Open Bitlocker Drive on Linux

When it comes to encryption, you have the choice, in most cases at least, to go for either Linux (LUKS) or Windows (BitLocker). But if you have a Drive you want to use on Linux AND Windows, you may run into some complications. Gladly, it’s possible to Open BitLocker Drive on Linux.

Open Bitlocker Drive on Linux

 

We are going to use a Tool called Dislocker to do the job.

Step 1 – Install Dislocker to Open BitLocker Drive on Linux

First, we need to install Dislocker. It doesn’t get any easier than that.

sudo apt-get install dislocker

Open Bitlocker Drive on Linux

 

Step 2 – Create a Folder to Mount the Drive

Next, we are going to create a Folder so we can mount the Drive.

sudo mkdir /media/bitlocker
sudo mkdir /media/mount

Open Bitlocker Drive on Linux

 

Step 3 – Finding our USB Drive

Now we need to figure out which drive description our USB Drive has. We can do that easily using fdisk.

sudo fdisk -l

Most likely, you’ll have to scroll down to the bottom. You can easily identify your Drive by the Size. Make sure to use the drive description under Device, in this example sde1 and not only sde.

Open Bitlocker Drive on Linux

 

Step 4 – Unlocking your USB Drive

Now we are going to use Dislocker to Decrypt the Drive. Make sure to replace –uYourPassword with your password and sde1 with your drive description! But leave the -u in front of it. So if your password is Horseradish the command should call: -uHorseradish . Alternatively, just leave it at -u and you will get prompted for the password.

sudo dislocker -r -V /dev/sde1 -uYourPassword -- /media/bitlocker

Open Bitlocker Drive on Linux Tutorial

 

Step 5 – Mounting your Drive

Finally, we are going to Mount the now encrypted Drive.

sudo mount -r -o loop /media/bitlocker/dislocker-file /media/mount

Open Bitlocker Drive Linux

 

And voila, you can access the files on your previously encrypted Drive. You can use a Bitlocker Encrypted Drive to store your Passwords on, for example. If you work on Windows & Linux like me, this is a good way to utilize your USB Drive on both Systems.

Step 6 – Creating a Script to automatically Mount the locked Drive

Because we are all lazy (and so we should!), we don’t want to run those commands again every single time we plug in our Drive. I created a Bash script to do this for us. We need to create a new file in our /usr/local/bin Path, so we can access the script from everywhere.

sudo gedit /usr/local/bin/unlock.sh

Go ahead and paste my script in your Text File. Make sure you adjust it to your own Drive Letters etc.

#!/bin/bash
sudo dislocker -r -V /dev/sde1 -u -- /media/bitlocker
sudo mount -r -o loop /media/bitlocker/dislocker-file /media/mount

Save the File by hitting CTRL+S. Adjust the permission to make the File executable:

sudo chmod +x /usr/local/bin/unlock.sh

So the next time you restart and need to access your USB Drive again, simply open a Terminal and type:

sudo unlock.sh

And you will need to enter your Sudo Password and your Bitlocker Password and your Drive will be unlocked and automatically mounted.

10 thoughts on “Open Bitlocker Drive on Linux

  • March 6, 2019 at 3:45 pm
    Permalink

    So I tried this a couple nights ago, and failed miserably. I followed the directions from several websites to give my user account root privileges (editing my /ect/passwd file to change my UID & GID to 0), and the result was that I basically nuked my user account. (I know, I should have created a separate account just for this test, but I didn’t think of that….) When I tried to invoke any command afterward in the terminal (with or without sudo) it gave me a message that I did not exist. I couldn’t open any new programs, or any new tabs in my browser, and couldn’t install any new removable media. I double-checked my /etc/passwd file and the account was still there (with zeroes for the UID & GID), but somehow the OS read that as the account being unusable.

    After stressing a bit about losing all the data on my machine I finally rebooted and hoped for a miracle. Fortunately during the reboot my OS asked me to create a new user account (since it didn’t find one that worked), and I was able to move all my data over to the new account, completely delete the old account (including its group), and rebuild it. Didn’t have to reinstall anything like starting fresh with the OS, but had to reset all my app settings and preferences, set up my email account again, etc. Joy.

    So I’m giving up on Bitlocker for portable drive encryption. Think I’m going to try VeraCrypt, since it sounds like a solid, truly cross-platform encryption solution. I learned a fair bit about linux during this exercise, though (I’m pretty new to the system still). Thank you again, ceos3c, for the tutorial.

    Reply
  • March 4, 2019 at 8:00 pm
    Permalink

    Thanks for your reply, ceos3c. I learned (thanks to Chris’s comment below) that removing the ‘-r’ option should make read/write possible. Unfortunately, though, even after making this change it’s still read-only for me. I’m thinking now it has to do with my user permissions (the fact that I haven’t granted myself root in my UID). Despite running these commands with sudo, when I go to actually access the directory I do it through the file manager GUI and am not a root user, and since the loop directory is located at the root level I can’t make changes. (It doesn’t seem to matter what folder you use to mount the drive – I tried mounting it in my home directory and it still didn’t work, since the loop directory still showed up at ‘/dev/loop.’)

    I’ve been avoiding granting my user account blanket root permission for security purposes, but I’ll try this tonight and see if it works, and report back.

    Reply
  • March 3, 2019 at 5:23 am
    Permalink

    Thanks for this. After playing around with it a bit I wrote another little script to automatically reverse the effect of the script presented here, so you can essentially re-encrypt your drive, by un-mounting the de-encrypted instance (along with the extraneous ‘bitlocker’ drive mounted in the original script). Follow the directions above with regard to where to put it and how to run it. I call it “lock.sh” to parallel the “unlock.sh” in the post. Cleans things up nicely when you’re done using your encrypted drive:

    #!/bin/bash
    # A simple script to unmount a decrypted portable drive after previously unlocking with unlock.sh
    # (Still have to unmount encrypted drive in GUI afterward to eject thumb drive)
    sudo umount /dev/loop0
    sudo umount /media/bitlocker

    I too am curious, though, if there’s a way to remove the ‘read only’ restriction on the bitlocker drive?

    Reply
    • March 4, 2019 at 11:11 am
      Permalink

      Cool! Thanks for leaving this here Mark. Unfortunately I haven’t had time to search for a solution to the read only problem 🙁

      Reply
  • January 9, 2019 at 12:43 pm
    Permalink

    In terminal, type ‘dislocker –help’ It will explain the ‘-r’, the ‘-V’ and many other options. Also, for every mount or operation on drive, one must make sure of its drive letters!

    Thanks Ceos3c

    Reply
  • January 9, 2019 at 12:52 am
    Permalink

    Why dont you describe the parameter you use?
    ex:
    “sudo dislocker -r -V /dev/sde1 -uYourPassword — /media/bitlocker”
    You only describe the obvious but not for what -r -V stands.
    Also you script wont work often because “sde1” is not always the drive you want to unlock.
    You should say ‘dislocker -r -V /dev/”$1″‘ or something like this.
    And why do you write “sudo” in every single line? Pretty bad practis, just execute the script as sudo.

    Also you should inform the people here that you don’t have write acces to that drive on linux.

    Reply
  • October 21, 2018 at 1:45 pm
    Permalink

    Hello
    Thank you for your advise
    but i can not write on drive.
    how can i write on disk?

    Reply
  • September 22, 2018 at 11:03 am
    Permalink

    Hi,
    great advice, worked very well. However, i’m unable to write on the flash drive, how can i enable this?

    Reply
  • September 4, 2018 at 12:02 am
    Permalink

    first … thank you. this was EXACTLY what i was trying to do. secondly … well … how would you go about doing this for TWO NTFS drives?? any advices would certainly be appreciated … i’m a linux newbie 😉

    Reply
    • September 4, 2018 at 10:02 am
      Permalink

      Thanks! What exactly you mean with 2 NTFS drives? Automatically unlocking them?

      Reply

Tell us what you think!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: