16

I had a working dual-boot with Windows 10, bitlocker encrypted, and Fedora 23, LUKS encrypted. When I turned it on I got the GRUB2 menu, and could boot Linux or Windows. Both OSes worked fine. Both OSes were installed in UEFI mode.

Fedora 23 reached end of support life (and I had some annoying issues). I installed Fedora 25, erasing F23. After reinstall, FC25 works fine, but Windows asks for the Bitlocker recovery key on every boot. When I enter the key, Windows boots normally and works fine.

I've tried the "suspend bitlocker protection/resume protection" trick multiple times. It does not cause the new bitlocker hash/sig/whatever to be saved.

Googling gives me mostly information about grub2-install overwriting the MBR causing Bitlocker to balk, but I thought UEFI booting doesn't use the MBR? I can't figure out what advice applies to my situation or not -- do I need to restore the windows MBR even though I'm using UEFI boot, or would that break things even more? Both OSes are installed in UEFI mode.

To summarise: how can I make Bitlocker work without needing a recovery key on every boot?

Åsmund
  • 261
  • 2
  • 4
  • This doesn't answer directly your question but you could use veracrypt instead of bitlocker to encrypt your whole drive, that is both linux and windows – mhham Apr 28 '17 at 14:14
  • As far as I can tell, using Veracrypt for whole-drive encryption for Linux is not mentioned at all in the Veracrypt documentation. – Åsmund Apr 29 '17 at 09:03
  • I haven't tried it yet, but when encrypting whole drive using veracrypt you have a multiboot option which allows you to encrypt a ws/linux dual boot system – mhham Apr 29 '17 at 13:37
  • No, it doesn't. Veracrypt only supports system encryption for Windows. https://veracrypt.codeplex.com/wikipage?title=Supported%20Systems%20for%20System%20Encryption – Åsmund May 02 '17 at 20:09
  • 1
    Yes for system encryption, but it also allows to encrypt the whole drive with multi-boot : https://blog.yourultimatesecurity.guide/2016/10/veracrypt-full-disk-encryption-win7/ – mhham May 03 '17 at 07:42
  • I set up dual boot with 2 separate drives. At first I used BIOS to pick the drive/OS. Later I entered the Bitlocker key and grub worked. Then Windows started balking after a Linux update. And I can't get in from BIOS either. Should it have worked if I only ever used BIOS to never need the Bitlocker key? Would Windows ever get upset about the 2nd separate Linux drive? – RomnieEE Aug 07 '20 at 01:11
  • Added to note: 1. I removed 1 drive at a time to install. 2. I don't know if the same situation BIOS strategy could work with partitions, as for OP. – RomnieEE Aug 07 '20 at 01:19
  • In the end I gave up fixing this problem. I wiped both OSes, made a clean install of Windows 10, and installed Linux as a virtual machine. – Åsmund Aug 14 '20 at 06:50

2 Answers2

2

The problem may have come from the fact that you may have installed Fedora while Bitlocker is enabled. When you install an OS while it is enabled, problems to boot will always come; in this case, just entering the recovery key is pretty lucky for you. I would suggest making a copy of all your files on both (to save them), disable Bitlocker completely, and format the whole drive, then reinstall both OSes as @Wesley King said

-2

I have had many problems with the Linux/Windows Dual-Boot. In the end the way I fix the problem is to uninstall both OS's. Make sure to Install Fedora 25 first then Windows again. It is a last resort but has fixed all my problems to date.

Wesley King
  • 19
  • 2
  • Firstly at this point even fedora 25 is end of life AND @varun's comment is the issue you need to 'suspend' nitpicker during that or anything will active mess with the boot record (add/remove or majorly effect the boot order as nitpicker assumes if it has lost any control of the boot it is facing an evil maiden attack thus requiring the recovery key... – linuxdev2013 Dec 26 '18 at 21:49