10.6: Create a shared Boot Camp/OS X encrypted partition
Dec 11, '09 07:30:00AM • Contributed by: TudorIceborg
Dec 11, '09 07:30:00AM • Contributed by: TudorIceborg
This hint describes how to create an extra, encrypted FAT-32 partition on a MacBook Pro running Boot Camp with Snow Leopard and Windows 7 already in place. This partition can be accessed with read/write permissions from both the OS X and Windows side of the system.
Notice! This hint deals with partitioning and formatting, so you are at all times in a risk of losing your data. Please, create backups before you start to do anything!
- Back up everything!
- I already had Snow Leopard and Windows 7 installed in my primary hard drive with Boot Camp in respective partitions. The Boot Camp process limits the partitions to these two, so first I needed to create an extra partition on my internal hard drive.
- I shrank the OS X partition with Disk Utility. I actually first created a bootable DVD with iDefrag, and ran it to compact the data in the OS X partition, as there was some data stuck at almost the end of the partition. Then I ran Disk Utility from Snow Leopard's Installation DVD to really make sure that the repartitioning went OK without system files being in use. For me, I created a 60GB partition between the two operating systems just by dragging the partition smaller in Disk Utility's partition view.
- I then used Disk Utility to create and erase (format) the new partition in FAT-32 format. I ended up with this, because it is the most hassle-free solution in terms of read/write ability and permission management with encrypted volumes. The downside is the limit of 4GB file size.
- I then installed TrueCrypt 6.3a in both OS X and Windows. From OS X, I encrypted the FAT partition in place to create an encrypted FAT partition. I didn't go with the volume file option, as I really wanted this to act as a separate partition for both operating systems (although I think the end result is pretty much the same).
- In OS X, I used Automator to create an application on the desktop for mounting the encrypted volume. Basically, it runs a shell script with contents /Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt --mount /dev/rdisk0s3 /Volumes/Data.
- In Windows 7, I kept the option to automatically mount favorite volumes at startup checked. However, I'm probably going to create a similar script for the Windows 7 desktop, as I hate entering the volume password at every startup.
- Automated mounting and password with login credentials. My ambition is really just to encrypt data from access outside the OS (bootable media, etc.). So far, I haven't found a solution for this, and I have to give passwords every time I want to access the volume.
- NTFS or HFS as the file system. I tried all possible options here, as Windows 7 with Boot Camp is able to read/write HFS, and OS X 10.6 has support for read/write NTFS (it didn't work for me, though). I never got this to work even with Paragon or MacFUSE as there were always some problems with write ability -- even with permissions set to owner for Everyone, etc.
•
[12,400 views]
