Need Info: Win7 + DiskMirroring + TrueCrypt = ??

Discussion in 'Windows 7' started by Phazor, May 18, 2010.

  1. Phazor

    Phazor MDL Expert

    Sep 1, 2009
    1,145
    517
    60
    Somewhat complicated scenario here, so im trying to describe it as simply as possible.


    Win7 (Pro and higher) allows mirroring of volumes/drives.

    Its sort of a (Software-) RAID1, with the advantage that an irreplacable controllercard/chipset can never become an issue. (Data always accessible.)

    In effect this means that Windows would 'unify' 2 different volumes under 1 single drive letter.

    Example: Partition1 on DriveA and Partition1 on DriveB would become one logical unit under drive letter D:\


    TrueCrypt however (at least normally) expects each encrypted volume to be mounted separately under its own drive letter.

    In other words i cannot mount Partition1 on DriveB under D:\ when i already gave D:\ to Partition1 on DriveA. (Since the letter would no longer be available.)

    As a result i could always only mount one of the two involved volumes as D:\ , namely either that on DriveA or that on DriveB.

    This in turn would mean that as far as TrueCrypt is concerned, one of the involved volumes (either the main or the mirror) always had to be left unmounted. (Since using another drive letter would interfere with the mirroring.)

    But if a TrueCrypt volume is not mounted (meaning unlocked via password) you cannot write/read any data to/from it either. (Obviously.)


    Im sure you see the dilemma. Two volumes, one drive letter, and a program that expects each volume to have its own drive letter. Hence my question; has anyone ever tried this particular constellation of Win7 mirroring plus TrueCrypt? Would the encryption/decryption process, (due to the fact that the two volumes are mirrored through the operating system), be applied to both involved volumes even though only one of them is actually mounted in TrueCrypt?


    This would be very important for me to know, because i intend to mirror the four 500GB partitions of my new 'main'* drive 1:1 onto a second identical drive. (You know, to be on the safe side. After all 2.000 GB is not peanuts anymore.) But i need the encryption to work, otherwise i need not give this option any further thought.

    Thanks in advance for any clarifications.


    *There will be no OS on these volumes, its data storage only.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. freevista

    freevista MDL Junior Member

    Jan 14, 2009
    78
    15
    0
    I don't have much experience with Windows RAID, but create the volume, don't assign any drive letter for it in Windows Disk Management, and after that press "Select Device.." in Truecypt. If Windows provides a single volume name for your RAID volume (something like \Device\HarddiskX\PartitionY), I think you can use it in Truecrypt just like any other volume.
     
  3. freevista

    freevista MDL Junior Member

    Jan 14, 2009
    78
    15
    0
    I just tested this quickly in VMware. Works ok, the volume is displayed as \Device\HarddiskVolumeX. Just don't assign any drive letter for the volume in Windows Disk Management when you are creating it, and of course there is no point formatting it either, Truecrypt does that for you.
     
  4. Phazor

    Phazor MDL Expert

    Sep 1, 2009
    1,145
    517
    60
    Great, im glad to hear it.

    Thanks very much. :)

    Thats exactly what i always do.

    The volumes stay 'RAW' and are formatted only via TC.

    (Been using it like that for years with many drives, only never in any RAID config.)


    Thanks again. :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Kikoo

    Kikoo MDL Junior Member

    Jul 29, 2009
    80
    6
    0
    You might also want to check out the mountvol command which you can use to find out the raw paths for the partitions.
     
  6. Phazor

    Phazor MDL Expert

    Sep 1, 2009
    1,145
    517
    60
    Dont think im going to need this (at least i never did thus far) but thank you for the tip. :)


    There is one other thing though that started circling in my head this morning.

    What about an OS reinstall?

    Will the array survive this?

    Does Windows somehow tag/mark/whatever the drives and their partitions so that even a fresh installation is able to tell whats what?

    Or is this sort of a per-installation thing?


    Again this would be very important to know, because if one had to recreate the array, (in whatever way), and this process writes anything onto the drives, (or changes something fundamentally), then this might destroy/invalidate the TrueCrypt data, which means i shall never see the contents of these volumes again.

    So if you have any info to share on this, please do.

    Thanks in advance. :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. freevista

    freevista MDL Junior Member

    Jan 14, 2009
    78
    15
    0
    Good question, vmware helps again :) I moved the mirrored disks (pair of .vmdk files) with a Truecrypt volume to another machine (2008 R2, but I think Win7 Pro and up behaves the same way). The disks initially show up as "foreign" in disk management, and you can then select "Import Foreign Disks". Windows then asks permission to add them to the system configuration -> Ok -> then it displays the foreign disk volumes (Type Mirrored volume, Condition OK) -> Ok again and the volume is usable in Truecrypt, it mounted ok with my test data intact.
     
  8. Phazor

    Phazor MDL Expert

    Sep 1, 2009
    1,145
    517
    60
    Ah gee, thats great indeed.

    Thanks very much again...now i feel confident enough to set it up that way. :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...