Chainload to Truecrypt on second disk - Page 2
FedoraForum.org - Fedora Support Forums and Community
Page 2 of 2 FirstFirst 1 2
Results 16 to 20 of 20
  1. #16
    silverfunk Guest

    Grub Chainloading Truecrypt

    I've been reading over this thread and several others. After much trial and error I've finally gotten grub setup in the MBR and successfully chainloading the Truecrypt boot loader for Windows.

    My setup is as follows:
    /dev/sda1 - Windows (Truecrypt v6.1a)
    /dev/sda2 - /boot
    /dev/sda3 - encrypted LVM with Ubuntu 9.04

    The version of Linux doesn't really matter and you can probably even have windows on a different partition if you really wanted to.

    These are the steps I followed:
    1) Install Windows
    2) Install Linux with LVM encryption
    3) Use Truecrypt in Windows to encrypt the Windows partition. Let it write over the MBR.
    4) Boot up a Linux live CD.
    5) Follow these commands to save off the Truecrypt MBR and write grub over it.
    $ mount /dev/sda2 /boot
    $ dd if=/dev/sda of=/boot/truecrypt.mbr bs=512 count=1
    $ grub-install /dev/sda
    $ vi /boot/grub/menu.lst
    6) Make the Windows stanza in your menu.lst look like this.
    title Encrypted Windows
    rootnoverify (hd0,0)
    chainloader (hd0,1)/truecrypt.mbr
    boot

    The key here is to tell grub that the truecrypt.mbr file is on a different partition than that of the Windows partition. If your partitions are laid out differently then you would just need to make sure this stanza matches your setup. And to be honest I have no idea if the "boot" thing is necessary.

  2. #17
    Join Date
    Jun 2006
    Posts
    7,544
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by silverfunk

    And to be honest I have no idea if the "boot" thing is necessary.
    Hello silverfunk,

    When there is not a separate boot partition, then /boot must be included in paths in GRUB shell commands and in grub.conf menu commands. You do have a separate boot partition, and therefore your syntax worked without /boot in the path of your chainloader command. I do not have a separate boot partition, and therefore this scheme worked for me with /boot in my chainloader command back in post #3. Anyway, you will just have to take my word on this matter since there is no way for you to test both possibilities in the affirmative in your configuration. Adding /boot to your chainloader command would break it but not really prove what I am saying.

    Anyway, thanks for confirming that this does work with Truecrypt involved in the mix of variables. It's what zackf wanted to do all along. I was able to do it, and I published the result in post #3. But I don't use Truecrypt, so I couldn't perfectly test zackf's idea. And then zackf could not reproduce what I did (why is anyone's guess). So I moved on, but the idea of copying a master boot record to a binary file and launching it (as we routinely do for partition boot sectors) was new and interesting to me.

  3. #18
    Join Date
    Nov 2006
    Location
    South Carolina
    Posts
    798
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's a great idea, but I think throwing the second HDD (sdb) in the mix is leading to my additional heartache. Due to some travel restrictions I have yet to try using the NT loader as stoat suggested but I am really looking forward to it.

  4. #19
    Join Date
    Nov 2006
    Location
    South Carolina
    Posts
    798
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Stoat, I tried your suggestion on NT loader, I found your instructions most excellent and easy to follow. I think I am mistaken in one thing though. My /boot partition on my Fedora drive is still marked as bootable, would I be correct in thinking that I need to have my fedora.bin file on Windows boot straight to stage 2 on / ?

  5. #20
    Join Date
    Jun 2006
    Posts
    7,544
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by zackf

    My /boot partition on my Fedora drive is still marked as bootable, would I be correct in thinking that I need to have my fedora.bin file on Windows boot straight to stage 2 on / ?
    Hello again zackf,

    That fedora.bin file (which, in those instructions, is actually a copy of stage1 that is installed in the boot sector of /boot) loads and executes stage2 which is a file in the filesystem of /boot (i.e., /boot/grub/stage2). Stage2 is not in / which is actually inside the LVM physical volume and not accessible to GRUB anyway. And regarding the partition marked active, that doesn't matter at all to GRUB which boots in stages which know (or can find) where the next stage is located. Only Windows relies on the active partition for booting. So if you are using NTLoader to boot everything, then the partition with NTLoader's boot files should be the active partition (/dev/sda1 from post #1).

    P.S.: The above is for normal circumstances. I imagine it would be the same with Truecrypt involved, but I have never used it myself.
    Last edited by stoat; 18th May 2009 at 03:32 PM.

Page 2 of 2 FirstFirst 1 2

Similar Threads

  1. yum, truecrypt
    By fizy in forum Security and Privacy
    Replies: 14
    Last Post: 27th June 2008, 01:33 PM
  2. Replies: 7
    Last Post: 12th February 2008, 12:56 AM
  3. Grub won't chainload to grub: Error 13
    By nyjetshead in forum Using Fedora
    Replies: 3
    Last Post: 25th January 2008, 06:29 PM
  4. Using truecrypt
    By fire-fly in forum Using Fedora
    Replies: 4
    Last Post: 24th August 2007, 03:44 AM
  5. truecrypt / dm.h
    By Spacerat in forum Using Fedora
    Replies: 2
    Last Post: 25th July 2007, 08:22 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •