Ubuntu on a Bitlocker-protected environment
The world has become much simpler these days. One good example is the sheer simplicity, with which you can by now install an Ubuntu 10.04 on a machine that already has Windows 7 (no big news here) and where Windows is protected by Bitlocker and TPM-integration (that is new :) )
Some easy steps:
Some easy steps:
- Install Windows 7 to your liking
- Encrypt your system using Bitlocker, also using TPM.
I guess most readers interested in installing Ubuntu will start with the above setup. Now modify the system to allow a Ubuntu install:
- Shrink your encrypted partition, for example I freed up about 40GB for my new Ubuntu
- "Stop" Bitlocker (that is: Temporarily store the encryption key outside the TPM - you do NOT need to decrypt the drive.) - Your Action-Center will alarm you, that this is a risk.
- Install Ubuntu 10.04 into the freed up disk space, allow installation of grub in MBR
- Boot Windows an "Resume" Bitlocker (i.e. enable TPM)
Be aware: This works just fine, as long as there is no change to the boot environment. This means, before updating for example the "grub-pc"-Package (the Ubuntu-Bootloader), be sure to "stop" Bitlocker!
For the Linuxer: Changing settings of grub (like "/etc/default/grub") will not change the boot enviornment, as these settings are dynamicly read by grub.
Thanks for this article. I can confirm that the same approach works well with Bitlocker encrypted Windows 7 Enterprise and Debian Squeeze.
AntwortenLöschenTo keep apt from updating grub-pc by accident you can do
echo "grub-pc hold" | sudo dpkg --set-selections
Thanks for this great article. It almost describes my situation.
AntwortenLöschenI already have Windows 7 and Ubuntu running on this machine using GRUB as the main bootloader.
I have a TPM module in my computer and my IT people want me to use BitLocker when I use Windows. If I go ahead and enable BitLocker, I am afraid my MBR will get altered and I won't have GRUB anymore.
How do you smart folks suggest I proceed?