1

Cheers folks. I have a question RE Hyper-V guest operating system accessing a physical hard drive from the host, and using BitLocker drive encryption.

Currently, I have a linux VM that has a bunch of database data on it, and I'd like to pull that data off onto an external hard drive that I have directly plugged into the Hyper-V host backplane. The drive does show up in the host Windows OS, and I was able to configure BitLocker encryption on the physical drive with "Password Protector - Password" as the protection mode. Alas, in order to attach this physical drive to the VM in pass-thru mode, the disk needs to be offline and when that happens the drive becomes BitLocker locked.

In addition to BitLocker protecting a Hyper-V guest non-boot drive, I also need to format this drive in a way that the Linux OS and a Windows host will be able to read. Before I continue further down this path I need to know: Does BitLocker work on non-NTFS formatted hard drives? Would it work on a Fat32 filesystem drive or even a ext4 filesystem?

Cheers, SAM

maloitpro
  • 41
  • 4
  • Have you tried unlocking the drive in the Linux guest? – Michael Hampton Feb 07 '19 at 00:10
  • You might be able to get something to work (https://superuser.com/questions/376533/how-to-access-a-bitlocker-encrypted-drive-in-linux). It doesn't seem like a great idea though. Why directly mount in the VM? Why can't you just smbmount to the hypervisor from your VM and transfer the files via SMB? Or maybe put a VHD on the external drive and temporarily attach that VHD to your VM? – Zoredache Feb 07 '19 at 00:25
  • @Zoredache thanks for input. Cannot mount to hypervisor and share via SMB. This is in a production environment where the infrastructure is segmented from the VM guest, via VLAN, L3 net masking, and stateful firewall rules. We will not allow the guest VM access to any filesystem on the hypervisor. I could go the VHD route, but the idea is to allow a simple laptop to plug into the external drive to gather the files - and I will assume that laptop nor its user will have the ability to mount a VHD file. – maloitpro Feb 07 '19 at 16:08
  • @MichaelHampton I have not, I guess I wasn't aware if the Linux OS could utilize BitLocker. Is there a package that allows that? Perhaps one that also bundles NTFS support? – maloitpro Feb 07 '19 at 16:10
  • Linux has handled NTFS quite well for a long time, and there are packages which understand BitLocker (e.g. dislocker). – Michael Hampton Feb 07 '19 at 17:17
  • It doesn't make any sense to make BitLocker protection drive for Linux VM. BitLocker encrypting volumes, not the entire drive. So, you can pass through it to VM (if needed) and use Linux-based encryption -> LUKS (https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup) – batistuta09 Feb 08 '19 at 12:13

0 Answers0