BitLocker asking for protection code after Ubuntu installation












6














I have just installed Ubuntu side-by-side to a Windows 10 partition shipped on a new laptop.



Meaning, the laptop shipped with Windows 10, and I installed Ubuntu alongside the Windows partition using an Ubuntu Desktop installation ISO through a flash drive.



Now every time I boot into the Windows boot manager, BitLocker wants me to enter the long BitLocker recovery key. A few questions ―




  1. Why actually is BitLocker affected by the new boot loader set up by Ubuntu? a naive thought would be that the BitLocker decryption key is stored on the motherboard TPM, and isn't affected by a new boot loader installation, and that is probably true as otherwise Windows would no longer be able to read its own files. So why is BitLocker even requiring the recovery key now?

  2. The Ubuntu side-by-side install said something about fiddling boot protection, but it remains elusive whether that's related to the TPM or a separate security mechanism.

  3. The Ubuntu installer even asked for a pass-phrase that should help re-establish secure boot, but I was not prompted to use it anywhere after booting with neither the Ubuntu nor the Windows boot loaders, after the install.

  4. How do I make BitLocker trustful again? in Windows 10, I only see an option to disable disk encryption altogether, but am not sure why can't it just keep going.

  5. Turning encryption off and then on (in Windows) seems like an overkill and I've no idea, whether it will scramble my Ubuntu partition while at it.


In Windows, after supplying the recovery key, I can see that device encryption is on. So my understanding is that my Windows partition is still decrypting its own files, whereas my Ubuntu partition isn't asking the TPM to encrypt its files when writing them nor decrypt them when reading them.










share|improve this question




















  • 1




    “So why is BitLocker even requiring the recovery key now?” - You changed the boot configuration. So basically, you broke the trust, and the recovery key is the backup method
    – Ramhound
    Dec 20 '17 at 18:28






  • 1




    Because you haven’t done anything to restore the trust. The recovery key just lets you boot the configuration is still broken. My suggestion might regain that trust but again Ubuntu doesn’t know Bitlocker
    – Ramhound
    Dec 20 '17 at 18:30






  • 1




    If you turn it off, you can turn it back on, just saying.
    – Ramhound
    Dec 20 '17 at 18:34






  • 1




    Your linked question applies to an encrypted volume. Your setup is different
    – Ramhound
    Dec 20 '17 at 18:55






  • 1




    @Ramhound - BitLocker Device Encryption is enabled by default since Windows 8.1 if it has the proper hardware and the user signs in with a Microsoft Account, and Windows 10 expanded on that. docs.microsoft.com/en-us/windows/device-security/bitlocker/… - To the OP, did you disable secure boot on your system so you could install Linux?
    – Appleoddity
    Dec 20 '17 at 19:05


















6














I have just installed Ubuntu side-by-side to a Windows 10 partition shipped on a new laptop.



Meaning, the laptop shipped with Windows 10, and I installed Ubuntu alongside the Windows partition using an Ubuntu Desktop installation ISO through a flash drive.



Now every time I boot into the Windows boot manager, BitLocker wants me to enter the long BitLocker recovery key. A few questions ―




  1. Why actually is BitLocker affected by the new boot loader set up by Ubuntu? a naive thought would be that the BitLocker decryption key is stored on the motherboard TPM, and isn't affected by a new boot loader installation, and that is probably true as otherwise Windows would no longer be able to read its own files. So why is BitLocker even requiring the recovery key now?

  2. The Ubuntu side-by-side install said something about fiddling boot protection, but it remains elusive whether that's related to the TPM or a separate security mechanism.

  3. The Ubuntu installer even asked for a pass-phrase that should help re-establish secure boot, but I was not prompted to use it anywhere after booting with neither the Ubuntu nor the Windows boot loaders, after the install.

  4. How do I make BitLocker trustful again? in Windows 10, I only see an option to disable disk encryption altogether, but am not sure why can't it just keep going.

  5. Turning encryption off and then on (in Windows) seems like an overkill and I've no idea, whether it will scramble my Ubuntu partition while at it.


In Windows, after supplying the recovery key, I can see that device encryption is on. So my understanding is that my Windows partition is still decrypting its own files, whereas my Ubuntu partition isn't asking the TPM to encrypt its files when writing them nor decrypt them when reading them.










share|improve this question




















  • 1




    “So why is BitLocker even requiring the recovery key now?” - You changed the boot configuration. So basically, you broke the trust, and the recovery key is the backup method
    – Ramhound
    Dec 20 '17 at 18:28






  • 1




    Because you haven’t done anything to restore the trust. The recovery key just lets you boot the configuration is still broken. My suggestion might regain that trust but again Ubuntu doesn’t know Bitlocker
    – Ramhound
    Dec 20 '17 at 18:30






  • 1




    If you turn it off, you can turn it back on, just saying.
    – Ramhound
    Dec 20 '17 at 18:34






  • 1




    Your linked question applies to an encrypted volume. Your setup is different
    – Ramhound
    Dec 20 '17 at 18:55






  • 1




    @Ramhound - BitLocker Device Encryption is enabled by default since Windows 8.1 if it has the proper hardware and the user signs in with a Microsoft Account, and Windows 10 expanded on that. docs.microsoft.com/en-us/windows/device-security/bitlocker/… - To the OP, did you disable secure boot on your system so you could install Linux?
    – Appleoddity
    Dec 20 '17 at 19:05
















6












6








6


2





I have just installed Ubuntu side-by-side to a Windows 10 partition shipped on a new laptop.



Meaning, the laptop shipped with Windows 10, and I installed Ubuntu alongside the Windows partition using an Ubuntu Desktop installation ISO through a flash drive.



Now every time I boot into the Windows boot manager, BitLocker wants me to enter the long BitLocker recovery key. A few questions ―




  1. Why actually is BitLocker affected by the new boot loader set up by Ubuntu? a naive thought would be that the BitLocker decryption key is stored on the motherboard TPM, and isn't affected by a new boot loader installation, and that is probably true as otherwise Windows would no longer be able to read its own files. So why is BitLocker even requiring the recovery key now?

  2. The Ubuntu side-by-side install said something about fiddling boot protection, but it remains elusive whether that's related to the TPM or a separate security mechanism.

  3. The Ubuntu installer even asked for a pass-phrase that should help re-establish secure boot, but I was not prompted to use it anywhere after booting with neither the Ubuntu nor the Windows boot loaders, after the install.

  4. How do I make BitLocker trustful again? in Windows 10, I only see an option to disable disk encryption altogether, but am not sure why can't it just keep going.

  5. Turning encryption off and then on (in Windows) seems like an overkill and I've no idea, whether it will scramble my Ubuntu partition while at it.


In Windows, after supplying the recovery key, I can see that device encryption is on. So my understanding is that my Windows partition is still decrypting its own files, whereas my Ubuntu partition isn't asking the TPM to encrypt its files when writing them nor decrypt them when reading them.










share|improve this question















I have just installed Ubuntu side-by-side to a Windows 10 partition shipped on a new laptop.



Meaning, the laptop shipped with Windows 10, and I installed Ubuntu alongside the Windows partition using an Ubuntu Desktop installation ISO through a flash drive.



Now every time I boot into the Windows boot manager, BitLocker wants me to enter the long BitLocker recovery key. A few questions ―




  1. Why actually is BitLocker affected by the new boot loader set up by Ubuntu? a naive thought would be that the BitLocker decryption key is stored on the motherboard TPM, and isn't affected by a new boot loader installation, and that is probably true as otherwise Windows would no longer be able to read its own files. So why is BitLocker even requiring the recovery key now?

  2. The Ubuntu side-by-side install said something about fiddling boot protection, but it remains elusive whether that's related to the TPM or a separate security mechanism.

  3. The Ubuntu installer even asked for a pass-phrase that should help re-establish secure boot, but I was not prompted to use it anywhere after booting with neither the Ubuntu nor the Windows boot loaders, after the install.

  4. How do I make BitLocker trustful again? in Windows 10, I only see an option to disable disk encryption altogether, but am not sure why can't it just keep going.

  5. Turning encryption off and then on (in Windows) seems like an overkill and I've no idea, whether it will scramble my Ubuntu partition while at it.


In Windows, after supplying the recovery key, I can see that device encryption is on. So my understanding is that my Windows partition is still decrypting its own files, whereas my Ubuntu partition isn't asking the TPM to encrypt its files when writing them nor decrypt them when reading them.







ubuntu windows-10 boot encryption bitlocker






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 20 '17 at 19:02

























asked Dec 20 '17 at 18:18









matt

13115




13115








  • 1




    “So why is BitLocker even requiring the recovery key now?” - You changed the boot configuration. So basically, you broke the trust, and the recovery key is the backup method
    – Ramhound
    Dec 20 '17 at 18:28






  • 1




    Because you haven’t done anything to restore the trust. The recovery key just lets you boot the configuration is still broken. My suggestion might regain that trust but again Ubuntu doesn’t know Bitlocker
    – Ramhound
    Dec 20 '17 at 18:30






  • 1




    If you turn it off, you can turn it back on, just saying.
    – Ramhound
    Dec 20 '17 at 18:34






  • 1




    Your linked question applies to an encrypted volume. Your setup is different
    – Ramhound
    Dec 20 '17 at 18:55






  • 1




    @Ramhound - BitLocker Device Encryption is enabled by default since Windows 8.1 if it has the proper hardware and the user signs in with a Microsoft Account, and Windows 10 expanded on that. docs.microsoft.com/en-us/windows/device-security/bitlocker/… - To the OP, did you disable secure boot on your system so you could install Linux?
    – Appleoddity
    Dec 20 '17 at 19:05
















  • 1




    “So why is BitLocker even requiring the recovery key now?” - You changed the boot configuration. So basically, you broke the trust, and the recovery key is the backup method
    – Ramhound
    Dec 20 '17 at 18:28






  • 1




    Because you haven’t done anything to restore the trust. The recovery key just lets you boot the configuration is still broken. My suggestion might regain that trust but again Ubuntu doesn’t know Bitlocker
    – Ramhound
    Dec 20 '17 at 18:30






  • 1




    If you turn it off, you can turn it back on, just saying.
    – Ramhound
    Dec 20 '17 at 18:34






  • 1




    Your linked question applies to an encrypted volume. Your setup is different
    – Ramhound
    Dec 20 '17 at 18:55






  • 1




    @Ramhound - BitLocker Device Encryption is enabled by default since Windows 8.1 if it has the proper hardware and the user signs in with a Microsoft Account, and Windows 10 expanded on that. docs.microsoft.com/en-us/windows/device-security/bitlocker/… - To the OP, did you disable secure boot on your system so you could install Linux?
    – Appleoddity
    Dec 20 '17 at 19:05










1




1




“So why is BitLocker even requiring the recovery key now?” - You changed the boot configuration. So basically, you broke the trust, and the recovery key is the backup method
– Ramhound
Dec 20 '17 at 18:28




“So why is BitLocker even requiring the recovery key now?” - You changed the boot configuration. So basically, you broke the trust, and the recovery key is the backup method
– Ramhound
Dec 20 '17 at 18:28




1




1




Because you haven’t done anything to restore the trust. The recovery key just lets you boot the configuration is still broken. My suggestion might regain that trust but again Ubuntu doesn’t know Bitlocker
– Ramhound
Dec 20 '17 at 18:30




Because you haven’t done anything to restore the trust. The recovery key just lets you boot the configuration is still broken. My suggestion might regain that trust but again Ubuntu doesn’t know Bitlocker
– Ramhound
Dec 20 '17 at 18:30




1




1




If you turn it off, you can turn it back on, just saying.
– Ramhound
Dec 20 '17 at 18:34




If you turn it off, you can turn it back on, just saying.
– Ramhound
Dec 20 '17 at 18:34




1




1




Your linked question applies to an encrypted volume. Your setup is different
– Ramhound
Dec 20 '17 at 18:55




Your linked question applies to an encrypted volume. Your setup is different
– Ramhound
Dec 20 '17 at 18:55




1




1




@Ramhound - BitLocker Device Encryption is enabled by default since Windows 8.1 if it has the proper hardware and the user signs in with a Microsoft Account, and Windows 10 expanded on that. docs.microsoft.com/en-us/windows/device-security/bitlocker/… - To the OP, did you disable secure boot on your system so you could install Linux?
– Appleoddity
Dec 20 '17 at 19:05






@Ramhound - BitLocker Device Encryption is enabled by default since Windows 8.1 if it has the proper hardware and the user signs in with a Microsoft Account, and Windows 10 expanded on that. docs.microsoft.com/en-us/windows/device-security/bitlocker/… - To the OP, did you disable secure boot on your system so you could install Linux?
– Appleoddity
Dec 20 '17 at 19:05












3 Answers
3






active

oldest

votes


















0














With a lot of help from the kind people in the comments, I was able to elegantly get past the problem. This was the elegant solution, taken from here:



To make BitLocker regain trust, I simply disabled and then re-enabled BitLocker:



C:Windowssystem32manage-bde.exe" -protectors -enable c:

C:Windowssystem32manage-bde.exe" -protectors -disable c:


I assume that now Windows uses BitLocker and disk encryption through the TPM just as before, and Ubuntu simply does not.



It is possible to install some Ubuntu stuff that makes it work like BitLocker (thusly presumably also enabling sharing partitions between Windows and Ubuntu), but I think that for now Ubuntu does not use the TPM hardware, so it would store the entire encryption key on disk, defeating the purpose of the encryption, so not worth it I guess.



So BitLocker was aware of the boot manipulation, justifiably causing it to await a trust regaining event even though the TPM integration remained intact. Entering the protection key and then Using the above couple of commands in Windows, made it re-enter the state of trust, regaining normal operation.






share|improve this answer



















  • 4




    This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
    – SailAvid
    Mar 16 at 16:08










  • I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
    – Olivier Bégassat
    Apr 29 at 8:40










  • @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
    – Wojtek
    Jun 10 at 10:18








  • 2




    @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
    – Wojtek
    Jun 10 at 10:20



















0














This issue is that Windows does not consider GRUB as a secure component. Thus, whenever you boot to Windows coming from GRUB, Windows considers the boot sequence might have been compromised, and forces a key re-entry.



The only way I know to fix this is to not use GRUB altogether. You can either




  • choose the boot sequence directly through your BIOS menu (the solution I use, I just have to enter F12 during boot, and BIOS gives the choice between the boot scenarios)

  • or use Windows bootloader and add the linux options to it (See here how to achieve that).






share|improve this answer





























    -2














    The only solution I've found is to change the boot order in the bios to let Windows Bootloader be on top. This method makes booting Ubuntu a bit troublesome, as I have to stop normal boot and choose Select a Temporary Boot Device in order to enter grub from there. This way I can avoid Bitlocker getting angry at grub and asking for a key if I want to use Windows.
    For me it's not a big problem as I mainly use Windows to do most of my work.






    share|improve this answer





















      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "3"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1278841%2fbitlocker-asking-for-protection-code-after-ubuntu-installation%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      3 Answers
      3






      active

      oldest

      votes








      3 Answers
      3






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      0














      With a lot of help from the kind people in the comments, I was able to elegantly get past the problem. This was the elegant solution, taken from here:



      To make BitLocker regain trust, I simply disabled and then re-enabled BitLocker:



      C:Windowssystem32manage-bde.exe" -protectors -enable c:

      C:Windowssystem32manage-bde.exe" -protectors -disable c:


      I assume that now Windows uses BitLocker and disk encryption through the TPM just as before, and Ubuntu simply does not.



      It is possible to install some Ubuntu stuff that makes it work like BitLocker (thusly presumably also enabling sharing partitions between Windows and Ubuntu), but I think that for now Ubuntu does not use the TPM hardware, so it would store the entire encryption key on disk, defeating the purpose of the encryption, so not worth it I guess.



      So BitLocker was aware of the boot manipulation, justifiably causing it to await a trust regaining event even though the TPM integration remained intact. Entering the protection key and then Using the above couple of commands in Windows, made it re-enter the state of trust, regaining normal operation.






      share|improve this answer



















      • 4




        This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
        – SailAvid
        Mar 16 at 16:08










      • I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
        – Olivier Bégassat
        Apr 29 at 8:40










      • @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
        – Wojtek
        Jun 10 at 10:18








      • 2




        @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
        – Wojtek
        Jun 10 at 10:20
















      0














      With a lot of help from the kind people in the comments, I was able to elegantly get past the problem. This was the elegant solution, taken from here:



      To make BitLocker regain trust, I simply disabled and then re-enabled BitLocker:



      C:Windowssystem32manage-bde.exe" -protectors -enable c:

      C:Windowssystem32manage-bde.exe" -protectors -disable c:


      I assume that now Windows uses BitLocker and disk encryption through the TPM just as before, and Ubuntu simply does not.



      It is possible to install some Ubuntu stuff that makes it work like BitLocker (thusly presumably also enabling sharing partitions between Windows and Ubuntu), but I think that for now Ubuntu does not use the TPM hardware, so it would store the entire encryption key on disk, defeating the purpose of the encryption, so not worth it I guess.



      So BitLocker was aware of the boot manipulation, justifiably causing it to await a trust regaining event even though the TPM integration remained intact. Entering the protection key and then Using the above couple of commands in Windows, made it re-enter the state of trust, regaining normal operation.






      share|improve this answer



















      • 4




        This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
        – SailAvid
        Mar 16 at 16:08










      • I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
        – Olivier Bégassat
        Apr 29 at 8:40










      • @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
        – Wojtek
        Jun 10 at 10:18








      • 2




        @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
        – Wojtek
        Jun 10 at 10:20














      0












      0








      0






      With a lot of help from the kind people in the comments, I was able to elegantly get past the problem. This was the elegant solution, taken from here:



      To make BitLocker regain trust, I simply disabled and then re-enabled BitLocker:



      C:Windowssystem32manage-bde.exe" -protectors -enable c:

      C:Windowssystem32manage-bde.exe" -protectors -disable c:


      I assume that now Windows uses BitLocker and disk encryption through the TPM just as before, and Ubuntu simply does not.



      It is possible to install some Ubuntu stuff that makes it work like BitLocker (thusly presumably also enabling sharing partitions between Windows and Ubuntu), but I think that for now Ubuntu does not use the TPM hardware, so it would store the entire encryption key on disk, defeating the purpose of the encryption, so not worth it I guess.



      So BitLocker was aware of the boot manipulation, justifiably causing it to await a trust regaining event even though the TPM integration remained intact. Entering the protection key and then Using the above couple of commands in Windows, made it re-enter the state of trust, regaining normal operation.






      share|improve this answer














      With a lot of help from the kind people in the comments, I was able to elegantly get past the problem. This was the elegant solution, taken from here:



      To make BitLocker regain trust, I simply disabled and then re-enabled BitLocker:



      C:Windowssystem32manage-bde.exe" -protectors -enable c:

      C:Windowssystem32manage-bde.exe" -protectors -disable c:


      I assume that now Windows uses BitLocker and disk encryption through the TPM just as before, and Ubuntu simply does not.



      It is possible to install some Ubuntu stuff that makes it work like BitLocker (thusly presumably also enabling sharing partitions between Windows and Ubuntu), but I think that for now Ubuntu does not use the TPM hardware, so it would store the entire encryption key on disk, defeating the purpose of the encryption, so not worth it I guess.



      So BitLocker was aware of the boot manipulation, justifiably causing it to await a trust regaining event even though the TPM integration remained intact. Entering the protection key and then Using the above couple of commands in Windows, made it re-enter the state of trust, regaining normal operation.







      share|improve this answer














      share|improve this answer



      share|improve this answer








      edited Dec 31 '17 at 17:30

























      answered Dec 20 '17 at 19:33









      matt

      13115




      13115








      • 4




        This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
        – SailAvid
        Mar 16 at 16:08










      • I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
        – Olivier Bégassat
        Apr 29 at 8:40










      • @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
        – Wojtek
        Jun 10 at 10:18








      • 2




        @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
        – Wojtek
        Jun 10 at 10:20














      • 4




        This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
        – SailAvid
        Mar 16 at 16:08










      • I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
        – Olivier Bégassat
        Apr 29 at 8:40










      • @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
        – Wojtek
        Jun 10 at 10:18








      • 2




        @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
        – Wojtek
        Jun 10 at 10:20








      4




      4




      This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
      – SailAvid
      Mar 16 at 16:08




      This does not solve the issue, since it simply disalbes the Bitlocker with the last command. So you will end up with disabled Bitlocker and that's why it does not ask for the recovery key again.
      – SailAvid
      Mar 16 at 16:08












      I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
      – Olivier Bégassat
      Apr 29 at 8:40




      I ran into the same problem (always asking for the recovery key). I tried the -disable command you suggest, and it booted up nicely, but when I enabled it again it asked for the key. My question is : did permanently disabling the bitlocker create any problems you are aware of ? Is this a practical solution ?
      – Olivier Bégassat
      Apr 29 at 8:40












      @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
      – Wojtek
      Jun 10 at 10:18






      @OlivierBégassat Disabling BitLocker means no encryption of your data on the disk I beleive.
      – Wojtek
      Jun 10 at 10:18






      2




      2




      @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
      – Wojtek
      Jun 10 at 10:20




      @SailAvid +1, and when I run disable and enable (instead of enable and then disable) BitLocker is still asking me for the key at startup. So this solution does not help.
      – Wojtek
      Jun 10 at 10:20













      0














      This issue is that Windows does not consider GRUB as a secure component. Thus, whenever you boot to Windows coming from GRUB, Windows considers the boot sequence might have been compromised, and forces a key re-entry.



      The only way I know to fix this is to not use GRUB altogether. You can either




      • choose the boot sequence directly through your BIOS menu (the solution I use, I just have to enter F12 during boot, and BIOS gives the choice between the boot scenarios)

      • or use Windows bootloader and add the linux options to it (See here how to achieve that).






      share|improve this answer


























        0














        This issue is that Windows does not consider GRUB as a secure component. Thus, whenever you boot to Windows coming from GRUB, Windows considers the boot sequence might have been compromised, and forces a key re-entry.



        The only way I know to fix this is to not use GRUB altogether. You can either




        • choose the boot sequence directly through your BIOS menu (the solution I use, I just have to enter F12 during boot, and BIOS gives the choice between the boot scenarios)

        • or use Windows bootloader and add the linux options to it (See here how to achieve that).






        share|improve this answer
























          0












          0








          0






          This issue is that Windows does not consider GRUB as a secure component. Thus, whenever you boot to Windows coming from GRUB, Windows considers the boot sequence might have been compromised, and forces a key re-entry.



          The only way I know to fix this is to not use GRUB altogether. You can either




          • choose the boot sequence directly through your BIOS menu (the solution I use, I just have to enter F12 during boot, and BIOS gives the choice between the boot scenarios)

          • or use Windows bootloader and add the linux options to it (See here how to achieve that).






          share|improve this answer












          This issue is that Windows does not consider GRUB as a secure component. Thus, whenever you boot to Windows coming from GRUB, Windows considers the boot sequence might have been compromised, and forces a key re-entry.



          The only way I know to fix this is to not use GRUB altogether. You can either




          • choose the boot sequence directly through your BIOS menu (the solution I use, I just have to enter F12 during boot, and BIOS gives the choice between the boot scenarios)

          • or use Windows bootloader and add the linux options to it (See here how to achieve that).







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Dec 6 at 14:45









          Mic

          1012




          1012























              -2














              The only solution I've found is to change the boot order in the bios to let Windows Bootloader be on top. This method makes booting Ubuntu a bit troublesome, as I have to stop normal boot and choose Select a Temporary Boot Device in order to enter grub from there. This way I can avoid Bitlocker getting angry at grub and asking for a key if I want to use Windows.
              For me it's not a big problem as I mainly use Windows to do most of my work.






              share|improve this answer


























                -2














                The only solution I've found is to change the boot order in the bios to let Windows Bootloader be on top. This method makes booting Ubuntu a bit troublesome, as I have to stop normal boot and choose Select a Temporary Boot Device in order to enter grub from there. This way I can avoid Bitlocker getting angry at grub and asking for a key if I want to use Windows.
                For me it's not a big problem as I mainly use Windows to do most of my work.






                share|improve this answer
























                  -2












                  -2








                  -2






                  The only solution I've found is to change the boot order in the bios to let Windows Bootloader be on top. This method makes booting Ubuntu a bit troublesome, as I have to stop normal boot and choose Select a Temporary Boot Device in order to enter grub from there. This way I can avoid Bitlocker getting angry at grub and asking for a key if I want to use Windows.
                  For me it's not a big problem as I mainly use Windows to do most of my work.






                  share|improve this answer












                  The only solution I've found is to change the boot order in the bios to let Windows Bootloader be on top. This method makes booting Ubuntu a bit troublesome, as I have to stop normal boot and choose Select a Temporary Boot Device in order to enter grub from there. This way I can avoid Bitlocker getting angry at grub and asking for a key if I want to use Windows.
                  For me it's not a big problem as I mainly use Windows to do most of my work.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Jun 14 at 14:59









                  Stian Danielsen

                  1




                  1






























                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Super User!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.





                      Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                      Please pay close attention to the following guidance:


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1278841%2fbitlocker-asking-for-protection-code-after-ubuntu-installation%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

                      Alcedinidae

                      Origin of the phrase “under your belt”?