TR Forums

Does anybody know if Truecrypt supports encrypting a dynamically expanding virtual machine volume?
I have a Thin Provisioned disk in a VMWare Fusion VM and want to apply encryption to the entire volume.

Jon wrote:

Does anybody know if Truecrypt supports encrypting a dynamically expanding virtual machine volume?
I have a Thin Provisioned disk in a VMWare Fusion VM and want to apply encryption to the entire volume.

I assume you are asking if you can encrypt a thinly provisioned volume without it growing to the size of its provisioning. As I understand it, if you enable "Quick Format" at volume creation, it will not write random data to the entire volume and only encrypt data written to the volume. The down side is that you can tell where the encrypted data ends on the volume and therefore how much data there is. You also cannot effectively implement a hidden partition in this volume.

If "Quick Format" is turned off, then truecrypt is going to write random data across the entire volume and will expand your thin provisioned disk to its maximum size.

--SS

I think he meant the other direction, with a VMware disk inside a TrueCrypt volume.

A TC volume has a set, fixed size. Your VM volume will be free to grow to that size, but will get "out of space on device" messages once the TC volume is full. TC does not grow volumes.

Also, this is a poor fit from a security standpoint. VMware is very "leaky", with info from inside the VM being accessible in a number of locations and different files.