windows 解锁驱动器的 Bitlocker 脚本
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15324758/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Bitlocker script to unlock drive
提问by user2154222
What I am trying to achieve is to create a very small script to unlock my bitlocker drive, using the password, not the recovery password.
我想要实现的是创建一个非常小的脚本来解锁我的 bitlocker 驱动器,使用密码,而不是恢复密码。
There is a Microsoft command for that, which is:
有一个微软命令,它是:
manage-bde -unlock D: -password
where Dis my bit locker drive. If I run this command line it will ask me for the password, and then the drive is properly unlocked.
D我的比特储物柜驱动器在哪里。如果我运行这个命令行,它会要求我输入密码,然后驱动器被正确解锁。
At first I thought about creating a variable to ask for the password to the user, and then use this variable in the above command line, so that the script would look like:
起初我想创建一个变量来向用户询问密码,然后在上面的命令行中使用这个变量,这样脚本看起来像:
set /p pass= what is your pass
manage-bde -unlock D: -password %pass%
The problem is that -passworddoes not seem to accept any argument, would it be the variable, or the password in clear, it will fail.
So, the only way to make it work seems to be an automatic reply to the prompt for the password, with the data in the variable.
But I don't know how to do that. I assume there is an extra command line to add after the manage-dbe...
问题是-password似乎不接受任何参数,无论是变量,还是密码明文,都会失败。因此,使其工作的唯一方法似乎是自动回复密码提示,并使用变量中的数据。但我不知道该怎么做。我假设在manage-dbe...之后添加了一个额外的命令行
My programming skills are quite weak, so any help would be appreciated.
我的编程技能很弱,所以任何帮助将不胜感激。
回答by Konstantinos Goutsos
Kind of late to the party but as mentioned hereyou can easily do this with only a couple of lines, if you don't have any problem using PowerShell:
有点晚了,但正如这里提到的,如果您使用 PowerShell 没有任何问题,只需几行就可以轻松完成此操作:
PS C:\> $SecureString = ConvertTo-SecureString "fjuksAS1337" -AsPlainText -Force
PS C:\> Unlock-BitLocker -MountPoint "E:" -Password $SecureString
回答by dognose
Along with Unlock-BitLockerYou could as well prompt for a secure string, rather than putting it in the script:
与Unlock-BitLockerYou 一起也可以提示输入安全字符串,而不是将其放入脚本中:
$key = Read-Host 'Enter Bitlocker Password!' -AsSecureString
Unlock-Bitlocker -MountPoint "Y:" -Password $key
Unlock-Bitlocker -MountPoint "Z:" -Password $key
回答by churl
Late reply, I know--sorry. But for anyone who wants to do this, no, you do NOThave to use the recovery password. Hard-coding the recovery password like that defeats the entire purpose of using Bitlocker.
迟到的回复,我知道——抱歉。但是,谁想要做到这一点,没有,你就不要需要使用恢复密码。像这样硬编码恢复密码违背了使用 Bitlocker 的全部目的。
I put together a very simple script that works. It does require Administrator privileges (which I will not expound on). There is a way around that using Task Scheduler (schtasks.exe), but I don't feel like getting into that here.
我整理了一个非常简单的脚本。它确实需要管理员权限(我不会详细说明)。有一种使用任务计划程序 (schtasks.exe) 的方法,但我不想在这里讨论。
The script assumes you know which letters you have assigned to Bitlocker volumes. You can make this script a lot fancier by validating the letter entered, and so on.
该脚本假定您知道已分配给 Bitlocker 卷的字母。您可以通过验证输入的字母等来使这个脚本更加漂亮。
Save the code to a file with the .CMD file extension, preferably to a directory in your system or user path. To invoke the script, simply enter [script name] [Bitlocker volume letter]. For example, unlock x. Don't include a trailing semicolon.
将代码保存到文件扩展名为 .CMD 的文件中,最好保存到系统或用户路径中的目录中。要调用脚本,只需输入[script name] [Bitlocker volume letter]. 例如,unlock x。不要包含尾随分号。
Remember, it requires elevation!
请记住,它需要提升!
@echo off & cls
set Volume=%1:
echo.
manage-bde.exe -unlock -password %Volume%
echo. & pause & echo.
:: End of script
回答by Ux is not that complicated
MSFT has probably changed somethings. Here is a code fragment that works for encrypted drives and provides mount point for later use (e.g.- F: or X:)
MSFT 可能已经改变了一些东西。这是一个适用于加密驱动器并提供挂载点供以后使用的代码片段(例如-F: 或 X:)
$pass = Read-Host "Password for $devVHD" -AsSecureString
mount-diskimage -ImagePath $devVHD
$unlckDrive = (Get-BitLockerVolume | where {$_.CapacityGB -eq 0}).mountpoint
Unlock-BitLocker -MountPoint $unlckDrive -Password $pass
回答by Kosilica
Just write this in Notepad and save it as .batfile.
只需将其写在记事本中并将其另存为.bat文件即可。
You can then set up new task in the Task Schedulerto run the script on startup. Don't forget to check the task to be Run as Administrator:
然后,您可以在 中设置新任务以Task Scheduler在启动时运行脚本。不要忘记检查任务以管理员身份运行:
@echo off
manage-bde D: -unlock -recoverypassword XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX
pause
回答by Tinawi
Just make a batch file that looks file below, and add it to your start-up folder. Drive gets unlocked automatically each boot.
只需制作一个看起来像下面文件的批处理文件,并将其添加到您的启动文件夹中。每次启动都会自动解锁驱动器。
Remarks:
评论:
- you have to use the recovery key, and not the password.
- i use this script because my C drive is encrypted with Safeboot (not bitlocker) and a second internal harddrive is protected with bitlocker.
- There's always a risk using this kind of data in a script, even though it's not the real password, and just the recovery key!
- 您必须使用恢复密钥,而不是密码。
- 我使用这个脚本是因为我的 C 驱动器是用 Safeboot(不是 bitlocker)加密的,第二个内部硬盘是用 bitlocker 保护的。
- 在脚本中使用这种数据总是存在风险,即使它不是真正的密码,而只是恢复密钥!
cscript C:\Windows\System32\manage-bde.wsf -unlock d: -recoverypassword 215270-XXXXXX-345807-005038-278652-077022-634964-379346
cscript C:\Windows\System32\manage-bde.wsf -unlock d: -recoverypassword 215270-XXXXXX-345807-005038-278652-077022-634964-379346
回答by Ε Г И ? И О
Go to Control Panel -> Manage Bitlocker and unlock your D drive using your password.
转到控制面板 -> 管理 Bitlocker 并使用您的密码解锁您的 D 驱动器。
Back up your recorvery key to a file. Get the Recovery Key (Ex: 240536-642752-211409-491690-520026-693407-016863-529159) saved in that file.
将您的恢复密钥备份到一个文件。获取保存在该文件中的恢复密钥(例如:240536-642752-211409-491690-520026-693407-016863-529159)。
use the following command to automate the process:
manage-bde -unlock D: -recoverypassword 240536-642752-211409-491690-520026-693407-016863-529159
使用以下命令自动执行该过程:
manage-bde -unlock D: -recoverypassword 240536-642752-211409-491690-520026-693407-016863-529159
回答by floc
use -recoverypassword switch and write your recovery pwd, it works for me ;)
使用 -recoverypassword 开关并写入您的恢复密码,它对我有用;)
EDIT: manage-bde -unlock D: -recoverypassword manage-bde -unlock D: -recoverypassword XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX
编辑: manage-bde -unlock D: -recoverypassword manage-bde -unlock D: -recoverypassword XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX
