BitLocker Drive Encryption is a data protection feature that integrates with the Windows operating system. When activated, it will encrypt the contents of the hard drives in Windows, making the data inaccessible without the correct decryption key. It is designed to minimize the risk of data theft or exposure from lost or stolen computers.
When a user starts their computer and properly authenticates with the correct credentials, BitLocker will decrypt the data and allow seamless usage of the hard drive and the data it contains. Without the correct credentials, the encrypted hard drive data will look like random noise.
BitLocker & Ubuntu installation
If you plan to install Ubuntu side by side with Windows, you need to take into consideration the operational setup on your computer.
If you are not using BitLocker, Ubuntu will be able to see the correct hard drive structure, including any partitions and data stored on it. This allows the guided wizard to correctly map the data, and safely make adjustments to accommodate the additional installation of Ubuntu alongside Windows.
If you are using BitLocker, the hard drive contents will not be accessible, and they will appear as random noise. This means that the Ubuntu installer cannot correctly map data, and the additional installation cannot be safely performed without data loss⌠Additionally, some manufacturers ship systems with BitLocker enabled but the hard drive contents not yet encrypted. In this case the Ubuntu installer will also not be able to correctly map data.
You can:
Cancel the installation of Ubuntu and continue using Windows only.
Decide that the data stored in Windows is not important, and that you are willing to overwrite the data contents. The Ubuntu installer can then erase the entire contents of the hard drive and create its own structure (partitions and data). This is a destructive operation, with no option to recover any Windows data.
Decide to turn BitLocker off. This will turn the encryption feature, and the hard drive and its data will be visible and accessible from the Ubuntu installer, allowing it to correctly and safely set up a side-by-side configuration. For systems with BitLocker enabled but not yet encrypted you will need to first turn BitLocker on and then turn it off.
Turn BitLocker off
If you decide to proceed with the third option, you will need to do the following:
Back your data up - any encryption procedure, hard drive structure change or installation of new operating systems on a hard drive that already contains data can potentially lead to a data loss. You need to make sure your personal data is safe. Even simply copying the important files to an external drive can minimize the risk of data loss.
Quit the Ubuntu installer and reboot the computer into Windows.
In Windows, open Settings > type Manage BitLocker in the search box. Alternatively, open Control Panel > System and Security > BitLocker Drive Encryption.
Ok, I turned off Bitlocker, Waiting for it to finish, seems like it may be a whileâŚanyway, so after I install Ubuntu, will I be able to reinstall bitlocker or will I have to use your version and I presume its works on the windows side? ,
I have a strange behaviour on a Lenovo Yoga-Book. Windows 10 installed, Bitlocker not activated (Windows says, that the drive is waiting to be activated).
Partition in partitionmanager itself is shown to have a bitlocker activatedâŚ
I cannot install Ubuntu 20 with an active bitlocker, but how can I disable a bitlocker that is already disabled???
Reminder: The purpose of this thread is to improve documentation.
Your support questions should be directed to AskUbuntu, UbuntuForums, IRC and other support venues.
âHow do IâŚ?â is a support question
âIt didnât workâ is a support question or a bug report
When you have an answer, please suggest specific improvements to the documentation strings and images here so that others donât need to ask the same questions.
Initially there were two static pages, but they proved to not display well on phones, so we got bug #1874068 and replaced them with redirects here for now.
Yikes! I wasnât expecting to see my scribbly design sketches used in user-facing help pages.
I wonder why those pages are generated from Google Docs (judging by all the .lst-kix_ styles), rather than from these Discourse posts. Many Canonical sites (including ubuntu.com/server/docs and multipass.run/docs) have responsive help pages exported from Discourse posts. But I guess the software doing those exports wonât run on help.ubuntu.com. Iâve made a request for Canonicalâs Web team to investigate how to generate responsive exports on help.ubuntu.com as well.
I ran into this BitLocker issue for the first time and was really bothered with the decrypt/install/re-encrypt approach. As the boot and recovery partitions are not encrypted, I tried a different approach which worked fine. So there is a 4th option! Here it is:
Manage your partitions manually:
On windows, launch the partition manager tool (type âpartitionâ in the search bar and it should show up).
Resize your main Windows partition to leave enough empty space for your ubuntu install (e.g. 128Gb).
Boot on Ubuntu installer disk.
When prompted with the different install choices, choose the option to manually manage your partitions.
Select the free space and create at least one partition (mount as â/â). If you do not know how many and which partitions to create, there are many posts on the subject already.
Install your Ubuntu and enjoy.
The whole process took less than 5mn to setup on my machine. I bet the decrypt is much much longer and generates a lot of unnecessary writes (bad for SSDs). Sadly, the installer is not able to automatically manage an install alongside Windows when there is free space on the disk. It is like it detects BitLocker and redirects to the help message with the link to this page. Hence the only option for now is to manage the partitions manually, which may rebute some usersâŚ
And donât forget to save your BitLocker recovery key somewhere outside encrypted partition. By installing Ubuntu, you end up with 2 ways to boot Windows: 1 is using its EFI loader directly, another is chainloading in Grub. The choice affects PCRs that are being checked during a boot process with BitLocker enabled, so if you always used one way, but decided to use another this time, youâll be prompted to enter the recovery key. The only solution to re-configure the default is a) suspend BitLocker protection in its preferences (affects the next boot only IIRC); b) enter your key to boot the way you want it (via Grub / direct EFI loader) and willing to use further.
Hi, I intend installing Ubuntu on a sata external drive which doesnât have Bitlocker turned on. My main boot disk does have it turned on. I intend dual booting. Do I still need to turn off Bitlocker?
Hi, I have installed both Windows 11 and Ubuntu, and bitlocker was disabled for the installation, but then I enabled it back on after some rebooting to ensure all was working. Works fine with bitlocker enabled.
I had a new PC with similar state. I had to âactivateâ (including saving the safety key), then I could deactivate, then I could proceed with Ubuntu installation.
Thank you for this idea! Worked for me - in part. In case anyone else runs into the situation that they canât access Windows after installing Ubuntu because bitlocker requires their recovery key and like me were lazy and did not back up the key before (and did not upload it into their Microsoft account) - keep calm. For me it worked to go into BIOS and remove Ubuntu from boot options. This seems to have satisfied bitlocker, I could log back into Windows. First thing: back up that bitlocker keyâŚ
TL;DR: before doing this maybe back up your bitlocker key.
This guide is not useful for situations where Microsoft Windows has a virus and the main aim is to avoid running the Windows OS until the virus has been removed (or data recovered).