Skip to main content

Drives

Drives Overview

Virtual encrypted hard drives (or drives within tiCrypt) are container files that act similarly to a physical hard drive. Like a physical hard drive, a virtual hard drive file contains a file system that can have an operating system, applications, and data.

Virtual hard drive files are usually attached to virtual machines and function as systems or data drives for the VM.

Drives can be in either read-only or read-write mode.

info

Research data is saved on the drives attached to the user's virtual machine. Not on the virtual machines themselves.

tip

Always ensure that at least one drive is attached to a working virtual machine to save one's work.

View All Drives

To view all drives navigate to the tab in the section.

  • Click the Create new drive icon located in the top right corner.
  • On the right, view all existing drives you can access.
  • Each drive has the name, project, owner name, format, capacity, creation date, last attached to VM date, whether it is writable, and currently attached in the table.
  • Optionally, click refresh to update the drive table data.
  • Additionally, click Three Dots on the right to view drive options.

Create a Drive

To create a drive navigate to the tab in the section.

  • Click the Drive table view icon located in the top center.
  • In the prompt, type the name of the drive and the team who will use the drive.
  • Optionally, select the project you want to tag your drive to.
  • Select the realm and the maximum drive capacity.
  • Select the format for Windows or Linux.
  • Click on in the lower right corner to create a new drive.

If a user does not select a project, the project defaults to the Unlocked project which is a project with no security levels.

After a drive has been created, it will appear in the tab in the panel. Drives may be set in either read-write or read-only only when they are attached to a virtual machine.

tip

We advise creating drives larger than 3 GB.

note
  • You can select between the EXT4 (Linux Only), BTRFS & ZFS (Linux only) or NTFS (Windows only) drive formats upon creation.
  • For BTRFS you have three compression algorithms:
    • ZLIB: slower, higher compression ratio
    • LZO: faster compression and decompression than ZLIB, worse compression ratio
    • ZSTD: compression comparable to ZLIB with higher compression/decompression speeds

Create an External Drive Manifest

note

The following action requires admin permissions.

The external drive manifest allows you to move substantial amounts of data from an old machine into the tiCrypt-secured environment. Performing this action will create a virtual external drive, populate it, seal it and transport it encrypted into tiCrypt. The following events take place:

  • A local hard drive is created in the tiCrypt interface.
  • Harddrive metadata is stored securely.
  • Private and Public keys are generated appropriately.

To create an external drive manifest navigate to the tab in the section.

  • Click the Create external drive manifest icon located in the top center.
  • In the prompt, type the name of the external drive manifest.
  • Type the maximum drive capacity.
  • Type the block size of the drive.
  • Select the realm.
  • Select a team who will use the external drive manifest.
  • Optionally, select a project for the drive.
  • Select the drive access mode.
  • Select whether to use direct IO to manage your cache.
  • Click .
note

Configs include the given external drive manifest name and are downloaded in .json format.

Edit a Drive

Users have limited ability to edit a drive in read-only mode.

To perform edits to a drive, you need to set the drive in read-write mode.

To edit a drive navigate to the tab in the section.

  • Select the drive you want to edit.
  • Click the Three Dots on the right.
  • Click the Edit name option.
  • In the prompt, edit the name of the drive.
  • Click in the lower right corner to update the drive.
info

Once a drive is created, the capacity, team, and project may not be altered. The only things that can be changed are the additional read-and-write drives that can be mounted.

Change Project in a Drive

note

The following action requires admin permissions.

To change project in a drive navigate to the tab in the section.

  • Select the drive you want to change the project for.
  • Click the Three Dots on the right.
  • Click the Change project option.
  • In the prompt, select the project tagging the drive.
  • Click .
info

When you tick the box "Use my permission to override..." in the prompt, you are forcing your admin privileges to classify/declassify a drive. This is recorded in the audit logs and may be performed by super-admin roles only.

Share a Drive

Drives attached to the VM can be shared in either read-only or read-write mode. In read-only mode, the drive is accessible to all users who need to access it. However, when sharing in read-write mode, it is recommended to restrict access to only the co-owners of the drive, as other users could potentially take control of the shared drive with read-write privileges.

note
  • Read-only mode will share read-only drive keys with the respective users.
  • Read-write mode will share read-write drive keys with the respective users.

To share a drive navigate to the tab in the section.

  • Select the drive you would like to share.
  • Click the Share icon located in the top right corner.
  • In the prompt, type the name of the users/groups you want to share the drive with.
  • Select the read-only mode.
  • Alternativelly, in particular scenarios select the read-write mode.
  • Click .
    • Optionally, use the same process to add more users/groups.
  • Once you finished, click in the lower right corner.

Unshare a Drive

To unshare a drive navigate to the tab in the section.

  • Select the drive you would like to unshare.
  • Click the Share icon located in the top right corner.
  • In the prompt,view the name of the users/groups you want to unshare the drive with.
  • Click the Delete button on the right of the user/group.
  • Click .

Unshare from Everyone Else

note

If you are a drive owner, you can unshare a drive from everyone else.

To unshare a drive from everyone else navigate to the tab in the section.

  • Select the drive you want to unshare from everyone else.
  • Click the Three Dots on the right.
  • Click the Unshare from everyone else option.
  • In the prompt, edit the name of the drive.
  • Click .

Drive Modes

Drives can be mounted in two modes: read-only or read-and-write.

Only the user who mounted it can use it when a drive is mounted as read-and-write. However, the user can share it as read-and-write or write-only with another user. The shared user cannot use the drive unless the original user unmounts it. Once the original user unmounts the drive, the shared user can use it as read-only or read-and-write.

A drive mounted as read-only can be shared with any number of people as read-only without the need for the original user to unmount it. However, the original user cannot share it as write-only or read-and-write.

info

This description excludes the project restrictions that may interfere with this process. For more about this, visit the tiCrypt Project Hierarchy Tree in the Projects section.

Attach and Mount Read-Write Drive

To attach and mount a read-write drive navigate to the tab in the section.

  • Select the virtual machine you want to attach and mount the drive to.
  • Scroll down and click the Drive Management card.
  • Click the button.
  • In the prompt, in the Read-Write field type the name of the drive you want to attach to the VM.
  • Tick the checkbox Add drive(s) to the VM configuration and share drive(s) with co-owners.
  • Click .
  • Next, type your password.
  • In the prompt, click .
  • Your drive is now automatically attached and mounted in read-write mode.

Attach and Mount Read-Only Drive

To attach and mount a read-only drive navigate to the tab in the section.

  • Select the virtual machine you want to attach and mount the drive to.
  • Scroll down and click the Drive Management card.
  • Click the button.
  • In the prompt, in the Read-Only field type the name of the drive you want to attach to the VM.
  • Tick the checkbox Add drive(s) to the VM configuration and share drive(s) with co-owners.
  • Click .
  • Your drive is now automatically attached and mounted in read-only mode.

Transfer Drive Ownership

caution
  • To transfer ownership of a drive, you must first share the drive with the new owner in read-write mode.
  • To perform this action you must be a drive-owner.

To transfer drive ownership navigate to the tab in the section.

  • Select the drive you want to transfer ownership of.
  • Click the Three Dots on the right.
  • Click the Transfer ownership option.
  • In the prompt, type the name of the new drive owner.
  • Click .

Contact Drive Users (Bulk Email)

To contact drive users navigate to the tab in the section.

  • Select the drive you want to contact the users of.
  • Click the Three Dots on the right.
  • Click the Bulk Email option.
  • In the prompt, click to copy the email addresses of drive users.
  • Optionally, click to download the email addresses in a CSV format.
  • Click .
info

By checking the box Prefer contact email? you will be displayed the contact email addresses of drive users instead of their email accounts they used to register in tiCrypt.

Copy Drive ID

note

Copying a drive ID may be useful for system admins if they need to identify a certain drive or perform debug operations.

To copy drive ID navigate to the tab in the section.

  • Select the drive you want to copy the ID of.
  • Scroll down the drive details on the right.
  • Click .

Detach a Drive

note

Detaching drives may only be available to drive owners or admins who have the appropriate read-write permissions.

To detach a drive navigate to the tab in the section.

  • Select the virtual machine you want to detach the drive from.
  • Click on the card in the right panel.
  • Select the drive you want to detach.
  • Click Detach button on the right.
  • Click .

Drive owners will view a warning message when trying to detach a drive. This action should be done after the VM has been disconnected.

danger
  • It is not recommended to detach drives from a running virtual machine. This action can result in a crashed virtual machine.
  • You must have your drive unmounted to detach it.
tip

You can unmount a drive by clicking the Drive key icon on the right side of the drive.

Delete a Drive

caution

You cannot delete drives that are currently attached to a VM. You must unmount the drive from the VM first.

To delete a drive navigate to the tab in the section.

  • Select the drive you want to delete.
  • Click the Three Dots on the right.
  • Click the Delete option.
  • In the prompt, re-type the name of the drive.
  • Click in the lower right corner to delete the drive.