Re: Bitlocker and Linux

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Brien Dieterle
Date:  
To: Main PLUG discussion list
Subject: Re: Bitlocker and Linux
I don't see anything there about centrally managed full disk encryption for
Linux with bitlocker. There are products out there but no way a shop is
going to invest in multiplatform solution just for one person. I would
look at doing native Linux encryption (whatever the distro offers during
installation) and turn the key over to IT. That might satisfy the
insurance requirement without having a managed solution for Linux.

On Oct 17, 2016 7:50 PM, "Stephen Partington" <> wrote:

> Incorrect, I have done this with Ubuntu. It requires you to turn over the
> initial boot records to windows and use an application like EasyBCD to
> manage them. but it provides full bitlocker compatibility with Linux.
>
> See method 3 from this post for a baseline. http://social.
> technet.microsoft.com/wiki/contents/articles/9528.how-to-
> multiboot-with-bitlocker-tpm-and-a-non-windows-os.aspx
>
> I have done this with windows 7, Have not tried it with windows 10.
>
> On Mon, Oct 17, 2016 at 4:41 PM, Nathan England <> wrote:
>
>>
>>
>> I asked my IT department a question today and may have opened pandora's
>> box.
>>
>> I've been allowed to run Fedora on my company laptop for a couple of
>> years now. I am using a personal hard drive for Fedora that way if I
>> needed to I could put the original Windows drive back in and access what
>> ever I needed.
>>
>> I haven't used my Windows drive in over a year now and it's causing some
>> issues with corporate AD and the anti-virus. So I requested installing
>> windows in a VirtualBox and having corporate IT join it to the domain,
>> install av, office suite, and the other stuff I may need but likely
>> never will use, and then I can easily boot it once a week to keep my av
>> up to date.
>>
>> The response was that our insurance requires the use of Bitlocker.
>> Full stop...
>>
>> Their potential solution is to partition the drive to have Windows and
>> Linux but both be encrypted with Bitlocker so they could access the
>> drive contents should I ever leave or die or what ever...
>>
>> I realize encrypting the linux partition with bitlocker is not likely
>> ever going to happen (right?) but are there corporate linux systems that
>> allow IT access to encrypted volumes like Bitlocker and AD?
>>
>> I feel dirty even asking this. Doesn't this defeat the entire purpose of
>> encryption to begin with? ugh... I guess it makes sense, but it sounds
>> like inferior by design.
>>
>>
>> - --
>> ~~~~~~~~~~~~~~~~~~~~~~~~
>> Nathan England
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> --
> A mouse trap, placed on top of your alarm clock, will prevent you from
> rolling over and going back to sleep after you hit the snooze button.
>
> Stephen
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss