Professional Documents
Culture Documents
encrypted or not the resulting SafeBoot Aware CD can also still be used on standard non-SafeBoot PCs
3. txtsetup.oem File Create a text file called txtsetup.oem and enter the following content:
# # # # # --------------------------------------------------------------SafeBoot Encryption drivers for Windows Text-Mode Setup Copyright 1991 - 2005 Control Break International ---------------------------------------------------------------
[Disks] d1 ="SafeBoot Encryption Subsystem Installation Disk",sbTag,"" [Defaults] SCSI=SBALG [SCSI] SBALG="SafeBoot Encryption driver" [Files.SCSI.sbalg] driver=d1, SBALG.SYS, SBALG
4. Modifying txtsetup.sif Extract the file txtsetup.sif from your ISO image using the ISO Editor you can find it in the i386 folder. Edit the file in notepad and add the following lines to the end/bottom of the file:
[SourceDisksfiles] safeboot.sys = 1,,,,,,3_,4,0,0,,1,4 [BootBusExtenders.Load] sbalg = sbalg.sys safeboot = safeboot.sys [BootBusExtenders] safeboot = "Safeboot Encryption SubSys",files.none,safeboot
Put the modified file back into the ISO Image in the i386 directory.
5. Modifying winpeoem.sif Extract the file winpeoem.sif from your ISO image using the ISO Editor you can find it in the i386\System32 folder. Edit the file in notepad and add the following lines to the end/bottom of the file:
[massstoragedrivers.append] SBALG=SBALG.SYS [OemDriverParams] OemDriverDirs=SAFEBOOT OemDriverRoot=
6. Modifying the Registry Extract the file setupreg.hiv from the i386\System32 folder of your CD image. Using Regedit.exe 1. 2. 3. 4. select the Hkey_Local_Machine hive select Load Hive file menu select the setupreg.hiv file you extracted above and click OK enter a key name of SafeBoot
Import the registry file just created. You will see in the registry editor that the entries are added in the safeboot hive.
Unload the hive by clicking on it and select unload hive from the file menu, copy the file setupreg.hiv back into the i386/system32 folder of your ISO image. 7. Inserting the Driver Files Copy the following files from a current working SafeBoot clients system32\drivers directory to the i386\system32\drivers directory of the ISO image: safeboot.sys rsvlock.sys sbalg.sys
The operating system of the client you copy these from should be the same as the operating system of the boot CD you are creating. You also need to copy the winTech.exe and support files to your CD: Program Files\SafeBoot\WinTech.exe Program Files\SafeBoot\SBComms.dll Program Files\SafeBoot\SBDBMGR.dll Program Files\SafeBoot\SBUILib.dll Program Files\SafeBoot\SBXFERDB.dll Program Files\SafeBoot\SBAlgs\SBAlg.dll (appropriate version for your environment) 8. A Summary of the Modifications The following files in your ISO Image should now have been modified: I386\txtsetup.sif I386\system32\winpeoem.sif I386\system32\setupreg.hiv I386\system32\safeboot\sbtag I386\system32\safeboot\txtsetup.oem I386\system32\drivers\safeboot.sys I386\system32\drivers\sbalg.sys I386\system32\drivers\rsvlock.sys Program Files\SafeBoot\ directory
9. Burn the ISO Image There are no more changes to be made. You can now burn your modified ISO Image. Test it works as a normal Boot CD on a machine without SafeBoot installed to ensure the modifications are correct.
10. Using your Modified CD on a SafeBoot Machine To access the original hard disk, you need to use the winTech tool installed in the programs start menu., or wherever you placed it on your CD image. Simply follow the prompts within the tool to select the drive you want to open. You will need to submit a machine export from your SafeBoot Administrator system to the tool this contains the key material needed to unlock the drive. You can obtain the machine export by right-clicking the machine in SafeBoot Administration, and selecting Export Machine. There is no need to include users or files. If all the modifications were made correctly, the boot-cd will allow you to access the hard disks on your machine as if they were not encrypted.