Encrypted Thumb Drive & Auto Play

pada tanggal

This is the steps to make encrypted thumb drive

Requirements

  • TrueCrypt. Download here.
  • Windows XP with Service Pack 2. Prior to SP2 you couldn't do autoplay on removable drives. You can do everything else described here though.
  • A USB thumb drive. No special requirements. Any old one will do.

TrueCrypt files

  • Move all your data off your usb drive so it's empty.
  • Install TrueCrypt on your PC.
  • From the TrueCrypt application directory (usually C:\Program Files\TrueCrypt\) copy TrueCrypt.exe to your usb drive.
  • From your Windows drivers directory (probably C:\Windows\system32\drivers\) copy truecrypt.sys to your usb drive.

Note: The TrueCrypt download is a zip file. Inside the zip file is a folder called Setup Files that contains both TrueCrypt.exe and truescrypt.sys so it's possible to skip steps 2, 3 and 4 above and just copy the two files straight from that folder to your flash drive.

Autorun file

  • Create another file on your flash drive called autorun.inf. Paste in the following: 
[autorun]
label=Cruzer
icon=truecrypt.exe
 
action=Mount TrueCrypt Volume
open=truecrypt /v data.tc /lz /q /a /m rm /e
 
shell=mounttc
shell\mounttc=&Mount
shell\mounttc\command=truecrypt /v data.tc /lz /q /a /m rm /e
 
shell=dismounttc
shell\dismounttc=&Dismount
shell\dismounttc\command=truecrypt /dz /q
 
shell=runtc
shell\runtc=Run &TrueCrypt
shell\runtc\command=truecrypt
  • The /lz and /dz above means you will mount your encrypted volume using drive letter Z. Change Z to something else in all three places if you want to use another drive letter.

Check the TrueCrypt manual to see what the other command line options do. You might want to tweak them to suit your preferences.

  • Change the label if you want to. You can also change the icon which is the icon that your usb drive has in My Computer. (I use an .ico file that I copied to my thumb drive also).

Note: In a file with more than one icon you can specify which icon you want by putting a comma then the icon number, eg icon=c:\WINDOWS\system32\SHELL32.dll,12

  • So far your drive should look something like this:






...except for the file data.tc. That's the file that will contain all your encrypted files that we will create next.

Creating the encrypted volume

  • Run TrueCrypt from your start menu and click "Create Volume".

Note: If you didn't bother to install TrueCrypt in step 2, you can just double click TrueCrypt Format.exe in the Setup Files folder.

  • Choose "Create a standard TrueCrypt volume" (the default).
  • Type L:\data.tc at "Volume Location" where L is the drive letter of your flash drive.
  • Choose your favourite encryption algorithm. (Don't ask me!)
  • Select a volume size. This is how much space you will have on your encrypted volume.

I like to make it fill the entire remaining space on the thumb drive. You make it fill it exactly by doing this:

    • Get the free space in bytes of your flash drive by right clicking it in My Computer and clicking "Properties".
    • Divide this number by 1024 to get kilobytes.
    • Back in TrueCrypt, select KB and type the number.
  • Make up a password and enter it. Remember your password because there is no way to crack it. That's the point of secure encryption.
  • Wiggle your mouse a bit for extra randomness, then click "Format".
  • When formatting is finished click "Exit" to exit.
  • This concludes the setup process. The hard part is now over!

Usage

  • Remove your thumb drive in the usual way. (Click the "Safely Remove Hardware" icon in your Systray, select the drive to remove, then yank it out).
  • Put it back in again. If the autoplay stuff is working you should see this:












Click OK. You should then see this:






  • Enter your password and up comes your encrypted drive. Voila!
  • You can now put all your files back on it. They are now securely encrypted and can't be accessed without your password.
  • To dismount
    • Go to My Computer. Right click on your flash drive icon.
    • Notice the menu options include Mount, Autoplay, Dismount and Run TrueCrypt.
    • Choose Dismount to dismount the volume.
  • Other notes
    • Note that to open your flash drive now you have to right click and choose Open because a double click will run the Mount shell extension.
    • You can also mount and dismount and change your password from the TrueCrypt program on your thumb drive. Read the TrueCrypt manual for more information.

Note: If you come to a PC where your chosen drive letter is already taken you can run TrueCrypt manually and mount your drive with a different drive letter.

    • You can backup all your secure data just by copying your data.tc to your C: drive.
    • I recommend adding a shortcut (to your real drive, not the virtual one) to your Quick Launch Bar for convenience. You can then access the right click menu from the shortcut.

Update 4-Nov-2005

Since I wrote this version 4.0 of TrueCrypt has been released with a whole load of great new features and improvements. As yet I have not tested the new version with the above procedure, but it should work.

Update 7-Feb-2006

Here are a couple of notes from commenters below. You have to have Adminstrator privilege on the Windows XP to mount. This probably prevents you accessing your data in internet cafes and student labs. When I wrote this I hadn't discovered the "Traveller Mode" section in the TrueCrypt manual. Read that to see how TrueCrypt can set most of this stuff up for you automatically!

Update 16-Feb-2006

Remora USB Disk Guard might be worth trying. It doesn't require that you have Administrator privilege. Found it here.


This Article was taken from

http://glosoli.blogspot.com/2005/09/encrypted-thumb-drive-and-autoplay.html

Komentar

Posting Komentar