6

Windows 7 built-in backup can make a full snapshot of the system partition and copy it to a remote location. Those images can be restored from the Windows setup DVD if the system doesn't start anymore.

TrueCrypt can encrypt a whole system partition and decrypt it through a bootloader. When starting the computer, the bootloader comes in and provides access to the encrypted data on disk so that Windows can work normally.

While Windows makes its backup, it can see the original data (unencrypted). When booting from another DVD, the TrueCrypt bootloader is not started and the partition remains unaccessible (encrypted).

My question is: How will Windows backup restore the unencrypted image to the encrypted partition? Does that work at all? Can the encryption layer be activated somehow before restoring the image? Is it okay with TrueCrypt if the actual partition contents is suddenly unencrypted again but the bootloader is still in place, asking for the password?

I'm fine with an unencrypted backup copy of the system. I only need encryption on the machine itself. The backup is kept in a safe location already.

Improve this question

3 Answers 3

Reset to default
2

A couple of weeks ago I had an opportunity to do a restore of my laptop. The laptop hard drive is encrypted using TrueCrypt whole system disk encryption. I'm backing up to an encrypted external USB drive which was a bit of a challenge as Windows 7 Backup doesn't see TrueCrypt disks as a valid destination. I ended up creating a .vhd (Virtual Hard Disk?) using the Disk Management administrative tool. I could then "Attach" the drive and it was visible to the Windows Backup program.

At this point I had a system with an encrypted hard disk and an encrypted USB drive with a .vhd file containing the backup. As Windows Backup ran using TrueCrypt, it was reading and writing normal (unencrypted files) but its output was being encrypted when it wrote on the .vhd.

I made several backups using this before I needed to restore it. As the backup was "normal" files stored in an encrypted drive, I would need to decrypt the drive so Windows Backup could read the files. (Ideally, I would have been able to run the restore under Windows with TrueCrypt installed but I don't have one.)

When I needed to do the restore, I decrypted the external drive, booted the Windows installation DVD, chose to repair the system then used it to restore the system. It booted and ran fine, I haven't even been asked to reactivate windows. I was then able to restore my data running on the recovered system partition.

Hope this helps someone.

Mike

Improve this answer
0

What you'll probably need to do in order to restore is boot the PC off of a TrueCrypt restore CD and have it decrypt the entire drive, then run the restore, and re-encrypt it. This assuming that your computer is in a state where it will not boot from Windows, and that the Windows backup tool will attempt a repair rather than completely reimaging the drive (I am not certain of the second one).

Improve this answer
0

While Windows makes its backup, it can see the original data (unencrypted). When booting from another DVD, the TrueCrypt bootloader is not started and the partition remains unaccessible (encrypted).

Where did you read about this, or hear about this?
The backup would be made in a state, where your files are readable for the applications. So the image that Windows Backup would create, would contain only unencrypted, readable files.

Improve this answer
1
  • Did I say anything else? :-)
    – ygoe
    Commented Jul 12, 2012 at 19:20

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .