TrueCrypt is considered dead these days, but back when it was trusted this is a script I wrote to backup Windows Server (2008 and above) with TrueCrypt. It uses a loopback VHD (loopback file/drive) on a removable USB harddrive that it RAW formatted with TrueCrypt. That TrueCrypt volume then contains a large VHD file to the size of your backup volume.
How to configure it:
- Save the bat file on your server
- Format a (USB?) drive as a RAW TrueCrypt volume
- Mount the TrueCrypt partition
- Create a VHD volume with the filename: z:Backups.vhd within the TrueCrypt volume
- Mount the VHD volume as Z Drive
- Configure Windows Server Backup to use the Z Drive as a backup destination
- Unmount the VHD Volume
- Unmount the TrueCrypt volume
- Create the directories: C:backupscripts
How to use it:
With the above completed:
- Configure a scheduled task to run 10 minutes before your nightly backup job to run the backup script (Mount-truecrypt.bat)
- Eg. If your backup is to run at 11pm, configure the script to run at 10:50pm.
- Then after your backup finishes execute another scheduled task to UNmount the VHD and TrueCrypt volume (UNmount-truecrypt.bat)
Your done!
P.S. I’m not actually sure if this works with VeraCrypt but I think they have the same command line flags…. :-P
:: Truecrypt backup script written by Campbell McKenzie - www.cammckenzie.com :: ================================= :: == START Mount-truecrypt.bat == :: ================================= :: "Auto" mount the RAW TrueCrypt disk as drive Z: password 1234 eventcreate /L Application /T INFORMATION /SO Backup /ID 666 /D "Attempting to mount backup disks..." CD C:\Program Files\TrueCrypt TrueCrypt.exe /auto devices /q /lZ /p 1234 if '%errorlevel%' EQU '0' ( eventcreate /L Application /T SUCCESS /SO Backup /ID 666 /D "RAW Disk mounted on Z:\ " goto MountVHD ) else ( goto ERROR-TC ) :MountVHD :: Perform directory listing for Truecrypt Bugs dir z:\ > nul :: Create the scriptlet cd C:\backup\scripts echo sel vdisk file="Z:\Backups.vhd" >mount.diskpart echo attach vdisk >> mount.diskpart echo select partition 1 >> mount.diskpart echo assign letter=X >> mount.diskpart :: Run the cmdlet diskpart /s mount.diskpart if '%errorlevel%' EQU '0' ( eventcreate /L Application /T SUCCESS /SO Backup /ID 666 /D "Loopback VHD Disk mounted on X:\ - Mount Completed" goto TidyUp ) else ( goto ERROR-DP ) :TidyUp del /q mount.diskpart EXIT 0 :ERROR-TC eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "TrueCrypt Mount Failed..." EXIT 1 :ERROR-DP eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "Loopback VHD Disk mount Failed..." EXIT 1 :: REF: http://nicj.net/mounting-vhds-in-windows-7-from-a-command-line-script/ :: =============================== :: == END Mount-truecrypt.bat == :: ===============================
:: ================================== :: == START UNmount-truecrypt.bat == :: ================================== :: UnmountVHD.cmd eventcreate /L Application /T INFORMATION /SO Backup /ID 667 /D "Attempting to unmount backup disks..." cd C:\backup\scripts echo sel vdisk file="z:\Backups.vhd" >unmount.diskpart echo detach vdisk >>unmount.diskpart :: Run the cmdlet diskpart /s unmount.diskpart if '%errorlevel%' EQU '0' ( eventcreate /L Application /T SUCCESS /SO Backup /ID 667 /D "Loopback VHD Disk unmounted successfully..." goto UnmountTrueCrypt ) else ( goto ERROR-DP ) :: Unmount the RAW disk :UnmountTrueCrypt "C:\Program Files\TrueCrypt\TrueCrypt.exe" /d /q /s if '%errorlevel%' EQU '0' ( eventcreate /L Application /T SUCCESS /SO Backup /667 /D "RAW Disk unmounted successfully - Unmount Completed" goto TidyUp ) else ( goto ERROR-TC ) :TidyUp del /q unmount.diskpart EXIT 0 :ERROR-TC eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "TrueCrypt Unmount Failed..." EXIT 1 :ERROR-DP eventcreate /L Application /T ERROR /SO Backup /ID 666 /D "Loopback VHD Disk Unmount Failed..." EXIT 1 :: ================================== :: == END UNmount-truecrypt.bat == :: ==================================