Is it possible to streamline this TrueCrypt scenario?

[crawfish]

1. I have a non-system TrueCrypt partition that I back up in the unencrypted state using IFL, and that works fine.

2. I would like to resize the partition, so I delete it and recreate it with the right size in Partition Work. Now I would like to restore the backup I made, so I load TrueCrypt and create a new volume in the resized partition. The IFL TrueCrypt doesn't offer NTFS as a format choice, so I choose not to format it. I mount the volume in TrueCrypt, restore the backup to it, and it succeeds. However, when I boot into Windows, I find that while TrueCrypt can mount it, it does not contain a valid file system.

3. So, I re-create the TrueCrypt volume using Windows TrueCrypt, which does allow me to format it as NTFS. Next, I try IFW to do the restore, but that seems to be a no-go, so it's back to IFL. This time, the restore works perfectly, and the volume works when I get back to Windows.

Is there any way to do all this inside IFL, without the middle step of booting into Windows to use its TrueCrypt to format as NTFS? I'm also unclear as to why formatting the new volume is even necessary.

[TeraByte Support(PP)]

Do you remember what options you used when creating the new partition and restoring to it? I'm not seeing the problem you describe.

I created a new larger partition using Partition Work (formatted NTFS). Then created the TrueCrypt volume in it (selected "none" for file system). Then mounted it in TrueCrypt (didn't mount to the file system). Then restored the backup image to it as an entire disk with the Scale to Fit option enabled to use all available space. The partition was able to be mounted and accessed normally by TrueCrypt after booting into Windows.

[crawfish]

I will try again later, but the only difference may be that I restored the single partition instead of the entire disk. While there is only the one 32 MB test partition in the backup, there are other partitions on the target drive, and I don't know what it means to restore the whole disk to a TrueCrypt volume. What exactly does that do vs. restoring just the partition? I sure don't want to do anything outside the TrueCrypt volume.

[TeraByte Support(PP)]

Each mounted TrueCrypt volume is seen as an entire disk -- it's limited to the mounted volume space. As long as you're restoring to the mounted TrueCrypt volume it will be in that space.

I'll run another test using the single partition and see what happens.

[crawfish]

OK, the whole drive method you described works.

To try and understand this better, I created a new TrueCrypt volume and restored it with the partition-only approach I described in my first message. I mounted both it and the whole-drive restore with TrueCrypt in Windows and looked at their first sectors in WinHex. For the partition-only restore, the one that doesn't work, the first sector is an MBR, and it looks like the hex dump at the top of this page:

http://www.ntfs.com/mbr-damaged.htm

For the whole-drive restore, the one that works, the first sector is an NTFS partition boot sector and looks like:

http://www.ntfs.com/ntfs-partition-boot-sector.htm

Searching for the first few bytes of an NTFS partition boot sector in the partition-only restore, I find it at sector 2048.

This seems backwards to me. The partition-only restore created a new drive with MBR and first partition at sector 2048 in the TrueCrypt volume, while the whole drive restore restored the partition to sector 0 in the TrueCrypt volume. What am I missing here?

[TeraByte Support]

>>Each mounted TrueCrypt volume is seen as an entire disk

"crawfish" wrote in message news:7881@public.image...



This seems backwards to me. The partition-only restore created a new drive
with MBR and first partition at sector 2048 in the TrueCrypt volume, while
the whole drive restore restored the partition to sector 0 in the TrueCrypt
volume. What am I missing here?

[crawfish]

TeraByte Support wrote:
> >>Each mounted TrueCrypt volume is seen as an entire disk
>
> "crawfish" wrote in message news:7881@public.image...
>
> This seems backwards to me. The partition-only restore created a new drive
> with MBR and first partition at sector 2048 in the TrueCrypt volume, while
> the whole drive restore restored the partition to sector 0 in the TrueCrypt
> volume. What am I missing here?

I got the bit about "Each mounted TrueCrypt volume is seen as an entire disk". To me, that's what accounts for it ever being valid for IFL to write an MBR. However, I would have expected the whole-drive restore to be the one that writes an MBR, not the partition-only restore, so it still seems backwards. If this is intentional, I'm still missing something.

[TeraByte Support]

when you backed it up, it was the same state, and knew it wasn't
partitioned. full drive restore puts it back that way.

"crawfish" wrote in message news:7883@public.image...

TeraByte Support wrote:
> >>Each mounted TrueCrypt volume is seen as an entire disk
>
> "crawfish" wrote in message news:7881@public.image...
>
> This seems backwards to me. The partition-only restore created a new drive
> with MBR and first partition at sector 2048 in the TrueCrypt volume, while
> the whole drive restore restored the partition to sector 0 in the
> TrueCrypt
> volume. What am I missing here?

I got the bit about "Each mounted TrueCrypt volume is seen as an entire
disk". To me, that's what accounts for it ever being valid for IFL to write
an MBR. However, I would have expected the whole-drive restore to be the one
that writes an MBR, not the partition-only restore, so it still seems
backwards. If this is intentional, I'm still missing something.

[TeraByte Support(PP)]

When restoring just the partition it seems to work if there is already an existing formatted partition when you do the restore. In the above scenarios, the file system for the new encrypted partition was set to "none" since NTFS wasn't available. If you select a file system (e.g. FAT, ext3, etc.) so it gets formatted it will show as a normal partition in IFL (instead of "Free Space"). Restoring to the formatted partition allows it to be accessed normally.

So, basically, if you're going to restore to an unformatted mounted TrueCrypt partition ("none" used when created), restore as an Entire Drive image. Otherwise, if the mounted TrueCrypt partition is formatted, restoring as a single partition seems to work (as does an Entire Drive image restore).

I would still recommend backing up as an Entire Drive image since it allows both types of restores.

[crawfish]

It would be good to formally document these procedures. I still don't get why restoring just a partition writes a boot sector to the TrueCrypt volume, and restoring a whole drive does not, but if it were documented as such, I could have avoided some trial and error.

It would also be great to include some updated software, particularly a hex editor like wxHexEditor, as I gave up on the included one. A copy of the documentation, PDF viewer, and Firefox would be very helpful as well.