I regularly consolidate my disk drives to higher capacities as they are available to reduce the complexity managing many controllers, so I’ll often have to wipe the drives before I sell them (trade up). Often they are sold at very little moment’s notice, sanitizing the data might take too long. I learned that if I encrypt my data drives, I don’t really have to do much other than just clearing out the partition before I sell them, and there’s little performance penalty for Bitlocker in modern hardware.
Right now dislocker (Linux version of bitlocker) does not have a GUI to automatically unlock and mount the encrypted drives. Here’s the script that has the form “BL_{drive name}.sh” that will unencrypt the device and mount it and at the same time creating the script in the same folder to unwind (unmount & lock) the drive.
#!/bin/bash # Extracting partition name from file name (BL_*.sh) FN_base="$(basename -- $0)" FN_bare="${FN_base%.*}" partition=${FN_bare/BL_/} # TODO: Check with /dev to make sure it's legit echo $partition dev_partition="/dev/$partition" # Unlock the device into a raw image 'file' path_raw="/media/dislocker/raw_$partition" sudo mkdir -p $path_raw file_raw="$path_raw/dislocker-file" sudo dislocker $dev_partition -u -- $path_raw # Mount the image file as a disk path_mount="/media/dislocker/mount_$partition" sudo mkdir -p $path_mount sudo mount -o loop $file_raw $path_mount # Build wind down file script_unwind="unwind_$partition.sh" # Leave /media/dislocker there for isolation echo "#!/bin/bash" > $script_unwind echo "sudo umount $path_mount">> $script_unwind echo "sudo rmdir $path_mount" >> $script_unwind # Note that the website is wrong. umount the path, not the dislocker-file echo "sudo umount $path_raw" >> $script_unwind echo "sudo rmdir $path_raw" >> $script_unwind # Make sure the "$0" is literal including the $ sign or it will # delete this file instead of the unwind_sd*.sh file echo "sudo rm -- \"\$0\"" >> $script_unwind chmod +x $script_unwind
434 total views, 1 views today