Wednesday, September 21, 2011

USB drive daily usage: encrypt & sync

As I described in a previous post, I advise the Rohos Mini Drive to be used on a USB Stick for daily usage. It does everything you can expect from an encryption tool, but has the benefit to have a unique non-admin account support with Rohos Disk Browser. But for a user friendly daily usage of a USB drive, an automated synchronization process is required on top of a safe encryption mechanism: you always want the latest version of your files to be available on your own pc and USB stick. If you change anything on any location, all files should get updated immediately.

For this I combine the strength of Rohos Mini Drive with GoodSync. GoodSync can be configured to monitor if a USB stick is attached to your system. If it detects the encrypted disk, it needs to launch the Rohos Mini Drive to give access to the encrypted files. Once the encrypted files are accessible by your PC, the files should be synchronized automatically. Since Rohos Mini Drive provides access to the files as a new virtual disk, GoodSynch can be configured to be launched as soon as this virtual disk becomes available. And at that moment, the full synchronization features of GoodSync can be started to make sure all latest versions of your files are available on your PC and on your USB stick.

So the only missing part in this process, was the need to launch Rohos Mini Drive and mount the virtual disk automatically. I solved this using the little batch script below. It will find the correct drive, launch Rohos Mini Drive to mount the encrypted disk. The user will need to provide the password. Once the correct password is provided, the encrypted drive will be mounted (become available in Windows Explorer).

GoodSync is configured to launch the batch script as soon as the USB stick is connected. The batch script will mount the encrypted disk and another GoodSync job will detect this virtual encrypted disk to become available. In this GoodSync job, the synchronisation of the local folder and encrypted USB Stick folder is configured.

Some screenshots of the different configurations:

@echo off
set PROCESS_NAME=Rohos Mini.exe
tasklist /FI "IMAGENAME eq %PROCESS_NAME%" 2>NUL | find /I /N "%PROCESS_NAME%">NUL


set _Target=NotFound

for /f usebackq %%a in (`Drives.exe -f %USB_STICK_NAME%`) do set _Target=%%a
if "%_Target%" == "NotFound" (
echo Unable to find target drive named "%USB_STICK_NAME%"
goto :EOF
start "Rohos" "%_Target%\%PROCESS_NAME%"

Update 06/11/2012: I moved to using EncFS to encrypt my files on Windows/Cloud/Android instead of using Rohos Mini Drive. Rohos had some compatibility issues with Windows 7. This good blogpost describes all tools needed to get started with EncFS on different environments. I’m only missing a decent portable solution that could work without admin rights.