Results 1 to 5 of 5
  1. #1
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    TrueCrypt - keyfile ONLY

    I'm running TrueCrypt 4.2, which I now realise, is out of date, 6.x being available.
    For the past 18 months I've been happily using two files D:Greaves and D:Pers to store encrypted data.
    I key in a password for each volume at boot-time.
    I now want to TrueCrypt my two external drives, which would require that I type in 4 passwords.

    I've been trying to set things up so that I need key in the password for D:Greaves only, and have D:Pers be opened up with a key file that can be found inside D:Greaves.
    I'd like to extend this to the two externals, but so far everything I've tried results in TrueCrypt asking me to type in a password - even when I haven't issued one at volume creation.

    Question 1: Is anyone using TrueCrypt with keyfiles-only?
    Question 2: Should I upgrade to version 6.x (probably yes)

    And no, I'm not changing Greaves and Pers yet; I'm experimenting with a small 1MB "EraseMe" file.
    Attached Images Attached Images
    • File Type: jpg 1.JPG (51.7 KB, 0 views)

  2. #2
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: TrueCrypt - keyfile ONLY

    I have never used keyfiles, but the helpfile for TrueCrypt 6.0a on my PC includes the following:
    <hr>When a keyfile is used, the password may be empty, so the keyfile may become the only item
    necessary to mount the volume (which we do not recommend). If default keyfiles are set and
    enabled when mounting a volume, then before prompting for a password, TrueCrypt first
    automatically attempts to mount using an empty password plus default keyfiles. ....<hr>
    So I guess an upgrade to the latest version might solve this for you

    StuartR

  3. #3
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: TrueCrypt - keyfile ONLY

    Thanks Stuart.
    I've installed and am now running 6.0a.

    I'd read (and re-read) the user guide and saw that "(which we do not recommend)".
    I agree that keyfiles-only is not a good thing, but still feel that for my situation, having the keyfiles on an encrypted drive, and requiring manual password for that first drive is sufficient.

    I'd trawl the TC forums, but they are down right now. Maybe later.
    In the meantime I'll key in four passwords ....

    I'm puzzled that i cannot get the "keyfile" assignment to stick.
    When TC request a password I use the Volume Tools button and find that my passwords files are not listed there.
    Sigh.

  4. #4
    Platinum Lounger
    Join Date
    Nov 2001
    Location
    Melbourne, Victoria, Australia
    Posts
    5,016
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: TrueCrypt - keyfile ONLY

    > having the keyfiles on an encrypted drive, and requiring manual password for that first drive is sufficient.

    ... until that drive dies on you and you're left with one dead HD + 2 inaccessible externals! <img src=/S/meltdown.gif border=0 alt=meltdown width=15 height=15> <img src=/S/hairout.gif border=0 alt=hairout width=31 height=23>

    Alan

  5. #5
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: TrueCrypt - keyfile ONLY

    >... until that drive dies on you and you're left with one dead HD + 2 inaccessible externals!
    I follow your logic. Valid point.
    And thank you.

    The laptop 100GB is in two partitions, C: (15GB) and D: (85GB).
    I have a 6GB file D:Greave, TrueCrypted, with a password I always key in by hand.
    Once decrypted, and set up as drive G:, the keyfile G:NextKeyFile is available, and I daisy-chain down a series of TrueCrypted drives and key files.

    I had not stated that the TrueCrypted file D:Greave is backed up twice a month - a snapshot of my current work - to the two external drives, so that I can always (manually) decrypt the snapshot of D:Greaves from one of two drives and obtain the stable/static keyfiles that way.
    I think this is still a workable situation if I assign 10GB of a 300GB external drive to hold the snapshot TrueCrypted file Greave, and set the remaining 290GB of each drive to be the encrypted backup of the Laptop and Big Beige Box.

    I will give this some more thought; the old "eggs in one basket" has been around for years, fo a very good reason!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •