Decrypting Bitlocker partiiton

I just installed Fedora 35 alongside Windows 11 and am trying to mount the “C:” drive that on Linux is /dev/nvmen10p3. I’m trying with Disks and it asks for the passphrase which I don’t have. I do have the recovery code though and this is what I was using on my previous Linux distro with dislocker.

I want to mount this partition when the system boots and in the past I had used two entries in fstab to achieve this. However, if I’m not able to decrypt manually, I doubt it will be possible to do so from fstab.

I’m trying to run the following command:

sudo dislocker /dev/nvme0n1p3 -pxxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx -- /mnt/OS

but I’m getting the following error:

[CRITICAL] No BitLocker volume path given. Abort.
free(): double free detected in tcache 2

I’m sure the partition is the correct one.

Any clues on what I’m doing wrong?

Is the windows partition actually locked with bitlocker?

If not then you should be able to mount it with the command sudo mount -t ntfs /dev/nvme0n1p3 /mnt/OS.
That message seems to indicate that either the command line structure is incorrect or the partition is not actually locked.

I don’t use bitlocker in any form but the message seems clear.

1 Like

Gnome Disks shows the partition as encrypted.

You can use the recovery passphrase, just copy it in the passphrase entry when prompted.

You can also use cryptsetup directly with the recovery key saved in a key file (this needs to be a file with just the recovery passphrase without trailing newline, the recovery key file from Windows won’t work).

sudo cryptsetup bitlkOpen /dev/nvme0n1p3 <name> --key-file <file>

and then mount the ntfs filesystem “inside” using mount

sudo mount /dev/mapper/<name> /mnt/OS

This worked perfectly. Now I wish to make this drive mount on every boot. How do I do this? How to include this drive in fstab?

I tried using this guide as inspiration by creating the /etc/crypttab file and add the following line:

nvme0n1p3 /dev/disk/by-uuid/<UUID-from-blkid> /home/user/<file containing recovery key> bitlkOpen

and then adding the following line to /etc/fstab:

/dev/mapper/nvme0n1p3 /mnt/OS auto defaults

I ended up in emergency mode after rebooting with both commands stuck and had to reverse the commands.

I tried modifying the files as follows:

Windows UUID=<UUID-from-blkid> /home/user/<file containing recovery key> bitlk


/dev/mapper/Windows /mnt/OS auto defaults

When I tried sudo mount -a I got the following error:

mount: /mnt/OS: special device /dev/mapper/Windows does not exist.

Any ideas what am I doing wrong?

You can’t use UUID for BitLocker in /etc/crypttab because blkid doesn’t support parsing BitLocker UUID. You can use PARTUUID=, you can use sudo blkid -p /dev/nvme0n1p3 to get it (it’s called PART_ENTRY_UUID in blkid output). This is how it looks on my system with a BitLocker USB flash drive I use for testing:

$ sudo blkid -p /dev/sdb1

$ sudo tail -1 /etc/crypttab
bitlocker PARTUUID=b999ce8b-01 /home/vojta/bitlk-keyfile bitlk

Your /etc/fstab entry looks good, but for future testing I’d recommend adding the nofail option – without it the system won’t boot if the device doesn’t exist (it’s also handy for removable devices).

1 Like

Glad you got your solution, could you pick the actual comment that was the solution so others experiencing this same task can find the solution too?

Changing the UUID with PARTUUID solved the problem. Partition is mounting at boot. Thanks.

So in summary:

  1. Get the partition’s PARTUUID with sudo blkid -p /dev/<partition>
  2. Run sudo nano /etc/crypttab and add a line with
label PARTUUID=<your_part_uuid_here> <path_to_key_file_here> bitlk
  1. Edit /etc/fstab adding a line
/dev/mapper/label <mount_point_here>  ntfs defaults,nofail
  1. Test with sudo mount -a

Hi Entodo

Is your “fast startup” in windows11 ON or OFF?

It is off.