Jump to content











Photo
- - - - -

how to install into the partition boot record?


  • Please log in to reply
41 replies to this topic

#26 mr_

mr_

    Frequent Member

  • Members
  • 355 posts
  •  
    Germany

Posted 31 July 2008 - 04:08 PM

ktp, answering to your second previous post.

This was the way I was talking all time after a while in this thread. Somehow you have overread or I explained it not well.

1) Chainloading another MBR: this is strange for me. Is it possible?
- Yes it works.
But I don't know if only the whole MBR will be executed (including partition table) or if just the boot code will be executed. I think the last one. Anyone knows it?

2) What is the usage of (hd0,1)/truecrypt.backup? When is it used?
- It's only for backup. Don't think you need this. I wouldn't do it, takes to much space and takes to long.

3) Is "chainloader (hd0,*)/truecrypt.mbr" acceptable by grub4dos? (usage of * character).
- You can't use * (afaik!). You need to enter 1, 2, 3 or w/e. It's for telling grub4dos where it's second file is stored. But I think it would be even better and generic to use somehow the find command.

Now about your problem. I think boot is ignored for chainloading and only used for linux booting. If you use chainload this will be the last accepted command but unsure. The error message is only if the path is wrong. (and in case you boot from USB and want to boot the internal disk, then you need to swap the disk)

Now about your previous post. Forgot about BestCrypt. It's commercial, Closed Source, has less users... Therefore you will find even lesser informations about this very special theme (USB booting + encrypted + multibooting :cheers:).

TrueCrypt works well. Try my setup. First use USBoot 2 beta and if you can install XP on USB then first thing is fine. Then encrypt it using TrueCrypt 5.1a (no security flaws yet). If it's still booting then even better. After this stage please tell me your success.

Later the multibooting part is not that hard... I think we get it to work also for you. :cheers:

Edit (add):
Another "exercise" for you is to install XP on internal harddisk and encrypt it using TC 5.1a. If you have it I may tell you how to use a USB pendrive as a bootmanager. Just an exercise but I think after this you are able to combine all together (something like a preliminary practise).

#27 ktp

ktp

    Silver Member

  • Advanced user
  • 733 posts

Posted 31 July 2008 - 04:36 PM

TrueCrypt works well.

Well, for internal hard disk for sure. For external USB hard disk, it is questionable.

I open a problem on the TrueCrypt forum:
Pretest failed with external USB hard disk:
http://forums.truecr...pic.php?t=12326


I have no problem with TrueCrypt encryption OS partition on internal hard disk.

#28 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 31 July 2008 - 05:38 PM

@mr_

The whole MBR is chainloaded.

3) In (hd0,1)/menu.lst
title Windows XP Professional (TrueCrypt)
rootnoverify (hd0,0)
chainloader (hd0,*)/truecrypt.mbr
boot


Try this:

3) In (hd0,1)/menu.lst
title Windows XP Professional (TrueCrypt)
find --set-root /truecrypt.mbr
chainloader /truecrypt.mbr
rootnoverify (hd0,0)


jaclaz

#29 ktp

ktp

    Silver Member

  • Advanced user
  • 733 posts

Posted 31 July 2008 - 05:42 PM

OK success now with Best crypt volume encryption (BCVE)!

The grub4dos Error 8 is due to "boot" command executed while the previous chainloader directive failed:
(hd0,*) is not a valid syntax. You need to indicate the right number e.g. (hd0,1).

Explanations:
After encryption by either TrueCrypt (Tc) or BCVE, the MBR is changed, and some unencryption code put in the first sectors of the disk.
You can then just save the MBR to a file, installing grub4dos in MBR (or launch grub4dos by other supported methods), then
chainload the 512-byte MBR file saved. This will boot the encrypted OS voumes (XP or Vista).

The problem I had with TC is that chainloading TC MBR gives hang at Pre-boot authentication (PBA), while I do not have
any problem chainloading BCVE MBR (no hang at BCVE PBA). The hang occurs with extenal USB HDD.

Edit (add):
@mr_
Thank you for your input. They helped me understanding the process. Now I have a temporary working multibooting using grub4dos and OS encrypting using BCVE (trial). Hpe that TC PBA hang problem would be fixed soon, maybe with version 7 ? :-)

@jaclaz
Thank you, your new code works.


Note: chainloading a MBR is really nice feature, I did not know this before. From my existing multibooted USB HDD, I just easily add the new entry chainloading the MBR in order to boot the encrypted OS !

Question: if I change the hard disk partition structure (adding, resizing, removing partitions...) is the saved mbr file still usable ?
I would hope that the 512-byte MBR file is used for its code only, so the code would be smart enough to use the addtional code in reserved sectors, than scan the partitions for the encrypted one. In that case, it should have no impoact, no change to the file.

#30 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 31 July 2008 - 07:09 PM

Question: if I change the hard disk partition structure (adding, resizing, removing partitions...) is the saved mbr file still usable ?
I would hope that the 512-byte MBR file is used for its code only, so the code would be smart enough to use the addtional code in reserved sectors, than scan the partitions for the encrypted one. In that case, it should have no impoact, no change to the file.



The whole MBR is chainloaded.

:cheers:

You will need to update the partition table in the MBR.
Though I am not familiar with truecrypt MBR, it MUST have a partition table at the usual location, otherwise other operating systems would "complain".
Post your truecrypt MBR zipped, and I'll check it.

jaclaz

#31 ktp

ktp

    Silver Member

  • Advanced user
  • 733 posts

Posted 31 July 2008 - 07:24 PM

@jaclaz
Here is the zipped bestcrypt.mbr:
http://www.mediafire.com/?2tlew2z0cnx

There are normally 3 partitions, a small FAT, a XP FAT32 (encrypted), and a NTFS partition.

After that, I deleted the NTFS partition and create a smaller one, with the rest unallocated.
The system stilll boots with chailoading the old saved MBR file. So for me I guess that chainloading MBR
by grub4dos does not use the partition table part in the MBR but only executes MBR code, which is independent
of partition table values.

#32 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 01 August 2008 - 08:03 AM

Is it a truecrypt or a bestcrypt MBR?:cheers:

Nevermind, I am not interested at the code, just at the partition table. :cheers:

REST ASSURED that the WHOLE MBR is read (and used) when chainloading from grub4dos. :cheers:

BUT, there are GOOD news too. :cheers:

After all these years (nearly 15! ), you (or online? :cheers:) found yet another way to prove that Gilles Vollant's :cheers: (and mine :cheers: ) approach to "proper" partitioning is a winning one. :cheers:

See these:
http://www.911cd.net...o...=19745&st=7
http://www.msfn.org/...a...4.html&st=6
http://www.msfn.org/...n...6.html&st=2

Basically, what you have in your MBR is:
1) a smallish FAT16 06 partition
2) a BIG 0F Extended Partition

Thus, entry 2) in partition table points to EPBR or EMBR. :cheers: (either Extended Partition Boot Record or Extended Master Boot Record)
Reference to EPBR/EMBR:
http://www.ranish.com/part/primer.htm

Consequently, as long as you DO NOT move/remove/resize the WHOLE Extended Partition, you are perfectly free of deleting/adding/resizing as many Logical Volumes WITHIN the Extended Partition as you wish.

A queer thing I noticed about the MBR is that the drive signature is written TWO times, once at the "normal" address 1B8/440 and once at address 1A8/424.

:)

jaclaz

#33 ktp

ktp

    Silver Member

  • Advanced user
  • 733 posts

Posted 01 August 2008 - 08:19 AM

@jaclaz

Is it a truecrypt or a bestcrypt MBR?


It is Best Crypt MBR.

Congratulations to you Master jaclaz for your analysis. Gilles Vollant's partition scheme is really interesting, although unfortunately no computer manufacturers use them when delivering new computers/laptops.

#34 online

online

    Silver Member

  • Advanced user
  • 767 posts

Posted 01 August 2008 - 05:26 PM

There are normally 3 partitions, a small FAT, a XP FAT32 (encrypted), and a NTFS partition.

Normally? :cheers:

Normally, full XP installation on USB-devices has been always implemented on Primary partitions NOT Extended.

And if I well-understand what jaclaz reports

Basically, what you have in your MBR is:
1) a smallish FAT16 06 partition
2) a BIG 0F Extended Partition

you've just used, and I'm interested either for the record and for a kind of (appreciate) feedback just related to my recent method, an Extended partition (with obviously Logical drives inside) preceded by a small FAT first Primary partition. :cheers:

I'm very glad to know this now (and I never found anything about this before) because to do that on USB-devices is just my idea! :cheers:

http://www.911cd.net...o...st&p=148627

http://www.boot-land...?showtopic=5315

http://www.boot-land...?...ost&p=40823

#35 mr_

mr_

    Frequent Member

  • Members
  • 355 posts
  •  
    Germany

Posted 01 August 2008 - 08:08 PM

Well, for internal hard disk for sure. For external USB hard disk, it is questionable.

I open a problem on the TrueCrypt forum:
Pretest failed with external USB hard disk:
http://forums.truecr...pic.php?t=12326

Can't read it. Members only and the registration process is a good example for overdesign.

I have no problem with TrueCrypt encryption OS partition on internal hard disk.

You can exercise mulitbooting on internal harddisk with TrueCrypt first. TrueCrypt no longer in MBR, but inside a file and grub4dos in MBR.

Question: if I change the hard disk partition structure (adding, resizing, removing partitions...) is the saved mbr file still usable ?
I would hope that the 512-byte MBR file is used for its code only, so the code would be smart enough to use the addtional code in reserved sectors, than scan the partitions for the encrypted one. In that case, it should have no impoact, no change to the file.

Understood the question... I am also interested in this question. But I don't know if grub4dos only ready and executes the boot code and the bootcode + bootloader (ntldr or whatever) will read the partition table and magic numbers itself. Hope so...

This is also a very complicated question to ask for non native English speakers to Chinese English speakers.

I think only a practical test with different operating systems could show if the bootcode + bootloader are intelligent enough to read the partition table from harddisk and not from... Ehm yes, from what. From memory given by BIOS.

#36 ktp

ktp

    Silver Member

  • Advanced user
  • 733 posts

Posted 02 August 2008 - 12:08 PM

Just a word to inform all of you that I am very satisfied with multibooting USB HDD with encrypted OS partition. Best Crypt Volume Encryption is better for me but True Crypt is free, open source and may better fit others. I also have now more security on my laptops thanks to encryption of the OS in the internal hard disk.

Many thanks to mr_, online, jaclaz and others for mentioning then developing this new and interesting subject for me.

Note : when you encrypt an OS partition in multi-boot environment, first remember to install the software (True Crypt/Best Crypt) FIRST on both OSes (XP, Vista) so that appropriate file system driver is loaded. Otherwise you could boot one OS, but for the other you will get BSOD (missing protected driver) : you will have to decrypt the partition, install the software then encrypt again.

#37 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 25 August 2008 - 05:43 PM

I'm very glad to know this now (and I never found anything about this before) because to do that on USB-devices is just my idea! ;)


Just for the record:
http://www.911cd.net...o...=17701&st=6
;)

No prob though :whistling:, read the part about ideas in my "CAREWARE" license, they are FREE (as in FREEDOM):
http://home.graffiti...t/careware.html

;)

jaclaz

#38 online

online

    Silver Member

  • Advanced user
  • 767 posts

Posted 25 August 2008 - 07:12 PM

Just for the record:
http://www.911cd.net...o...=17701&st=6

You remember that after 24 days? ;)

Meanwhile (and more seriously), you can believe (I hope) in what I will say: I never remotely thought or said about taking "merits" for not a my idea! :)

Secondly, you do kindly note that if you read with a bit of more attention I did not say at all of the implementation of Hitachi Microdrive Flter driver, but indeed about my idea :whistling: to install Full (Generic) XP on USB Logical Drive (obviously of Removable Flash-Sticks too)...

And you do at least as kindly note that in the thread you linked there is absolutely no mention of any logical partitions! ;)


Btw1: I thought that the idea of using Hitachi Microdrive Filter driver was of Dietmar as said here,

http://www.boot-land...?...ost&p=41664

but now I "intuit" that it is an idea of your, instead...
With all my compliments for your Microdrive idea! ;)


read the part about ideas in my "CAREWARE" license, they are FREE (as in FREEDOM):
http://home.graffiti...t/careware.html

Nice, but please note that - always in that freedom you say - the important thing is also to recognize an idea...


Btw2: furthermore, please note that in this thread it was rather clear after your analysis of that MBR that those logical partitions had been "probably" created after my suggestion to do just that.
[Edit (added): I really meant that it would be a nice thing if also the source was mentioned...]

http://www.boot-land...?...ost&p=40808



;)

#39 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 25 August 2008 - 08:03 PM

Well, actually I was trying to mock a little bit jetman516 on this thread:
http://www.911cd.net...o...21955&st=13
"sending" him here, and at the same time "defending" the paternity of your idea, of my ideas and of all ideas in the world.

If you want "my" idea, you can have it, it's FREE, as in FREEdom and as in FREE beer. :whistling:

About the Hitachi Microdrive Filter, it was FOUND by Dietmar, read here:
http://www.911cd.net...showtopic=14292

I FOUND the alternate (better in my view) dummydisk.sys by Anton Bassov:
http://www.911cd.net...o...181&st=1954
who was so kind as to write the Rdummy.sys reversed filter driver used here:
http://www.msfn.org/...m-USB-f157.html

....and, again just for the record ;) , you remember who "introduced" you to cfadisk.sys, do you?
http://www.911cd.net...showtopic=21572

Take it easy, man, remember Rule #12:
http://www.boot-land...?act=boardrules

12. SMILE! ;) Life is tough, we all know that, when you enter this board, it will be appreciated that you leave your personal problems behind, asking and replyinq questions or however exchanging informations with a "positive" attitude, TAKE IT EASY ;) and enjoy your stay here.


jaclaz

#40 online

online

    Silver Member

  • Advanced user
  • 767 posts

Posted 25 August 2008 - 09:00 PM

Take it easy, man, remember Rule #12

Yes, in fact it is just what I do... and just for the record the followings are the emoticons that I've used in my previous reply

:whistling:

:)

;)

;)

:)

Really there were more, but then the post resulted almost un-readable... in origin they was 10, and all of the same "vibration"... :)

Thank you for your linked thread of today on 911CD, I did not read it. ;)

However, frankly I do not yet understand the vibration of none of your two last replies, but probably is a my temporary (I hope) limit... ;)


Btw1: probably it is also just a way to say the "facts" that I "know", not only and not necessarily, how you want to see, a paternity asserting. :)
I devised a way and I've shared that way. End.


Btw2: when I went to school I said "my teacher", "my school", "my companions"... :)

#41 risolutore

risolutore

    Frequent Member

  • Advanced user
  • 311 posts
  •  
    Italy

Posted 16 August 2009 - 10:04 AM

I found GGhost one click solution recovery based on grub4dos as tou can see in the picture

Attached Thumbnails

  • gghost.JPG


#42 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 16 August 2009 - 02:06 PM

I found GGhost one click solution recovery based on grub4dos as tou can see in the picture


Good. :frusty:

But together with that lousy screenshot :unsure:, a link to the app homepage (Chinese) would have been appreciated:
http://gghost.cn/

Though I have serious doubts about the redistributability of Symantec's GHOST :frusty:, even if for "personal use only". ;)

jaclaz




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users