OpenSUSE Tumbleweed read/write Windows BitLocker encrypted disk

Install dependency packages

According to the instructions, the dependency packages include,

Compiler, gcc or clang
Cmake (version 2.6 at least)
Make

FUSE header file
PolarSSL/mbedTLS header file
Optional: ruby header file
Gcc cmake make is usually installed by default in the system, but there is nothing to try again,

Sudo zypper in gcc cmake make

Then the FUSE package,

Sudo zypper in fuse-devel

Finally, PolarSSL/mbedTLS that provides the encryption service. MbedTLS https://tls.mbed.org/#the PolarSSL after the name is changed. They are a thing. Install PolarSSL without mbedTLS. MbedTLS is used in the openSUSE installation source. Install directly,

Sudo zypper in mbedTLS-devel

Ruby is optional. If Ruby is associated during installation, a dislocker-find module (a Ruby script) can be provided after installation to try to find partitions encrypted by BitLocker on all connected hard disks. Therefore, if you do not need this function, you do not need to install Ruby. If you want to install it,

Sudo zypper in ruby-devel/usr/bin/ruby

/Usr/bin/ruby is required because rubypick is used in RHEL 7 and ruby is used in RHEL 6 or 5.

Install the DISLOCKER stable edition
Download dislocker. You can download the development version from GitHub, and the stable version (0.5.2 at present) can be downloaded from HSF. The stable version is used here.

Wget http://www.hsc.fr/ressources/outils/dislocker/download/dislocker-0.5.2.tar.gz-O ~ /Tmp/dislocker.tar.gz

Here, wget uses-O to specify the destination folder and file name to be saved. If you only want to specify the folder to be saved and do not want to change the file name, use the-P option (-P ~ /Tmp ).

Decompress the package, specify the target folder (-C option), and use -- strip-components = 1 to ignore the folder that comes with the compressed package (this is a folder with version parameters ),

Tar-xf ~ /Tmp/dislocker.tar.gz-C ~ /Tmp/dislocker -- strip-components = 1

Then you can install it directly,

Cd ~ /Tmp/dislocker
Cmake.
Make
Sudo make install

Automatic installation script

! #/Bin/bash
Sudo zypper in gcc cmake make fuse-devel mbedTLS-devel
# Sudo zypper in gcc cmake make fuse-devel mbedTLS-devel ruby-devel/usr/bin/ruby
Mkdir-p tmp/dislocker
Wget http://www.hsc.fr/ressources/outils/dislocker/download/dislocker-0.5.2.tar.gz-O tmp/dislocker.tar.gz
Tar-xf tmp/dislocker.tar.gz-C tmp/dislocker -- strip-components = 1
Cd tmp/dislocker
Cmake.
Make
Sudo make install

Mount a disk partition encrypted by BitLocker

Insert a disk with a BitLocker encrypted partition and use fdisk to view the disk and partition information. Generally, you can differentiate the partition capacity based on the capacity you are familiar. Of course, you can also use dislocker-find if Ruby is used during installation.

Assume that there is no dislocker-find, and the computer has only one hard disk. Now there is an external mobile hard disk with two partitions, one of which is 500 GB and is encrypted by BitLocker. The disk device uses the/dev/sdX (X is a-z lowercase letter) identifier in openSUSE. Therefore, the built-in ephemeral disk is/dev/sda, and the external mobile hard disk is/dev/sdb.

Sudo fdisk-l
Disk/dev/sdb: 931.5 GiB, 1000170586112 bytes, 1953458176 sectors
Units: sectors of 1*512 = 512 bytes
Sector size (logical/physical): 512 bytes/512 bytes
I/O size (minimum/optimal): 512 bytes/512 bytes
Disklabel type: dos
Disk identifier: 0xd2840axx

Device Boot Start End Sectors Size Id Type
/Dev/sdb1 2048 1048586239 1048584192 500G 7 HPFS/NTFS/exFAT
/Dev/sdb2 1048586240 1953454079 904867840 431.5G 7 HPFS/NTFS/exFAT

The size can be determined as/dev/sdb1, that is, the first partition of/dev/sdb ..

Create an empty folder to hold the dislocker decryption mount point, so as not to use the existing folder disklocker will prompt the warning that the target folder is not empty.

Mkdir/dislocker

Use disklocker to decrypt the partition and use/dislocker as the decryption mount point,

Sudo dislocker-u-V/dev/sdb1 --/disklocker
Enter the user password used for decryption as prompted, instead of the root password. -U indicates that the user password set by the user is used for decryption. You can also use-p to decrypt the data using the recovery password. -V specifies the path of the partition to be decrypted. --/Dislocker: transmits the decryption object to FUSE and uses the/dislocker folder as the Mount point of the decryption file. After decryption, the access path of the object is/dislocker-file.

Then, use the system mount command to mount the decrypted file. Assume that the pre-created mount point is/myencryptdisk.

Sudo mkdir/myencryptdisk
Sudo mount-o loop, rw/zdislocker/dislocker-file/myencryptdisk

In this way, the disk partition is mounted to a read/write folder/myencryptdisk.

It may be because of the relationship between the file browser of the openSUSE, or because this operation was originally performed. After the partition is mounted, it is displayed as a Loop Device in the left sidebar of the Dolphin, instead of the Mount point name myencryptdisk, it is not the volume label of the partition. However, the path in the address bar of doldolphin is correctly displayed as/myencryptdisk.