1
Is it possible to completely encrypt a drive using TrueCrypt and then being able to decrypt it using a keyfile at boot time?
Gabriel
Posted 2014-01-10T04:34:03.480
Reputation: 13
Is there a way to use a keyfile with TrueCrypt full disk encryption?
Answers
1
Well, you obviously wouldn't want to keep your keyfile on the same physical disk your data is on.
One way to do this is using a device called a YubiKey, which costs about 25 bucks. There are probably ways to do this using a normal USB. Basically the YubiKey comes with a program that allows you to put up to a 64-bit key on it, and the instructions for that are located here. When you log on your computer and are prompted for a password, you would plug in your YubiKey, and when the green dot is glowing steadily press the gold disk to enter your password. You can keep your YubiKey in a location such as your key ring, some supersecrethidden place in your house, or whatever works for your security needs.
cutrightjm
Posted 2014-01-10T04:34:03.480
Reputation: 3 966
But is there actually a way to be able to select a keyfile from a USB drive using the TrueCrypt menu that appear at boot time? – Gabriel – 2014-01-10T05:55:30.700
I don't know as I don't use full disk encryption - if you're still unsure as to the answer, please don't select it. Read this article, though: http://www.truecrypt.org/docs/keyfiles
– cutrightjm – 2014-01-10T06:45:02.650