Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Uninstrument boot drive

Created: 09 Nov 2012 | 3 comments
trpropst's picture

I've unencrypted my primary boot drive and want to uninstrument it to remove the pre-boot authentication.

Running pgpwde --uninstrument --disk 0 --passphrase "..." gives me an error reporting "already in use".  Is this because I'm running pgpwde from the disk I'm trying to uninstrument and am booted from?  I'm also the only user reported by pgpwde on this disk.  I believe our IT can recover our passphrases so they must also have a key.

Thanks for any help.

Comments 3 CommentsJump to latest comment

Alex_CST's picture

Has PGP finished unencrypting?  If you unencrypt there won't be any pre-boot authentication left, you will need to wait for the disk to be unencrypted.  

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

PGP_Ben's picture

the drive should have un-instrumented as part of the decryption process. check the decryption progress with pgpwde --status --disk 0

If it shows that the drive is instrumented and there is a highwatermark value in tehre then it hasn't finished decrypting the disk. You can then run:

pgpwde --decrypt --disk 0 -p PASSPHRASE HERE

To finish decrypting the disk

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

trpropst's picture

Thanks for the suggestions.  There is no indication that any encryption is left.  Running the --decrypt command results in "Start decrypt disk completed".

 

The status shows:
>pgpwde --status
Disk 0 is instrumented by bootguard.
  Current key is valid.
Failed login attempt lockout enabled. Max failures=50
Disk status completed