I think it's always good to carry a rescue operating system, like
Ultimate Boot CD for Linux or
UBCD for Windows. Personally I like
Grml, debian-based, 32/64 bits and it can be installed on USB.
Booting from CD/USB is as simple as embedding
syslinux, a
kernel, an
initrd and give it a filesystem. The filesystem can be stored on the CD/USB (usually as a
squashfs file), but you can also point to a local filesystem. This way, you can have a fully encrypted local disk and boot (kernel+initrd) from CD/USB. And good news, this is not specific to Linux! If you use TrueCrypt on Windows, you can chain syslinux to
grub4dos and boot from your
TrueCrypt Rescue Disk ISO file.
Since TrueCrypt does not use the
TPM (unlike
BitLocker) and Linux solutions (e.g.
TrustedGrub) are not yet ready, this simple workaround allows you to protect against tampering of the non-encrypted disk portions (mbr, /boot), because this part of the boot chain is on the USB key.
This post will describe how to set up a USB disk with grml32/64, grub4dos for TrueCrypt Rescue Disks, a Linux /boot and how to add other live CDs.