File Share Encryption

 View Only

  • 1.  Uninstrument boot drive

    Posted Nov 09, 2012 11:30 AM

    I've unencrypted my primary boot drive and want to uninstrument it to remove the pre-boot authentication.

    Running pgpwde --uninstrument --disk 0 --passphrase "..." gives me an error reporting "already in use".  Is this because I'm running pgpwde from the disk I'm trying to uninstrument and am booted from?  I'm also the only user reported by pgpwde on this disk.  I believe our IT can recover our passphrases so they must also have a key.

    Thanks for any help.



  • 2.  RE: Uninstrument boot drive

    Posted Nov 12, 2012 04:23 AM

    Has PGP finished unencrypting?  If you unencrypt there won't be any pre-boot authentication left, you will need to wait for the disk to be unencrypted.  



  • 3.  RE: Uninstrument boot drive

    Posted Nov 12, 2012 12:34 PM

    the drive should have un-instrumented as part of the decryption process. check the decryption progress with pgpwde --status --disk 0

    If it shows that the drive is instrumented and there is a highwatermark value in tehre then it hasn't finished decrypting the disk. You can then run:

    pgpwde --decrypt --disk 0 -p PASSPHRASE HERE

    To finish decrypting the disk



  • 4.  RE: Uninstrument boot drive

    Posted Nov 19, 2012 02:32 PM

    Thanks for the suggestions.  There is no indication that any encryption is left.  Running the --decrypt command results in "Start decrypt disk completed".

     

    The status shows:
    >pgpwde --status
    Disk 0 is instrumented by bootguard.
      Current key is valid.
    Failed login attempt lockout enabled. Max failures=50
    Disk status completed