1

I have an external hard drive that will be partitioned with two partitions, using GPT:

  1. ext4 filesystem on a dm-crypt-encrypted partition
  2. NTFS filesystem on an unencrypted partition

The ext4 filesystem will be mounted only from computers that I control, so I have no concerns about it.

The NTFS filesystem will be mounted by various Windows machines. At least in the past, Windows didn’t support multiple partitions. Does it matter which partition comes first? Is there a way to prevent Windows from offering the user to format the encrypted partition?

Improve this question

1 Answer 1

Reset to default
3

Older Windows versions didn't support multiple partitions on flash drives, but USB disks (HDDs or SSDs) were always fully supported (where by "always" I mean "at least since Windows 7, maybe earlier"). Therefore order of partitions doesn't matter, it will just work.

Windows should ignore the encrypted partition. It will appear as RAW in Disk Management and anybody with administrative privileges will be able to format it. There's no certain way to stop them, because physical access to a device ultimately gives you full control over it. You could try to mitigate it by setting boot and esp flags on the partition. Windows should disable most management options for such partitions in Disk Management.

Improve this answer
2
  • 1
    To be clear, many of the flags such as boot and esp are exclusively a parted/GParted invention and don't exist in other partitioning tools. They internally just cause parted to choose different "partition type GUIDs". With other partitioning tools, selecting a type GUID that's different from Windows' usual "MS Basic Data" is a good start.
    – grawity_u1686
    Commented Feb 17, 2021 at 8:39
  • Sure, if someone really wants to format it, there’s no way to prevent them. I’ll set the correct type GUID and check next time on a Windows computer that it doesn’t show up as an unknown drive.
    – Manuel Jacob
    Commented Feb 17, 2021 at 18:50

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .