Support non Bitlocker encryption status

[quinten-lp]

Fleet version: (head to the "My account" page in the Fleet UI or run fleetctl --version)

fleet version 4.35.0

Operating system: (e.g. macOS 11.2.3)

Server : Debian 11 Client : windows 10 pro 22h2

Web browser: (e.g. Chrome 88.0.4324) firefox 102.13.0esr (64 bits)

---

🧑‍💻  Expected behavior

I have installed msi package on my windows host. On the console, for my windows host, fleet tells me the disk is unencrypted. However, my C drive is fully encrypted with veracrypt software.

💥  Actual behavior

I see disk unencrypted instead of crypted.

👣 Reproduction steps

To see if my disk is encrypted, in veracrypt, when I check the properties of c:\, I have this information :

encrypted portion : 100% (fully encrypted)

I have also this informations with verastatus.exe :

.\VeraStatus.exe /sysenc

System Encryption: Yes
Encryption State: Full
Encrypted Portion: 100%
Bootloader version: 1.25
Drive mounted: Yes
Drive encrypted: Yes
Volume Header present: Yes
Hidden System: No
Setup in progress: No
Boot drive size: 512110190592 Bytes
Configured Encrypted Area Start: 658505728
Encrypted Area Start: 658505728
Configured Encrypted Area End: 506991738879
Encrypted Area End: 506991738879

Encryption Algorithm: AES
PKCS-5 PRF: HMAC-SHA-512
Custom PIM used: No
Iterations number: 500000
Data Read Since Mount: 13628766720 Bytes
Data Written Since Mount: 13144926720 Bytes

Also :

.\VeraStatus.exe /sysenc | findstr "State"
Encryption State: Full

More info

I don't know if we can have this informations with another tool like powershell command or wmi command. I will be interested to have disk encrypt information with tool like veracrypt/truecrypt, not just Bitlocker.

[xpkoala]

@quinten-lp Thank you for the suggestion! This does appear to be a feature request and not a bug so we have modified the ticket a bit and have moved it to the product team for evaluation.

[quinten-lp]

Yes, it's not really a bug, thank you for moving this to a feature.