissions to view the files attached to this post.
-
- NewLounger
- Posts: 1
- Joined: 26 Oct 2013, 17:46
Re: TrueCrypt (7.0a) Decrypting a volume
Thanks for you, It is working well!!!!!