bitlocker and linux

jpnilson

Active Member
Joined
Jul 31, 2021
Messages
123
Reaction score
67
Credits
1,087
I think I know the answer but is there a linux distribution that supports bitlocker? I know I just opened myself up to some microsoft bashing but I have already been doing that all day. I would have been successful but not interested in decrypting my drive. They combination of EUFI, secure boot and bitlocker resulted in an increadible waste of time.
 


Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
4,782
Reaction score
4,102
Credits
27,546
OP
J

jpnilson

Active Member
Joined
Jul 31, 2021
Messages
123
Reaction score
67
Credits
1,087
Yah I looked through most of that. The only way it works for the distributions I am aware with is to disable secure boot and disable bitlocker. I was just wondering if there was any distribution of linux that interacted with bitlocker. There appears to be hacks out there that would allow me to read an encrypted drive but no one really just supports running under bitlocker
 

gvisoc

Well-Known Member
Joined
May 29, 2020
Messages
433
Reaction score
507
Credits
4,442
No distribution forces you to disable bitlocker. The problem with bitlocker is caused by how Windows searches for the master key in the TPM. If you use Grub, it won’t find it and you will have to input the recovery key every time you boot on to Windows.

What I do is, instead using grub, use the UEFI boot menu when I want to boot other than my default. It only takes to press a key at the system’s POST.

For accessing the files when already running, I assume most distributions would support it pretty much out of the box. Fedora does.
 
OP
J

jpnilson

Active Member
Joined
Jul 31, 2021
Messages
123
Reaction score
67
Credits
1,087
Thanks I think for me it will be easier to use a vm. Maybe I will clear everything off start over with Ubuntu run vmware workstation and use windows 11 as a guest... :)
 

gvisoc

Well-Known Member
Joined
May 29, 2020
Messages
433
Reaction score
507
Credits
4,442
Just in case you consider trying my setup whenever that "Maybe" maybe happens, here it is:

It's on my desktop where I have that dual-non-dual boot I went through, just because I play games (not every so often nowadays), and Windows support for games is (still and sadly) far superior. Being the CPU something that can be stolen when I'm away, I prefer to have everything encrypted.

Therefore, I have both drives available to Windows 10 encrypted with bitlocker, and my Fedora 35 with LUKS/cryptfs like in the pictures below. As 99% of the times I boot into Fedora, the UEFI boot menu is not something that bothers me every time.
SSD.png

2TB.png

On my laptop (Fedora only) I haven't enabled LUKS/Cryptfs because the SSD has Opal, meaning that it has hardware encryption always-on: just by enabling a disk password at UEFI and enrolling my fingerprints does all the tricks, no matter the OS, transparently.

PS, also, on my laptop I have Windows 10 and 11 on virtual machines under VirtualBox; 10 for very specific emergencies (namely being able to put an iPhone in DFU mode) and 11 for tinkering. They work reasonably well, and as it allows you to passthrough the USB devices, it ticks so many boxes. I assume VMW Workstation would do either as good, or better.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top