10.6: Create a shared Boot Camp/OS X encrypted partition

Dec 11, '09 07:30:00AM

Contributed by: TudorIceborg

Snow Leopard only hintThis hint describes how to create an extra, encrypted FAT-32 partition on a MacBook Pro running Boot Camp with Snow Leopard and Windows 7 already in place. This partition can be accessed with read/write permissions from both the OS X and Windows side of the system.

Notice! This hint deals with partitioning and formatting, so you are at all times in a risk of losing your data. Please, create backups before you start to do anything!

  1. Back up everything!
  2. I already had Snow Leopard and Windows 7 installed in my primary hard drive with Boot Camp in respective partitions. The Boot Camp process limits the partitions to these two, so first I needed to create an extra partition on my internal hard drive.
  3. I shrank the OS X partition with Disk Utility. I actually first created a bootable DVD with iDefrag, and ran it to compact the data in the OS X partition, as there was some data stuck at almost the end of the partition. Then I ran Disk Utility from Snow Leopard's Installation DVD to really make sure that the repartitioning went OK without system files being in use. For me, I created a 60GB partition between the two operating systems just by dragging the partition smaller in Disk Utility's partition view.
  4. I then used Disk Utility to create and erase (format) the new partition in FAT-32 format. I ended up with this, because it is the most hassle-free solution in terms of read/write ability and permission management with encrypted volumes. The downside is the limit of 4GB file size.
  5. I then installed TrueCrypt 6.3a in both OS X and Windows. From OS X, I encrypted the FAT partition in place to create an encrypted FAT partition. I didn't go with the volume file option, as I really wanted this to act as a separate partition for both operating systems (although I think the end result is pretty much the same).
  6. In OS X, I used Automator to create an application on the desktop for mounting the encrypted volume. Basically, it runs a shell script with contents /Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt --mount /dev/rdisk0s3 /Volumes/Data.
  7. In Windows 7, I kept the option to automatically mount favorite volumes at startup checked. However, I'm probably going to create a similar script for the Windows 7 desktop, as I hate entering the volume password at every startup.
The result seems to work just fine. There are only a couple of improvements I would like to make, or get advice on making:

Comments (0)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20091202030343252