Moving Truecrypt MBR/Bootloader to bootable USB Thumb drive??

#1
I want to totally remove the unencrypted MBR/Truecrypt Bootloader from my fully encrypted hard disk to a bootable USB
thumbdrive and boot the system from there. I would also like to keep another copy of this MBR in another location for backup purposes. I'm using Windows 7.

Is there a way to do this?

Grateful for any nfo anyone can give!
 

mqudsi

Mostly Harmless
Staff member
#2
You'd have to contact the TrueCrypt people about that.
 

JustinW

Super Moderator
Staff member
#3
I'm assuming you want to do this to make things even more secure. TrueCrypt allows you to use keyfiles to mount volumes too which you could throw on a thumb drive, not sure if you can do that at boot time though with TrueCrypt's loader. If you've burnt a rescue disc you may be able to boot off that without decrypting everything too. If you are able to do that just burn TrueCrypt's ISO to your thumb drive with a tool like unetbootin and re-install the Vista/7 MBR in EasyBCD. It obviously at that point won't be able to boot on its own because the drive is still encrypted, but you could boot from the USB drive to mount the encrypted drive. If TrueCrypts just not meeting your satisfaction and you've got an Ultimate copy of Windows you could always go for BitLocker instead which would allow you to do something like that.
 
Last edited:
#4
I'm assuming you want to do this to make things even more secure. TrueCrypt allows you to use keyfiles to mount volumes too which you could throw on a thumb drive, not sure if you can do that at boot time though with TrueCrypt's loader. If you've burnt a rescue disc you may be able to boot off that without decrypting everything too. If you are able to do that just burn TrueCrypt's ISO to your thumb drive with a tool like unetbootin and re-install the Vista/7 MBR in EasyBCD. It obviously at that point won't be able to boot on its own because the drive is still encrypted, but you could boot from the USB drive to mount the encrypted drive. If TrueCrypts just not meeting your satisfaction and you've got an Ultimate copy of Windows you could always go for BitLocker instead which would allow you to do something like that.
thank you!