File Share Encryption

 View Only

  • 1.  Cannot access encrypted drive after cloning

    Posted Jan 08, 2015 09:12 AM

    Note:  I have seen other discussions about accessing a PGP encrypted drive from another system.  I think the difference in my case is that my system is standalone, not part of a domain, so the account I am using is defined only on the local system.

    My system disk has two partitions.  The entire drive is encrypted.

    I am moving my system disk from HDD to SSD.  I successfully cloned the encrypted drive thanks to Casper Secure Drive Backup.  I shutdown, switched the drives, and rebooted from the SSD.  All was good to this point.

    Next, I did a bit too much cleanup of old files and needed to pull a couple of deleted files off my original HDD. I mounted that old HDD in the spare drive tray (Lenovo laptop).  The first time started out Okay.  The drive was recognized and I got a prompt for the passphrase -- The passphrase was not accepted and I was prompted to reenter and that was rejected, as well.  (This is my main question/issue:  why wasn't the passphrase accepted?)

    Eventually, I rebooted without the HDD connected, connected the HDD, but now I do not get a prompt for a passphrase!  (This is now an additional issue: why don't I get a prompt to enter the passphrase?)

    Questions:
    1.  Is something cached that I need to clear so PGP will recognize the encrypted drive and prompt for the passphrase when the drive is connected?
    2.  Is there something else that I need to do to enter the passphrase correctly?  I'm logged into the same Windows account as was used to encrypt the HDD, originally.  The only difference is that now I'm booted from the SSD clone of that HDD.  The rest of the HW is identical.

    Obviously, there are other ways to get a few files off the HDD, in this case, but I still need a solution, especially for the more general case of encrypting a non-system portable drive on one system then connecting that to and accessing from a different system.  In my case, I have two licenses for Symantec Encryption Desktop and want to be able to use the same encrypted portable drive on both systems (one at a time, of course).

     



  • 2.  RE: Cannot access encrypted drive after cloning

    Posted Jan 08, 2015 10:26 AM

    If you have not changed the Windows passphrase since the time you cloned the HDD, it should still be the same as your Windows passphrase.  If you have done nothing else with that drive after cloning it other than swap drive bays, I wouldn't think anything should be wrong with the drive and Bootguard, or the user access list.

    It could be that since you are now using a different bay, with a different port, that you are using a different storage controller for the HDD, which may not have up to date drivers.  That could cause an issue with reading/writing to/accessing the disk.  This could also potentially be the cause of it not asking for the passphrase.

    Have you tried booting from the HDD to see what results you get there?  You may still be able to log in if you boot from it directly.

    When you open Symantec Encryption Desktop, on the PGP Disk tab, does it show both drives?  Do both appear encrypted according to the GUI (should have padlock icons next to them)?  When you click on the drive, does it show users on the disk in the space below?

     



  • 3.  RE: Cannot access encrypted drive after cloning

    Posted Jan 08, 2015 04:58 PM

    Mike,

    I have not changed the passphrase.  However, since my original post I realized that the clone of the active partition was unencrypted.  I encrypted the clone after booting it.  Same account and passphrase, but now running from the clone.

    About being on a differnt storage controller...  The first time I connected the old HDD drive I did get the prompt for passphrase, but now I do not.  So, I suspect that something is cached and needs to be cleared, perhaps from the registry.  Since my original post, I tried rebooting from the SSD but this time with the HDD already connected.  In that case, I logged in and immediately got the passphrase prompt for the HDD twice, apparently once for each of the two partitions on that HDD.  So, now the two partitions some up as drives but I cannot access the filesystem with Windows Explorer.  Disk Manager reports that those partitions have to be formated before they can be accessed.  That's where I'm stuck, at the moment.

    The HDD boots and functions fine when I switch out the SSD and put the old HDD back in the main drive bay.

    Back to where I am now.  (Boot from SSD while HDD is connected, enter passphrase twice but cannot access content on that HDD).  Symantec Encryption Desktop, PGP Disk tab, does show both drives.  Both are indicated as encrypted (padlock icons next to each of them).  When I click on the primary drive, the SSD, I see listed under users the one passphrase user that I created when I encrypted the drive.  The field immediately above that (labeled "Enter the username or email address of a key") is greyed out.   But, when I click on the old HDD drive I see that (same user name) but in this case the field just above is NOT greyed out. 

    At this point I'm stumped.  I did get the files I need off the HDD by booting from that drive and copying off to a separate external device then rebooted from the SSD and retrieved the files.  So, no emergency, but still looking for a solution so I can set up a single encrypted drive that I can move between two systems.