If you choose this way, I would suggest to try using SYSLINUX first, because, unlike GRUB, it does not attempt to install into MBR (and you need to avoid using MBR and the embedding area before the first partition, because the TrueCrypt bootloader will be installed there).īuy an USB drive with hardware encryption which can be unlocked without any software - e.g., one of drives suggested in the other answer. Create two partitions on the USB drive - one for sensitive data (encrypted by TrueCrypt or whatever you choose), another for booting (unencrypted).įigure out how to install a usable bootloader inside a TrueCrypt partition, then either use only initramfs-based ISOs, or modify initramfs images to add TrueCrypt support. Obviously, this will not work if the ISO image is encrypted, unless the initramfs code is modified to support the used encryption.Īvoid including any sensitive data into ISO images. If you read the description of ISO boot process used by Easy2Boot, you will notice that it modifies the partition table of the USB drive to add a partition which corresponds to the sector range used by the ISO image file (which is required to be contiguous - i.e., not fragmented) the initramfs code then should mount this partition to get access to the ISO contents. In fact, even making the initramfs code from a Linux ISO find the ISO contents when booting from USB requires some hacks. Of course, you won't find TrueCrypt support in initramfs of any usual Linux ISOs. However, most Linux ISOs need to have access to the ISO contents after starting Linux, and everything needed to get such access must be present in the initramfs image (which is loaded by the bootloader using BIOS INT 13h calls before starting the Linux kernel). ![]() The problem is that the bootloader used by TrueCrypt (or any other software encryption program) can set up a BIOS INT 13h handler to provide the next bootloader with access to the encrypted data, but this INT 13h handler cannot be used after the Linux kernel has started. The only ISOs which could boot in this case are those which load everything into initramfs (one example is RIPLinux unfortunately, seems that its development is stopped), or those that you modified to add encryption support to their initramfs. If you want to use software encryption, you will not be able to boot most Linux ISOs if ISO files are encrypted. So how would I accomplish this? I know it's possible because even from Easy2Boot, when I boot a live cd like Hirens it goes from the Grub4DOS bootloader to the Hiren's Bootloader. I ran into the same problem, where once this was set up, I couldn't properly point the truecrypt bootloader at this bootloader. In functionality terms it works very similarly to XBoot in that it just creates a grub4dos boot menu front end for the ISO files. I tried using a different program as suggested by one of the responders, Easy2Boot. Does anyone have any experience editing the menu? I managed to encrypt the entire drive using TrueCrypt but the front end bootloader isn't really meant to be used like a grub type menu loader. Ideally I'm looking for a software solution and not a hardware solution. Is there a cleaner/more efficient way of achieving the desired result? Is there any way that I could install TrueCrypt to the drive and point one bootloader at another (It's not the cleanest approach but in my mind it stands the best chance of working)? I've used this before and understand in theory how to encrypt a drive in which I'm booting multiple operating systems.Įdit: I know that TrueCrypt doesn't support EXT filesystems but the drive would be formatted as FAT32/NTFS with all of the boot cds existing as ISOs I understand that TrueCrypt ( ) is capable of using its own bootloader in order to decrypt a drive before it boots. ![]() The ISO files as well as the partition where data is stored. I would like to be able to carry around some bootable cds with company information preloaded onto them as well as having files stored on the drive.įor reasons pertaining to the information stored in some of what I'm carrying I would ideally like the entire drive to be encrypted. I have been experimenting with XBoot ( ) in order to create multi-boot USB flash drive that I can use for work (carrying around various OS and boot cds).įor those not acquainted with XBoot, it copies the various ISOs to the flash drive and creates a boot loader as a front end in either Syslinux or Grub4dos. ![]() Full encryption of a multi-boot USB drive containing boot CDs and confidential information
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |