Re: Bitlocker and Linux

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Stephen Partington
Date:  
To: Main PLUG discussion list
Subject: Re: Bitlocker and Linux
When i did this. just to boot, Linux of windows I had to unlock bitlocker.
Its on my list of projects to try this again. i jsut ned to get a machine
together to run the experiment.

On Mon, Oct 17, 2016 at 8:23 PM, Brien Dieterle <> wrote:

> I don't see anything there about centrally managed full disk encryption
> for Linux with bitlocker. There are products out there but no way a shop
> is going to invest in multiplatform solution just for one person. I would
> look at doing native Linux encryption (whatever the distro offers during
> installation) and turn the key over to IT. That might satisfy the
> insurance requirement without having a managed solution for Linux.
>
> On Oct 17, 2016 7:50 PM, "Stephen Partington" <>
> wrote:
>
>> Incorrect, I have done this with Ubuntu. It requires you to turn over the
>> initial boot records to windows and use an application like EasyBCD to
>> manage them. but it provides full bitlocker compatibility with Linux.
>>
>> See method 3 from this post for a baseline. http://social.techne
>> t.microsoft.com/wiki/contents/articles/9528.how-to-multiboot
>> -with-bitlocker-tpm-and-a-non-windows-os.aspx
>>
>> I have done this with windows 7, Have not tried it with windows 10.
>>
>> On Mon, Oct 17, 2016 at 4:41 PM, Nathan England <> wrote:
>>
>>>
>>>
>>> I asked my IT department a question today and may have opened pandora's
>>> box.
>>>
>>> I've been allowed to run Fedora on my company laptop for a couple of
>>> years now. I am using a personal hard drive for Fedora that way if I
>>> needed to I could put the original Windows drive back in and access what
>>> ever I needed.
>>>
>>> I haven't used my Windows drive in over a year now and it's causing some
>>> issues with corporate AD and the anti-virus. So I requested installing
>>> windows in a VirtualBox and having corporate IT join it to the domain,
>>> install av, office suite, and the other stuff I may need but likely
>>> never will use, and then I can easily boot it once a week to keep my av
>>> up to date.
>>>
>>> The response was that our insurance requires the use of Bitlocker.
>>> Full stop...
>>>
>>> Their potential solution is to partition the drive to have Windows and
>>> Linux but both be encrypted with Bitlocker so they could access the
>>> drive contents should I ever leave or die or what ever...
>>>
>>> I realize encrypting the linux partition with bitlocker is not likely
>>> ever going to happen (right?) but are there corporate linux systems that
>>> allow IT access to encrypted volumes like Bitlocker and AD?
>>>
>>> I feel dirty even asking this. Doesn't this defeat the entire purpose of
>>> encryption to begin with? ugh... I guess it makes sense, but it sounds
>>> like inferior by design.
>>>
>>>
>>> - --
>>> ~~~~~~~~~~~~~~~~~~~~~~~~
>>> Nathan England
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list -
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>>
>> --
>> A mouse trap, placed on top of your alarm clock, will prevent you from
>> rolling over and going back to sleep after you hit the snooze button.
>>
>> Stephen
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>




--
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss