My system setup: Truecrypt and VMware

Discuss anything related to portable freeware here.
Post Reply
Message
Author
User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

My system setup: Truecrypt and VMware

#1 Post by webfork »

Anyone who's interested a look at how I run my system. I'm running a Mac OS 10.6 running VMware running WinXP SP3 [update: this is now Win7x86]

Setup I have both my private portable programs and my regular portable programs inside of a 10 gig truecrypt container. I don't want to encrypt my entire OS, as that would slow everything down.

Startup
  • Step 1. Once I start up my machine, I run mount.bat, which is just a text file that contains the following:

    Code: Select all

    @echo off
    "C:\Program Files\TrueCrypt\TrueCrypt.exe" /auto /quit background /letterj /volume "c:\drive.tc"
    exit
    TrueCrypt's site has an explanation of the different command-line switches used above. The effect of this file is to pop up a password window, open the d:\volume.tc file to the "J:\" drive, and then make TrueCrypt disappear into the background. This means a lot less action on my part to get to my files.

    Step 2. Note that the DOS window won't go away unless TrueCrypt is already running so I put it in the Startup folder and added /quit background to the end of the "C:\Program Files\TrueCrypt\TrueCrypt.exe" shortcut.

    Step 3. I run start.bat file, which is located in my portable programs folder and contains the following:

    Code: Select all

    @start "" "%~dp0pstart\pstart.exe"
    The "private" pstart copy auto-starts Taskswitchxp and Notepad++. I used to have the Everything search program running but I think this program was interfering with ejecting my external drives.


Shut down
This is unnecessary when doing a standard system shutdown, it's here for the rare machine that needs you to dismount everything manually.
  • EjectUSB to shut everything down quickly. I know EjectUSB is a very smart program and I could make it do things a lot smoother, but I admit that the thread on that was over my head.
  • Run this dismount script:

    Code: Select all

    @echo off
    "C:\Program Files\TrueCrypt\TrueCrypt.exe" /quit /dismount j
    exit
Thoughts/suggestions on this setup are welcome.



TrueCrypt corruption issue in VMware [resolved]
  • Problem: I've run TC for years and had no problems but, as mentioned above, there appears to be some issue when Windows goes into Stand By mode under VMware and the volume is on the Mac side. I wasn't concerned about this until I noticed random files in my TrueCrypt volume (unrelated to portable software) disappeared.

    Resolution: Save the TrueCrypt volume locally. In this case I expanded the size of the Windows install, created another partition, and saved it locally to the windows system. Essentially what's happening here is that the computer is accessing TrueCrypt over the local network and it must dismounted before putting the computer to sleep.
Last edited by webfork on Fri Jan 15, 2016 1:20 pm, edited 5 times in total.

lyx
Posts: 84
Joined: Mon Feb 15, 2010 1:23 am

Re: Setup with Truecrypt and VMware

#2 Post by lyx »

I'm using a similiar setup - though, i have multiple TC-volumes (apps, personal, official), so that i at a given time can decide which data/apps should be accessible. One problem with that is that the favs feature in TC does not support relative paths (which sucks!), so while on the go i use a batch file instead, just like you.

I have pstart not on the TC volume, but unencrypted on the same drive as the TC volumes. So, the workflow is:

1. I start pstart (or on my home pc, it autostarts).
2. pstart autostarts truecrypt or the mount-batchfile

On my own machine, this means that i can just put pstart in windows' autostart folder, and when i boot up, everything loads automatically and i'm presented with a password prompt.

sheiladobson
Posts: 1
Joined: Thu Aug 26, 2010 6:36 am

Re: Setup with Truecrypt and VMware

#3 Post by sheiladobson »

Great setup! Thank you for giving a specific way on how it can be done.

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Setup with Truecrypt and VMware

#4 Post by webfork »

Old thread update:

Update 2: I talked to an expert on this who indicated that you should NOT do this for VMware. It may do some good in the future, but there's currently no benefit with those setups.

I just found out that sysinternals sdelete.exe (command line program) will zero out your free space, which is very useful for VMware installs for the "Shrink" operation. This is great because it takes my WinXP install that *thinks* it has 20 gigs of space and puts it into an area on the host drive closer to 11 gigs. However, if the free space isn't zero'd out, VMware will treat deleted information as real data (things I might want to undelete in the future).

It's also has the effect of wiping my drive's free space, which is also good.

More on this:

http://technet.microsoft.com/en-us/sysi ... 97443.aspx
https://www.pcworld.com/article/2024256 ... -line.html

I'm a little surprised VMware doesn't include a tool like this in their "Tools" program that they install on Windows.

There was some kind of error on VMware's community forums so all I could find on this was a rather server-centric article: https://blogs.vmware.com/vsphere/2012/0 ... scoop.html

gavind
Posts: 15
Joined: Wed May 15, 2013 7:33 am

Re: Setup with Truecrypt and VMware

#5 Post by gavind »

Nicley done WebFork. I'll try this and see how it goes for me. Image

User avatar
Midas
Posts: 6706
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Setup with Truecrypt and VMware

#6 Post by Midas »

@Webfork: simple question, why do you favor VMWare over Virtual Box?

BTW, the hidden lodes of information available here at the forums never ceases to amaze me... :)

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Setup with Truecrypt and VMware

#7 Post by webfork »

Midas wrote:@Webfork: simple question, why do you favor VMWare over Virtual Box?
Mainly I had some early issues with Virtual Box and then switched over to VMware and have been pretty happy with it. I know Virtual Box has improved since I last tested it but I'd need to convert over the VMs that I have setup.
Midas wrote: hidden lodes of information available here at the forums never ceases to amaze me
:) awesome

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Setup with VirtualBox

#8 Post by webfork »

EDIT 1: So I updated my Mac to the latest OS X operating system, which seems to have solved almost all of the major issues detailed below. Unfortunately the USB controller tools are still not playing nice and I've had some VM crashes so I just turned that off.

EDIT 2: Under no circumstances should you encrypt your VDI files using VirtualBox encryption. It's poorly supported and poorly documented. Use basically any other method.

---

Update about my setup: I'm still running a Mac with a copy of virtualized Windows. Unfortunately, VMware stopped updating my version of VMWare Fusion (6.0) two years ago and there have since been two major releases to the product that aren't exactly cheap. After a lot of encouragement from friends who use VirtualBox, I think I've found a reasonably good setup with Windows 7 Ultimate (x86).

Unfortunately what I didn't pay for in convenience did arrive after a lot of trial and error. For those that would like to learn from my mistakes:

Suggestions:
  • Do not pause the OS. That's an awesome feature but it just seems to cause it to crash.
  • Avoid USB controller tools. As annoying as that is for someone who works on a portable site, it also frequently crashed the program. You can use Shared Folders to run most programs via a network interface or just copy them locally.
  • Shut down frequently. The system doesn't seem to like the standby mode inside OS X so I turn off the Windows VM frequently and lean on Splat to get me back where I was.
  • Other settings:
    • Motherboard: Chipset: PIIX3, Extended features: Enable I/O APIC,
      Acceleration: Enable Nested Paging and the “Default” Paravirtualization Interface”
Other notes:
  • Processor - Based on some articles I dug up, some suggest running Windows on a single processor, but from my experience, that didn’t have any effect and the system ran MUCH slower.
  • Crashing - There's some system instability with the new setup, but there were problems with VMware as well. At least when VirtualBox fails, it just takes down my version of Windows. VMware was frequently freezing my whole machine.
  • Security - I recommend against using TrueCrypt (as discussed in previous posts on this thread) or BitLocker. Instead I recommend VirtualBox's own encryption, which is both open and up-to-date. For the "J:\" drive, you can just create a new virtual drive and assign a letter.
As far as the interface, you can make a reasonable reproduction of Fusion via a lot of of customization. I can get into the interface tweaks that I did if anyone is curious.

User avatar
Midas
Posts: 6706
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Setup with Truecrypt and VMware

#9 Post by Midas »

Interesting. Just clear something out for me: this is Virtual Box for Mac you're running, right?

Those wanting to replicate this setup under Windows might be interested in knowing that there are two portable versions of Virtual Box freely available -- I tested both with mixed results, unfortunately in my case VBox doesn't work as a stable production environment.
Incidentally, PendriveLinux.com has an article about using the later utility to run Linux(es):

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Setup with Truecrypt and VMware

#10 Post by webfork »

Midas wrote:Interesting. Just clear something out for me: this is Virtual Box for Mac you're running, right?
Yep. Still on a i7 Mac with plenty of RAM. Works great.
Midas wrote:Those wanting to replicate this setup under Windows might be interested in knowing that there are two portable versions of Virtual Box freely available -- I tested both with mixed results, unfortunately in my case VBox doesn't work as a stable production environment
Thanks for the additional detail.

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Setup with Truecrypt and VirtualBox

#11 Post by webfork »

Update on my setup:

Short version: Don't use VirtualBox encryption. Note added to my entry on setup details.

Longer version: I was hoping over the holiday break to catch up on a long, long list of items here on the site. Unfortunately I've been hamstrung after a system failure and issues with my backup device. Importing old VirtualBox drives comes with a huge number of limitations not the least of which is the inability to have two devices with the same UUID on the same machine. So if you're pulling something from backup, you have to play a bunch of games to get the other drive (which is essentially a clone) to function.

Then there's the encryption. Dear god there's the encryption. I couldn't get it to open in the GUI so I tried the command-line. Those tools are borderline useless and have almost no documentation. Worst of all the status command shows an encrypted VDI volume as decrypted even when it's not.

Conclusion: VirtualBox is pretty great and it does a lot of great things, but for really important work, I'd stick with VMware as I never had any issue with Fusion *approaching* the difficulty I had this week.

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: My system setup: Truecrypt and VMware

#12 Post by webfork »

I'd like very much to come back to this and do a proper full update on how my setup has changed in the last 5 years, but one very key thing that's changed is doing almost everything I do nowadays is via remote desktop. I have my main machine and a separate testing machine stashed in a closet that I connect to via RDP. This has let me setup two computers on two screens with one mouse, easily move programs and applications across the network, and cut down on the general level of junk around my office.

RDP has improved a lot since the last time I used it, and even full screen video looks ok.

The only negatives are some of the images/video are lower quality (since they get compressed and sent over the network) but it's not too bad. For any graphics work, I can run it on the local laptop.

Post Reply