I don't see anything there about centrally managed full disk encryption for Linux with bitlocker. There are products out there but no way a shop is going to invest in multiplatform solution just for one person. I would look at doing native Linux encryption (whatever the distro offers during installation) and turn the key over to IT. That might satisfy the insurance requirement without having a managed solution for Linux. On Oct 17, 2016 7:50 PM, "Stephen Partington" wrote: > Incorrect, I have done this with Ubuntu. It requires you to turn over the > initial boot records to windows and use an application like EasyBCD to > manage them. but it provides full bitlocker compatibility with Linux. > > See method 3 from this post for a baseline. http://social. > technet.microsoft.com/wiki/contents/articles/9528.how-to- > multiboot-with-bitlocker-tpm-and-a-non-windows-os.aspx > > I have done this with windows 7, Have not tried it with windows 10. > > On Mon, Oct 17, 2016 at 4:41 PM, Nathan England wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> >> I asked my IT department a question today and may have opened pandora's >> box. >> >> I've been allowed to run Fedora on my company laptop for a couple of >> years now. I am using a personal hard drive for Fedora that way if I >> needed to I could put the original Windows drive back in and access what >> ever I needed. >> >> I haven't used my Windows drive in over a year now and it's causing some >> issues with corporate AD and the anti-virus. So I requested installing >> windows in a VirtualBox and having corporate IT join it to the domain, >> install av, office suite, and the other stuff I may need but likely >> never will use, and then I can easily boot it once a week to keep my av >> up to date. >> >> The response was that our insurance requires the use of Bitlocker. >> Full stop... >> >> Their potential solution is to partition the drive to have Windows and >> Linux but both be encrypted with Bitlocker so they could access the >> drive contents should I ever leave or die or what ever... >> >> I realize encrypting the linux partition with bitlocker is not likely >> ever going to happen (right?) but are there corporate linux systems that >> allow IT access to encrypted volumes like Bitlocker and AD? >> >> I feel dirty even asking this. Doesn't this defeat the entire purpose of >> encryption to begin with? ugh... I guess it makes sense, but it sounds >> like inferior by design. >> >> >> - -- >> ~~~~~~~~~~~~~~~~~~~~~~~~ >> Nathan England >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEcBAEBAgAGBQJYBWGMAAoJEOuk7+DwYjzgSIYH/3EtMISD68n5d88CX6XDctYT >> TcJLb00AVw5TvlK/+aLaMCu6EmkaZlDW+1KMk5pYvxV7MMhdPxKq1+tYbFh17JFG >> G7DWeXUvEC+tGUmy2fvhBGAyaBC5XWNiXkbmWq+g8D6yKzG90P9rjVn3bL7Yw8P3 >> 8c/CyrncOF50yZieSedDgNPtfb2QWnPmaE0O43CcqTFihAN+5JSViV40YacCMTgS >> 0raKYspau6hbB9lnWg2ScQx0zIvFJvpIE0xwIYPkBDYGtitHm3YoTaFmv3KFsrV6 >> OV/X/EOdurtWdsTwxjM2b6qI7ng0P4/xuSdedoK4jH86AnaKZGTy4Ox4OOidCvU= >> =HOWo >> -----END PGP SIGNATURE----- >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss >