Re: [Fed-Talk] Lion FileVault
Re: [Fed-Talk] Lion FileVault
- Subject: Re: [Fed-Talk] Lion FileVault
- From: David Emery <email@hidden>
- Date: Fri, 22 Jul 2011 10:17:24 -0400
Thank you! This pointed me in the right direction for encryption, too:
Disk Utilities -> Erase tab -> Format pop-up
provides the option for "Mac OS Extended (Journaled, Encrypted)" (not sure how I missed this, maybe I wasn't expecting to see it in this location.)
That prompts me for a password to encrypt the drive. I see some interesting status messages before the drive pops up on the desktop. Unlike activating FileVault from System Preferences, I did NOT get that decryption key (digit sequence). So this feels like the older encrypted disk image approach (which is OK). I wonder what encryption algorithm it uses (creating encrypted disk images, at least with Snow Leopard's Disk Utility, allowed me to select between 128 and 256 byte keys.)
More info as I play with this.
dave
On Jul 22, 2011, at 9:42 AM, Trouton, Rich R wrote:
> Dave,
>
> You can decrypt the encrypted partition using a) the passphrase of an user authorized to log into the FileVault 2-encrypted partition or b) the recovery key.
>
> If you've got the passphrase, you can use Disk Utility either in the Recovery HD partition or on another Lion boot disk for to unlock or unencrypt (the options are available in the File menu.)
>
> To use the recovery key, you'd need to open Terminal and run the following:
>
> 1. Get the Logical Volume UUID of the encrypted drive using the "diskutil corestorage list" command. Running that command will give you a listing of all Core Storage volumes.
>
>
> 2. Either unlock or unencrypt the encrypted partition using the following commands:
>
> To unlock: diskutil corestorage unlockVolume UUID_here -passphrase recovery_key_here
>
> To unencrypt: diskutil corestorage revert UUID_here -passphrase recovery_key_here
>
>
> Thanks,
> Rich
>
>
> On Jul 22, 2011, at 9:10 AM, David Emery wrote:
>
>> From: "Rowe, Walter" <email@hidden>
>>> http://www.apple.com/macosx/whats-new/features.html#filevault2
>>>
>>> External drive support
>>> FileVault 2 supports encryption of external USB and FireWire drives.
>>
>> Ok, anyone know -how-? I can see how FileVault would work if the external drive is the boot drive. But so far I have not seen any way to enable File Vault on an external drive using either the Security System Preference or Disk Utility.
>>
>> And that raises a related issue: If you have a FV encrypted (boot) partition (I guess it's right that it's the partition and not the physical device that's encrypted), and you boot from another bootable partition (device), can you decrypt the encrypted partition using the key you got when you created the FV partition? This must be the case, otherwise how would you use the stored key for recovery. I guess I'l have to try that sometime if no one else has checked that out.
>>
>> dave
>> -----
>> David Emery, 703 298 3473 (c) 703 272 7496 (fax)
>> Supporting PdM Software Integration
>>
>>
>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> ---
> Rich Trouton
> email@hidden
>
> JFRC Help Desk
> phone: x4030
> email: email@hidden
>
> The best way to get in touch with me is through email.
>
-----
David Emery, 703 298 3473 (c) 703 272 7496 (fax)
Supporting PdM Software Integration
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden