this post was submitted on 29 Dec 2023
19 points (95.2% liked)

Linux

48311 readers
875 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I recently created a HD for dual boot Win 11 and Pop Os. I created a shared partition for Data, and separate partitions for the respective OS. I used gParted to create the partitions. It looks like Win then added bitlocker to this data partition.

(It's not really encrypted, I guess, because I didn't create a microsoft account, and didn't receive a recovery key)

So now I can't access that partition when booted into Pop OS without entering a password (which I don't have).

I'm wondering a couple of things: what's the best practice in these scenarios? Have the shared data drive not be encrypted with Bitlocker? If so, is there something else that should be done for security purposes? If not, it looks like using Dislocker is a common solution to access the drive in Linux?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 10 months ago (3 children)

Thank you! I think part of what I'm curious to hear input on is whether I should disable bitlocker for that shared data partition. Any thoughts? Is it a best practice to have it on?

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago) (2 children)

If you keep Bitlocker enabled on that partition you will have to enter the recovery key everytime you boot into your Linux partition. Since you don't have that key backed up you'll need to turn it off and then re-enable it if you wish to continue to use Bitlocker.

If you manually enable bitlocker you will be prompted to back up the key with a few different options: to a file (but if I recall you'll need to save the file to a drive that isn't be encrypted by Bitlocker) or to a Microsoft account.

To answer your question regarding best practice, Full Disk Encryption is best practice. Now to achieve that in Windows you use Bitlocker, Linux there is Luks, and macOS has filevault.

If your machine isn't going anywhere outside your home then it's not as big of a deal if the drive isn't encrypted.

Regarding your situation FDE is going to be a bit of a pain whether you use Bitlocker or Luks. I suggest using db2's suggestion and run a VM creating a shared folder between host and guest. Then you can encrypt the entire drive using the best encryption tool for the host OS (which I suggest be Linux).

Edit: Replaced the 'b' with a space between "db2's" and "suggestion"

[–] [email protected] 2 points 10 months ago (1 children)

I appreciate the additional info. Since I want to make Linux primary (one of my two main points in this little project is getting familiar with Linux!), I'll look into Luks for that partition

The db2 / vm suggestion is a little over my head, currently, but I'll research that as well!

[–] [email protected] 1 points 10 months ago

Also, bitlocker is not the only disk encryption software for Windows. It's just the built in one. If you wanted, you could use something like Veracrypt which is open source and will play nicely with all your OSes.