Unlocking Encrypted Volumes?

Similar Messages

• Prevent Lion from automatically trying to mount Filevault 2 encrypted volume at startup?

  Here's what I'm trying to accomplish: I need two separate partitions, one encrypted with Filevault 2 as a primary working partition, and a second token partition as a "decoy" of sorts, containing a pretty stock install and set as the default boot volume with automatic Guest account log on.  In other words, you turn on the computer and it boots to a guaranteed sterile clean desktop.  An unsophisticated snoop thinks that's all there is.  A more-sophisticated snoop may notice that there's a second (encrypted) volume, but can't access anything without the password.
  So I did a clean install of Lion, filling the entire SSD, and then used Disk Utility to shrink the main partition and create a 14 GB secondary partition.  I then encrypted the main partition with Filevault 2 from within that logon.  Then I rebooted from the clean install USB drive and installed a second instance of Lion on the secondary partition, set up the Guest account, and then set it for auto log on.
  So far so good, however, every time I boot into what is supposed to be—to the casual observer anyway—the "decoy" OS, it helpfully throws up a big dialog box stating "Enter a password to unlock the disk '<Your Super-Secret Volume Name Here>'." which I then have to cancel.  This is hardly helpful in disguising the fact that there is another partition on the SSD.
  I've looked all over Finder's preferences and the System Preferences for a way to make this stop, but I can't seem to figure it out.  Anybody know how to keep Lion from helpfully trying to mount encrypted volumes when it loads?
  Thanks!

  FYI, similar discusion here: http://discussions.apple.com/message/15744942
  This is more of a workaround than a solution, but I ended up installing Snow Leopard to the "decoy" partition.  It has no idea what to do with the encrypted partition, so it doesn't ask.  Good enough for now I guess, but it would be nice if Apple made this configurable.

• [Solved] Clone existing arch system onto dm-crypt encrypted volume

  Hi all,
  I've been playing around with full disk encryption using dm-crypt and luks, and have it working pretty well on a spare harddrive. I don't want to go through the process of re-customizing a full install again, so I was wondering if it's possible to clone my / partition from my current install to an encrypted disk?
  My end goal is to have my /boot partition on a USB thumb drive and a giant encrypted volume for the rest of the / partition (including /home).
  My current drive has a / partition and a separate /home partition.
  I'm imagining something like this:
  Set up the whole new drive as an encrypted volume, unlock it with cryptsetup and map it to /dev/mapper/root
  dd if=/dev/myOldDisk/rootPartition of=/dev/mapper/root
  delete the encrypted /boot (it came over from OldDisk but I don't want it on the new encrypted disk).
  Copy files from old home to encrypted disk's /home folder.
  Would that work? Or am I better off just copying files over from my old / folder rather than using dd?
  I appreciate any input you've got!
  -Lefty
  Last edited by LeftyAce (2014-01-06 22:41:14)

  LeftyAce wrote:Set up the whole new drive as an encrypted volume, unlock it with cryptsetup and map it to /dev/mapper/root
  dd if=/dev/myOldDisk/rootPartition of=/dev/mapper/root
  +1 to dodo3773's suggestion to use rsync, the above dd would create garbage anyway. You could dd an encrypted partition to another empty one (on the new drive), but creating and mapping a new encrypted volume first will result in a fresh encryption key. The garbage occurs since your command clones encrypted bytes incl. the old encryption header to a transparent (non-encrypted) mapper. A bit more info here.

• Can't mount (CoreStorage) encrypted volume anymore

  Hi,
  I use the following setup:
  SSD: System
  Internal HDD: Data (Documents, Music, etc.)
  Both disks are encrypted via the Core Storage utility.
  It seems I can't mount the "Data" disk anymore.
  I wanted to download a random pdf which failed. ("Downloads Folder" is on "Data" Volume) Restarted the machine and now all aliased folders which refer to the "Data" volume have a question mark overlay rendered on their icon.
  It's not possible to mount/unlock the "Data" disk through disk utility a. The "Data" volume is, according to DiskUtility quite full (only 16MB left). I have the suspicion that this small amount of space left in combination with the encryption causes some trouble.
  What to do?
  +-- Logical Volume Group 5898542B-F53F-46A6-B529-C31152081292
  =========================================================
  Name: Data
  Status: Online
  Size: 499763888128 B (499.8 GB)
  Free Space: 16777216 B (16.8 MB)
  |
  +-< Physical Volume C6AAFA40-7F30-40C3-BC1E-A71A3C3DA757
  | ----------------------------------------------------
  | Index: 0
  | Disk: disk2s2
  | Status: Online
  | Size: 499763888128 B (499.8 GB)
  |
  +-> Logical Volume Family 77CFA80C-6CEA-4FA5-8855-567C90FD2513
    Encryption Status: Unlocked
    Encryption Type: AES-XTS
    Conversion Status: Complete
    Conversion Direction: -none-
    Has Encrypted Extents: Yes
    Fully Secure: Yes
    Passphrase Required: Yes
    |
    +-> Logical Volume E2DB4126-C04C-4AE1-B1AC-CDFF0218D537
    Disk: disk3
    Status: Online
    Size (Total): 499428339712 B (499.4 GB)
    Conversion Progress: -none-
    Revertible: Yes (unlock and decryption required)
    LV Name: Data
    Volume Name: Data
    Content Hint: Apple_HFS

  Your unsupported hardware configuration may be causing the problem. The optical bay wasn't designed to take either an SSD or an HD.

