New key id generated and not saved to microsoft account! locked out! - bitlocker

Question

I had previously set up dual boot linux-windows OS two years and also had bitlocker on to encrypt windows C drive which I should not have needed to I think. All was fine that time since I had keys saved to ms account (I had set bitlocker key to save to ms) that worked! But yesterday I logged onto linux (I dont even use linux and should not have had it installed) and hovered over the locked icon of c drive on linux and I entered the correct authenthication password to open it but instead a re-encryption took place which unknowingly to me generated new key id for which I need the associated key. This new key information is not being automatically to my ms account probably I was on Linux?! I cannot find the password. I tried the 'manage-bde' command on CMD prompt but it showed only that key id and no password because I am not in windows so I can not use the cmd within windows.

I am in desperation and anguish since all work files (the entirety of my graduate research) are in windows and not backed to the cloud! My career is in jeopardy it seems!

I'd really appreciate it if you could help!

Answer 1

Bottomline: if a new bitlocker key was generated it should have saved to my ms account as it was set up to be. Not sure if it was because I was on Linux.

Answer 2

Hello,

I would recommend you post the question in a linux forum, since their community can have a deeper insight or experience on that issue or similar.

From my personal experience, in I would recommend using Linux "dislocker" in order to de encrypt the drive.

First, let’s install the tool by:

$ sudo apt install dislocker

In some instances, we might need to add the universe repository before installing:

$ sudo apt-add-repository universe $ sudo apt-get update $ sudo apt-get dislocker

Secondly, let’s list the drives attached to our system and identify the drive letter assigned to our BitLocker-encrypted drive or partition. We can either use GParted or run the following commands to identify our external drive:

$ sudo fdisk -l $ lsblk -f

Next, let’s create two mount points, the first one is where the dislocker generates the dislocker -file, and the other is where the virtual NTFS is mounted as a loop device. We can give these mount points any name we want:

$ sudo mkdir /media/bitlocker $ sudo mkdir /media/mount

we can use any name for those two folders

We then decrypt the BitLocker-encrypted drive and mount it to our system by:

$ sudo dislocker -v -V /dev/sdb1 -u<password> -- /media/bitlocker $ sudo ls /media/bitlocker $ sudo mount -o loop,rw /media/bitlocker/dislocker-file /media/mount $ sudo ls /media/mount

This opens the decrypted drive/partition and mounts it to where we can access it and view its content. Note that /dev/sdb1 is the BitLocker-encrypted drive. The -u flag is combined with the password #53!12345. Lastly, /media/bitlocker is where to mount the dislocker-file. When we’re done, we unmount the decrypted drive by:

$ sudo umount /media/mount $ sudo umount /media/bitlocker

Or use a recovery key:

$ sudo dislocker -v -V /dev/sdb1 --recovery-password=<key> -- /media/bitlocker $ sudo mount -o loop,rw /media/bitlocker/dislocker-file /media/mount $ sudo ls /media/mount #this lists the contents of the decrypted drive or partition

we then unmount after obtaining/viewing the content of the decrypted device

$ sudo umount /media/mount $ sudo umount /media/bitlocker

--If the reply is helpful, please Upvote and Accept as answer--

Answer 3

This would be vey helpful. But right now, in my desperation to fix the issue earlier before involving others, I reset UEFI settings in BIOS to default so the Linux boot entry is not there now even though Linux is and must still be there since it was not deleted. So how may I bring back the Linux boot entry in the menu (GNU Grub). Also, I posted my question on Linux Forum but no response from there yet!