解决一些笔记本电脑更换主板后的问题

背景

电脑接3D打印机调试被反噬了，干炸CPU后更换主板

问题

BitLocker 正在加密

电脑有两个硬盘，维修前我取了一个装有资料的出来，剩下一块硬盘在不知道售后维修时进行了什么操作，给我硬盘挂了两把锁

Snipaste_2026-02-01_21-16-36.jpg

“正在加密”但旁边的按钮显示“启用”，还没有取消键

在终端里输入manage-bde -status可以查看加密状态

Snipaste_2026-02-01_21-21-51.jpg

输入manage-bde -off {盘符}:停止加密

Snipaste_2026-02-01_21-22-18.jpg

Tailscale 无法启动

始终处于Starting..或Needs authentication状态，登录依旧卡住

Snipaste_2026-02-02_14-38-34.jpg

Snipaste_2026-02-02_14-51-11.jpg

手动启动服务进程查看输出：

PS C:\Users\thun888> tailscaled
TPM: successfully read all properties
...
store.New failed: failed to migrate existing TPM-sealed state file to plaintext format: newTPMStore("C:\\ProgramData\\Tailscale\\server-state.conf"): failed to unseal state file: failed to unseal encryption key with TPM: tpm2.Load: TPM_RC_INTEGRITY (handle 0): integrity check failed; starting with in-memory store with a health warning
logpolicy: using dir C:\ProgramData\Tailscale
linkChange: in state NoState; PAC or proxyConfig changed; updating routes
got LocalBackend in 1.632s
Start
desktop-sessions: registered for session notifications
ipnext: active extensions: desktop-sessions, conn25, portlist, posture, clientupdate, relayserver, taildrop, auditlog
Start: serverMode=false
auditlog: created
auditlog: [unexpected] failed to restore logs: empty key
Backend: logs: be:d610ce8d98f125b70fd624b1f33f9d34cd1695c1d28675d6bcca7f2a666aff83 fe:
health(warnable=wantrunning-false): error: Tailscale is stopped.
pm: failed to migrate from legacy preferences: load legacy prefs: profile migration already completed
client connected (THUN888-LAPTOP\thun888): disconnecting Tailscale
Start
control: client.Shutdown ...
control: authRoutine: exiting
auditlog: stopped for profileID:
control: updateRoutine: exiting
control: mapRoutine: exiting
Start: serverMode=false
control: Client.Shutdown done.
auditlog: created
auditlog: [unexpected] failed to restore logs: empty key
Backend: logs: be:................................................. fe:
client disconnected (THUN888-LAPTOP\thun888): disconnecting Tailscale
Start
control: client.Shutdown ...
auditlog: stopped for profileID:
control: mapRoutine: exiting
control: authRoutine: exiting
control: updateRoutine: exiting
control: Client.Shutdown done.
Start: serverMode=false
auditlog: created
auditlog: [unexpected] failed to restore logs: empty key
Backend: logs: be:...................................................... fe:
pm: failed to migrate from legacy preferences: load legacy prefs: profile migration already completed
client connected (THUN888-LAPTOP\thun888): disconnecting Tailscale
Start
control: client.Shutdown ...
auditlog: stopped for profileID:
Start: serverMode=false
control: updateRoutine: exiting
control: mapRoutine: exiting
auditlog: created
auditlog: [unexpected] failed to restore logs: empty key
Backend: logs: be:..................................................... fe:
control: authRoutine: exiting
client disconnected (THUN888-LAPTOP\thun888): disconnecting Tailscale
control: Client.Shutdown done.
control: client.Shutdown ...
auditlog: stopped for profileID:
control: authRoutine: exiting
Start
[RATELIMIT] format("Start")
control: mapRoutine: exiting
control: updateRoutine: exiting
[RATELIMIT] format("[v\x00JSON]%d%s")
Start: serverMode=false
[RATELIMIT] format("Start: serverMode=%v")
control: Client.Shutdown done.
auditlog: created
[RATELIMIT] format("auditlog: created")
auditlog: [unexpected] failed to restore logs: empty key
[RATELIMIT] format("auditlog: [unexpected] failed to restore logs: %v")
Backend: logs: be:d610ce8d98f125b70fd624b1f33f9d34cd1695c1d28675d6bcca7f2a666aff83 fe:
[RATELIMIT] format("Backend: logs: be:%v fe:%v")
pm: failed to migrate from legacy preferences: load legacy prefs: profile migration already completed
client connected (THUN888-LAPTOP\thun888): disconnecting Tailscale
[RATELIMIT] format("%s: disconnecting Tailscale")
control: client.Shutdown ...
[RATELIMIT] format("control: client.Shutdown ...")
control: authRoutine: exiting
[RATELIMIT] format("control: authRoutine: exiting")
control: updateRoutine: exiting
[RATELIMIT] format("control: updateRoutine: exiting")
control: mapRoutine: exiting
[RATELIMIT] format("control: mapRoutine: exiting")
auditlog: stopped for profileID:
[RATELIMIT] format("auditlog: stopped for profileID: %v")
control: Client.Shutdown done.
[RATELIMIT] format("control: Client.Shutdown done.")
...

从这里可见密钥解密失败

store.New failed: failed to migrate existing TPM-sealed state file to plaintext format: newTPMStore("C:\\ProgramData\\Tailscale\\server-state.conf"): failed to unseal state file: failed to unseal encryption key with TPM: tpm2.Load: TPM_RC_INTEGRITY (handle 0): integrity check failed; starting with in-memory store with a health warning

密钥是使用TPM加密的，更换主板后集成的TPM模块发生变化，自然无法解密了

清除C:\ProgramData\Tailscale\目录后重启tailscaled服务，重新登录即可

杂项

其实问题还是挺多的，不过好在直接砸脸上，没有那么隐蔽。一开机就是Windows Hello失效，PIN、指纹和通行密钥都要重新设置，工作账户（E5订阅）重新登录，系统也要激活，机哥的控制中心的各个功能要切换一下才能同步状态

而且我是双系统（Windows 11 + Ubuntu），并且用GRUB管理，所以需要设置Ubuntu为UEFI启动首选项

IMG_20260201_213854.jpg

IMG_20260201_213857.jpg

同时由于MT7922的蓝牙在Ubuntu下有问题，我之前手动打了这个补丁后编译了内核，没有签名，还需要关闭安全启动，不然就会报错“无效的shim签名&您需要先加载内核”

最后

电脑烧的时候倒不是很慌，换主板和USB小板共1100，找老师报销就完了。真正担心的是我数据，一堆代码都在本地，比如出事当天刚给组里写了两个模块都没推送。搞好上面的问题后火速装了syncthing同步到两台服务器上。

不过同步之前要配置“忽略模式”去掉依赖等可重新构建的文件，这里放一份让AI概括的版本：

.stignore

// ------------------------------------------------
// 1. 系统与元数据 (System & Metadata)
// ------------------------------------------------
// Windows
Thumbs.db
desktop.ini
$RECYCLE.BIN
System Volume Information

// macOS
.DS_Store
.AppleDouble
.LSOverride
._*
.Trashes
.fseventsd

// Synology / QNAP NAS
@eaDir
.nomedia

// ------------------------------------------------
// 2. 版本控制 (Version Control)
// ------------------------------------------------
// 注意：Syncthing 同步 .git 目录容易导致仓库损坏，
// 建议忽略 .git，只同步工作区文件。
.git
.gitignore
.gitattributes
.gitmodules
.svn

// ------------------------------------------------
// 3. 临时文件与日志 (Temp & Logs)
// ------------------------------------------------
*.log
*.tmp
*.bak
*.cache
*.swp
*.swo
*~
logs/
tmp/
temp/
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
.eslintcache

// ------------------------------------------------
// 4. IDE 与 编辑器配置 (IDE / Editors)
// ------------------------------------------------
// 避免不同设备间的路径配置冲突
.vscode/
.idea/
*.iml
*.ipr
*.iws
.settings/
.project
.classpath

// ------------------------------------------------
// 5. Node.js / 前端开发 (Node & Frontend)
// ------------------------------------------------
**/node_modules/
bower_components/
jspm_packages/
.npm
.yarn

// 构建产物 (Build Artifacts)
**/dist/
**/build/
out/
target/
.output/
.storybook-out/

// 框架特定缓存
.next/
.nuxt/
.vite/
.cache-loader/

// ------------------------------------------------
// 6. Python / Django
// ------------------------------------------------
__pycache__/
*.pyc
*.pyo
*.pyd
venv/
.venv/
env/
ENV/
.pytest_cache/
.coverage
htmlcov/
*.egg-info/
.mypy_cache/

// Django 静态文件与媒体 (根据需求调整)
staticfiles/
// media/  <-- 媒体文件通常建议同步，如果不需要请取消注释

// ------------------------------------------------
// 7. Java / JVM
// ------------------------------------------------
*.class
*.jar
*.war
*.ear
.gradle/
.mvn/

// ------------------------------------------------
// 8. PHP / Laravel
// ------------------------------------------------
vendor/
storage/framework/cache/
storage/framework/sessions/
storage/framework/views/
storage/logs/
.phpunit.result.cache

// ------------------------------------------------
// 9. Docker & 数据库 (Docker & Databases)
// ------------------------------------------------
docker-data/
docker-volumes/
*.pid
*.sock
db.sqlite3
*.db
*.sqlitedb

(?size > 1024M)

现在想想，果然事教人一教就会
之前想着体积太大了不好像其他资料一样全量备份，数量太多也不好像照片一样增量备份到云服务商。用syncthing备份到自己服务器上就两全其美了

btw，机哥新开机动画挺好看的