none
Accessing a windows truecrypt volume using ubuntu RRS feed

 > 

  • Allgemeine Diskussion

  • Discussion
    Anmelden
    0
    Anmelden

    I have a serious problem here: My computer does not boot any more (hangs on the windows start screen), so I tried to use a Ubuntu Live CD access the files and scan for root kits, or at least back up everything.

    However, this is not as easy as it sounds, because I have two major setup specialities:

    1. My computer is a Sony VPC Z13 with 3 64GB SSD disks that are in a fake raid
    2. My windows volume is encrypted using TrueCrypt

    I have created a bootable Ubuntu usb drive which recognizes the raid by default:

    ubuntu@ubuntu:/dev$ sudo dmraid -ay
RAID set "isw_bibiifejd_Volume0" already active
RAID set "isw_bibiifejd_Volume0p1" already active
RAID set "isw_bibiifejd_Volume0p2" already active
RAID set "isw_bibiifejd_Volume0p3" already active

    isw_bibiifejd_Volume0p1 is an 8GB windows restore partition. I can mount this easily with mount /dev/mapper/isw_bibiifejd_Volume0p1 /mnt/win1isw_bibiifejd_Volume0p2 is a 100M partition called "System Reserved" and was mounted automatically by ubuntu. I think this is the place of the bootloader (?). isw_bibiifejd_Volume0p2 is my windows partition, encrypted with true crypt. fdisk says the following:

    ubuntu@ubuntu:/dev$ sudo fdisk -l /dev/mapper/isw_bibiifejd_Volume0p3

Disk /dev/mapper/isw_bibiifejd_Volume0p3: 183.6 GB, 183617154048 bytes
255 heads, 63 sectors/track, 22323 cylinders, total 358627254 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 131072 bytes / 393216 bytes
Disk identifier: 0x3ec32997

Disk /dev/mapper/isw_bibiifejd_Volume0p3 doesn't contain a valid partition table

    I was trying to mount isw_bibiifejd_Volume0p3 with truecrypt, but I get an error:

    ubuntu@ubuntu:/dev$ sudo truecrypt -t /dev/mapper/isw_bibiifejd_Volume0p3 /mnt/win3
Enter password for /dev/mapper/isw_bibiifejd_Volume0p3: 
Enter keyfile [none]: 
Protect hidden volume (if any)? (y=Yes/n=No) [No]: 
Incorrect password or not a TrueCrypt volume.

    Is my approach to mount the true crypt volume correct? Is there any other way?

    Freitag, 13. Januar 2012 12:36
    |

Alle Antworten