Reconciling BitLocker and GRUB2 RRS feed

  • Question

  • I have a Surface Pro 3, primarily running Windows 10 with dual-boot Ubuntu. My C: drive on Windows is fully encrypted by BitLocker and full protection is enabled along with Secure Boot. 

    During the installation of Ubuntu, I partitioned the disk, choose "Something else" during set up, and installed Ubuntu on the freed part of the disk. Naturally, GRUB bootloader was installed. 

    Upon turning on the laptop, I see the GRUB menu, where there is an entry for Ubuntu and one for Windows 10. Ubuntu one works fine. However, when I select Windows 10, it says "Preparing BitLocker Recovery" and takes me to a blue screen asking for my recovery code. I enter the code and restart the computer; if I select Windows 10 from GRUB menu, I again go to BitLocker recovery. This is an endless loop that never results in booting Windows 10. The fix--disable encryption and everything works.

    I did some research and it seems that Windows bootloader doesn't trust GRUB as a secure mean of booting so naturally it prevents boot and asks for the key; and since GRUB always comes before Windows bootloader, I end up in a loop.

    I wonder, is it possible to have BitLocker enabled and my C: drive fully encrypted as normal while making it work with GRUB? In an ideal situation, I like to keep my device encrypted and protected, while still being able to boot normally from GRUB menu. 

    Tuesday, January 29, 2019 12:40 AM

All replies