Helping people with computers... one answer at a time.

Backing up TrueCrypt volumes should be possible with any backup software, especially when backing up the unmounted volume.

I've used several iterations of Acronis TrueImage over the years and have recently upgraded to Acronis TrueImage Home 2013. I've had some minor issues with waking the PC from sleep mode to run backups, etc., but nothing really that serious. However, in a recent back and forth with Acronis support, I've been told that I cannot use TrueCrypt with Acronis software. I don't get this and the language with their support guys makes it even more difficult to understand. What's more, I've already restored disk images with this software on two different occasions and everything seems to have restored correctly. What are they talking about?

In this excerpt from Answercast #77, I look at possible issues that backup programs, such as Acronis, may have in backing up encrypted volumes.

Backing up TrueCrypt volumes

To be honest, I'm not sure. Using TrueCrypt with any backup software - be it Acronis or Macrium or any of the others? I just don't see how there would be a problem.

There are two approaches that we might take. One is with the TrueCrypt containers not mounted; it's just a file! It's just another file on your hard disk - and the backup software should be able to backup "just another file."

If the TrueCrypt container is mounted, the only thing I can think of is potentially a small conflict if the backup software is trying to access the file "exclusively" - or what I would actually say is, "in the wrong way."

In other words, when TrueCrypt has your volume mounted, it actually has exclusive ownership of the file: the file on the "outside"; the container file. What that means is while TrueCrypt has it opened, you can't delete it. You can't write to it; you can't rename it; you can't do anything to it. You can do everything you want in the mounted "volume," but the actual volume file that contains all that is locked by TrueCrypt.

Maybe what they're concerned about is that Acronis can't access the file while it's mounted. There are technical work-arounds for them that they should be able to do, but maybe that's what they're concerned about.

Back up the encrypted contents

The other approach to backing up your TrueCrypt data is not to backup the container, but to actually backup the contents of the container.

What that means is that the TrueCrypt volume would be mounted and you would then instruct your backup software to backup the volume, the mounted container. So for example, if on my C drive I have Foo.tc (which is my TrueCrypt container), look at that and it's just encrypted noise.

When you mount it with TrueCrypt, TrueCrypt will assign a drive letter (I'll just say F) and if you then take a look at F, what you'll find is the contents of your TrueCrypt volume: all of the files within it. You could then backup the contents of F and you would be backing up the unencrypted files to your backup.

That's a very valid way of doing it - as long as you have your backups themselves properly secured in some other manner.

It's possible, I suppose, that Acronis doesn't like to backup mounted volumes like that. I'd be surprised, but it's possible.

Unmounted volumes are just a file

Ultimately, my approach has always been to backup the unmounted volume. In other words, the first scenario where what we're dealing with here is "just another file."

I know that some backup programs can use services, which will allow you to backup the file even if it's mounted. I'm not sure why Acronis wouldn't necessarily be using that.

So, I can hypothesize some issues that they might have with TrueCrypt, but ultimately, I'm not really sure what they're saying. In my opinion, the proof here is in the pudding. You've been doing it; it's been working for you. That's great!

You might want to double check that things are working properly since you upgraded to Acronis 2013, but ultimately, if it works, then I'm happy with what you've got running.

I am currently (as you know) recommending Macrium Reflect in lieu of Acronis, mostly because of Acronis' support. But I believe that Macrium also handles all of this properly as well.

(Transcript lightly edited for readability.)

Article C6119 - December 10, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

3 Comments
Arek Rydel
December 11, 2012 8:43 AM

It may have to do with an incremental backup. Acronis has an option to preserve a time stamp of a container unchanged even if its content was changed. In this case an incremental backup will not see a necessity to copy a new version of this container to the backup.

Arek Rydel
December 11, 2012 8:55 AM

Sorry about an error. Oviously I was writting in my previous post about an option in TrueCrypt not in Acronis!

Mark J
December 11, 2012 12:10 PM

By default, TrueCrypt preserves the time stamp of the TC volume as a security measure to make it appear that the file has not been updated. This is a problem also with using TrueCrypt volumes inside of DropBox folders. To get around this, the setting in TrueCrypt can be changed to allow the time stamp to be updated every time a file on that volume has been changed.
http://ask-leo.com/why_wont_my_truecrypt_volume_backup.html
http://ask-leo.com/how_do_you_run_truecrypt_with_dropbox.html

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.