Up next in 10
Open BitLocker Drive on Linux - Easy Step-by-Step
8K views
Jul 18, 2022
Open BitLocker Drive on Linux - The Easiest way to use your BitLocker encrypted Drive on Linux! (Auto-Unlock-Script included!) ⮘-=[Subscribe]=-⮚ ↬ https://www.youtube.com/c/ceos3ctutorials?sub_confirmation=1 ⮘-=[Support Me]=-⮚ ↬ Patreon: https://www.patreon.com/ceos3c ↬ Hacking Apparel: https://www.teespring.com/stores/ceos3c-hacker-store ↬ Paypal: https://www.paypal.me/ceos3c ↬ My Amazon Store: https://www.amazon.com/shop/ceos3ctutorials ↬ pfSense Starter Guide: https://amzn.to/2RbRem2 ⮘-=[Social]=-⮚ ↬ Website: https://www.ceos3c.com ↬ Instagram: https://www.instagram.com/daily.linux.tips ↬ Twitter: https://www.twitter.com/ceos3c ↬ Facebook: https://www.facebook.com/ceos3c
View Video Transcript
0:00
Hey guys, what is up everyone? Today I have another tutorial for you. Today we are looking at how to unlock a BitLocker encrypted hard drive or USB drive on Linux
0:13
If you searched for this video you probably already have a purpose to use your USB drive or an encryption on your USB drive
0:22
But for those who don't I want to give a short example what would be a use for that
0:26
So if you are like me and you use a couple of different operating systems as your daily drivers like Windows and Linux and you use a password database to store your passwords, specifically if this password database is on a USB drive, you probably want to have this USB drive encrypted and you probably want to use this USB drive on Windows and on Linux
0:52
I did a little bit of research beforehand to find the easiest solution for that problem
0:57
and the easiest solution really was using BitLocker. There are existing some Linux tools where you can encrypt a drive on Linux
1:05
but then you cannot open it on Windows. And there are a couple of encryption tools that work on Windows but don't work on Linux
1:12
The easiest way to do that is simply BitLocker. So if you don't have a BitLocker encrypted drive yet
1:18
just simply plug in your USB drive in your computer right click it and turn on BitLocker
1:25
It takes a couple of seconds. Then you click user password to unlock the drive
1:31
and it has a minimum password requirement. I don't exactly know which that is
1:36
It's written here but there's nothing written about the length. So I just go for something secure
1:45
Alright, next. and I highly recommend you save this recovery key to a safe location that you have access to
1:57
because if you lose your password and if you lose those recovery key you can throw your
2:02
USB drive away I'm just gonna save it where I'm gonna save it wherever
2:08
just save it right here so what the hell is this save it on the desktop click next select encrypt use disk space only if it's a new drive and select
2:27
encrypt entire drive if it's already a drive with a lot of files on them and stuff like that so it's
2:33
self-explanatory and choose compatible compatible mode that's what i usually use and it's for removable drives because you probably are using a removable drive for that
2:48
and click on start encrypting this should go quite fast yeah because the drive is empty All right Then we have a file on here which is called our secret
3:01
All right. So let's go ahead and try to unlock this drive on Linux
3:08
For this demonstration, I'm going to use Linux Mint. The steps work on all Debian based distributions
3:15
So whatever you use Ubuntu, it will work there. I'm not sure about some other distributions, which are not Debian based if it works the same way
3:24
I don't know. You have to try it. But the first thing we are going to do is, of course, because we use a virtual box
3:32
we are going to choose devices, USB and connect the USB drive to our Linux
3:40
And we will see the volume there, but we will just see this encryption gibberish here
3:47
So the drive is basically useless at this date. So first things first
3:50
We need a tool called this locker to unlock the drive. So we are going to install it first
3:57
Click on your terminal or open your terminal window and type sudo apt-get update
4:04
tag y To make sure you are or you will be on the latest version
4:09
Then do sudo apt-get install dislocker. It's in the default software repository
4:18
I already installed it before. Clear the screen. Then sudo makedir forward slash media forward slash bitlocker
4:30
Then we are going to check out which hard disk or basically which drive letter our USB drive has
4:37
has that's what we can do with sudo fdisk tag l and now if you know how big your usb drive is you
4:45
can find it pretty quick mine is 16 gigabytes so it will be this one and we need the device
4:50
description which is sdb1 in here it can be different for you but this is the number or the
4:58
description that you need so remember that then we are going to do the next step which is actually
5:05
already unlock unlocking our drive so we do sudo dislocker i'm gonna unlock it in read only because
5:15
i just want to access my database but i don't want to write anything or i don't want anyone
5:21
else to write anything on my drive while it's plugged in the computer so i do tag r if you
5:27
don't want to have it read and you want to have it write also so read write then just leave the
5:34
tag R out and you should be able to write. Then we do tag V, devsdb1, which is our drive
5:45
Then tag U to get prompted for our password or if you want to you can type your password like this i just leave it to get prompted tec media bitlocker enter the password of your
6:02
disk encryption like your bitlocker password and then we have to drive unlocked and we see
6:10
another volume pop up here but we are not there yet now we need to mount our
6:15
drive which we are going to do with sudo mount tech again are if you want read
6:22
only which I do tech oh loop media bit locker this locker tech file media
6:35
forward slash mount I think we missed one step to create the directory
6:43
Let's quickly do that. sudo makedir media mount and then press the up arrow twice to run the command again
6:58
And look at this. There is our unlocked BitLocker encrypted drive and we can open our secret file or whatever
7:10
And you can see here that it's read only. So if you would have your database or any files there that you need access
7:16
you can read, but you cannot write. I'll prefer that because it's a bit more secure
7:19
And if you want to write on it, you know how to do it now with leaving the Tech R option out
7:27
So now every time you unplug your USB drive from your system again
7:31
of course, you would have to go through this procedure again, except creating the directories
7:39
so there is one thing what we can do we can create a little bash script which allows us to do this
7:48
with just running one command in the future so let's go ahead and open a terminal again
7:55
if the previous steps were enough for you and it's fine you want to go through the steps you can just
8:00
stop the video here but if you want to create the script which makes it much easier in the future
8:04
then stick around it's really quick to do so let's create the file first
8:09
sudo gedit user local bin and this is the directory or the path where all the scripts
8:21
lie or should lie that you can access them system wide because if you just put it in a different
8:27
folder you would always need to navigate to the folder first and then you would be able to run
8:31
If you put it in this folder, you will be able to run the script from everywhere on the system
8:36
You will see in a second. Let call it unlock Pseudo password again Oh I probably don have gedit sudo apt get gedit sudo apt get install gedit
8:53
sorry it's a bit late all right almost there I like gedit to edit config files so do again sudo
9:10
So gedit user local bin unlock.sh. And then I will paste this in the description below
9:20
So you can copy and paste it. This is my script. That's basically the same commands what we just entered before
9:28
And press ctrl s to save the file. Alright then we still need to make the file executable
9:36
so sudo chmod plus x user bin unlock dot s oh user local bin
9:48
unlock sh all right right so let's make a test i just rebooted the machine to get a fresh state
9:59
so you can see that we have the drive locked again and one more thing what you need to keep in mind is
10:07
the script we just copy and paste it make sure you adjust the volume label to your own because
10:15
then otherwise it will not work and also to plug in the usb drive if possible into the same slot
10:21
at all times because if it stops working it might be possible that the drive label changed
10:29
so that would prevent the script from working. Alright so let's run the script and we can run it just from the main directory, the root
10:40
directory or the home directory because we put it in the user local bin path so that
10:46
will be available system-wide. Then we need to enter the BitLocker password and
10:54
after a second our drive is here again and usable. So that means next time you
11:05
unplug it or you restart just hit up a terminal type sudo unlock sh and your
11:12
rifle be unlocked very quickly. You could also put a... you can create a
11:17
shortcut on your desktop or create a some other like a keyboard shortcut to
11:25
run this quicker but this should give you a good idea on how that works. So this
11:30
concludes this tutorial if you liked the video as always subscribe to the channel
11:34
give it a thumbs up and hit the little notification bell that you get informed
11:38
about new tutorials. See you in the next one
#Computer Security