Solved

Truecrypt boots to black screen on server 2008 r2

Posted on 2013-11-08
6
692 Views
Last Modified: 2015-02-08
I'd thought i would take a chance by asking this question here as well as the truecrypt forum.

I have a medical business customer that wants the entire hdd drive on their server encrypted.  Easy enough right?  well so i encrypt using truecrypt.  everything works great.  about 3 weeks later though the server when it boots up stops at the truecrypt boot up screen wanting the password.  and once you put the password in, it begins booting up.  i see the windows logo with the scrolling from left to right at the bottom of the screen.  that logo then dissapears and a black screen shows up.  and it sits there never coming to the blue ctrl-alt-del screen.  
        so i decrypted the system and it boots fine now.  but this hdd needs to be encrypted so i went through the motions of re-encrypting the hdd and i reburned the rescue disc and truecrypt wants to do the pretest of rebooting.  when i reboot, again it stop at a black screen.  at the black screen the server hdd light is blinking to show activity, but i let it sit for 3 hrs and nothing.  I then reset the computer and let it reboot and press esc instead of typing the password and the server boots up to windows only to tell me that truecrypt failed the pretest.  Any suggestions?
0
Comment
Question by:BNCAdmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 250 total points
ID: 39635009
Server HDD's are not typically encrypted in this way. you have to understand that Full Disk Encryption only protects data at rest, when the OS is not running. When it's booted, the HDD looks no different to a networked attacker or a trojan than any other running windows OS.
Have a look at my article here:
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

If the encryption is to protect against physical theft, then you want full disk encryption. If it's to comply with HIPAA, then you've not encrypted anything at all when the OS is running.
-rich
0
 
LVL 55

Accepted Solution

by:
McKnife earned 250 total points
ID: 39638204
You can of course use truecrypt for servers if you want to protect against theft. If it does not work out, uninstall truecrypt, reboot and try disk cryptor, a truecrypt spin-off.
If that does not work, take the built-in bitlocker.
0
 
LVL 1

Author Closing Comment

by:BNCAdmin
ID: 39656302
After reviewing the replies, we researched the built-in bitlocker and decided to install this option.  This was completed this weekend and will be delivered to the customer today.  

Thanks for the replies.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 55

Expert Comment

by:McKnife
ID: 39656378
Ok.

Make your customer aware that with a fully encrypted system, any reboot will require the passphrase, so any automatic bluescreen-reboot, too! Unless you used a TPM without PIN.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39656409
And the encryption is only protecting the drives from theft :) The data is not safer when the OS is running.
-rich
0
 

Expert Comment

by:peteviti
ID: 40597565
I installed true crypt. I did not activate any encryption. But I rebooted and I now I have a black screen on all users. How do I turn off black screen? Please help pete.viti@gmail.com
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question