• How to unlock the volume control

  how do you unlock the volume control if you do not have a code to enter?

  Restore it in iTunes

• Password on encrypted volume not being "forgotten"

  I've set up an encrypted disk image (sparsebundle) and written a short bash script to simulate the old-style FileVault (to protect just a single account.)  It uses a folder within the encrypted volume as the home folder of an account that I use for sensitive information.  While it took a little while to get the permissions/ownership right on the volume and image, it works fine.  The other tricky part was that I have the script close the volume after it detects the account has been logged out -- I discovered I needed to wait a while for the logout to complete before closing the volume (otherwise it seemed like the system was trying to read or write from the volume even after "who" showed the account was logged out, and so it created a new home directory that confuses things.)  Now, the "problem" I have is this.  The first time the script opens the encrypted volume the system of course asks for the password.  Thereafter unless I reboot (logging in and out of the non-protected account I start the script from doesn't help) and possibly after a *long* time, tthe system seems to be remembering the password to the file -- on subsequent uses of the script the volume is opened without me being asked for the password.  I have examined carefully what I do when entering the password to make sure it's not saved in the keychain -- and indeed it isn't (verified by looking at the keychain).  Does anyone have any idea where the system (presumably the Finder) is saving the password and how to get it to "forget" it?  (I just realized I haven't checked to see if the password is "remembered" system-wide or just in the un-protected account.)  I've looked in both the system and account set of caches and nothing is obvious (all the finder cached data is in a single database, presumably in some obscure format.)
  Ted Lee
  Minnetonka, MN

  Some more experiments.  Since I was using the encrypted image to simulate FileVault, I put the image in the /User directory (which is where the old FileVault put its image for an account.)  This time I created another encrypted sparsebundle in a directory on my desktop -- the system did *not* remember the password for it (I had to enter it each time I opened it.)   More interestingly, diskutil *knew* about and remembered the image I'd put in /Users, but not the one on my desktop.  Diskutil even said that the volume inside it was an unmounted (encrypted) partition.   So it appears the system is "remembering" images that are in the /User directory -- I have no idea if there are other directories (say, /Library) where it would be remembered too.  But the "memory" has something to do with the live system -- since if I restart, the "memory" is lost.  Whether it is kept in some none-obvious place in the file system that disappears on shutdown or restart or just in virtual memory I of course don't know.

• Btrfs and encrypted volumes

  I suppose this is a rather complicated question, but hopefully i can word it well enough:
  If i have a btrfs volume on an encrypted partition (using dm-crypt/luks), and i want to expand it to another physical drive, would i need to setup an encrypted volume on the second drive as well, or would the first volume's encryption apply to the 2 (once i've run btrfs-vol -b).
  More precicesly should i run "btrfs-vol -a /dev/mapper/encrypted-vol2 /media/foo" or would "btrfs-vol -a /dev/sdc1 /media/foo" be better.
  I've already attempted doing so with both partitions encrypted, which results in a significant amount of CPU usage required to access the drives and potentially might slow things down more then needed. I'd like to know if doing it on an unencrypted partition would work while still maintaining the encryption.

  I have no specific knowledge about btrfs, but with my understanding of how device mapper works in general, I would say you would find yourself with some files being encrypted and some files not.
  The filesystem is just seeing an underlying block device, there's no difference for it between accessing a 'raw' block device (like a partition) and a device-mapper block device (like an encrypted partition). I doubt btrfs does any extensive check on the nature of the block device before using it, because that wouldn't be really portable.

• Unable to unlock encrypted disk images created with Snow Leopard using Lion

  Anyone else unable to unlock encrypted disk images created with Leopard and Snow Leopard with Lion?  I know that they made changes with the release of FileVault 2 on Lion and Snow Leopard cannot use Lion encrypted disks but I thought it was backwards compatible where Lion should still be able to work with Snow Leopard created images (it was in the pre-release versions of Lion).
  When attempting to mount an encrypted disk image created with Snow Leopard on Lion the normal password prompt appears but then just reappears every time the password is entered and does not unlock and mount the image.  I'm positive the correct password is being entered and it works just fine when done on a machine running Snow Leopard.

  Not in cases when the computer successfully boots to one OS but produces three beeps when an attempt is made to boot it to another. If it really was a RAM problem that serious, the computer wouldn't get as far as checking the OS version, and it has no problems booting Lion. In the event of a minor RAM problem, it wouldn't produce three beeps like that at all.
  (67955)

• Unlock Multiple Encrypted Volumes at Boot w/One Password?

  I've set up my system to encrypt my /home and other data partitions (on two different hard drives), using LUKS and dm-crypt, but did not want to encrypt my root partition.
  This has created the problem that if I want to store keyfiles to unlock the encrypted partitions and only have to enter a password once at boot, there is no encrypted partition to securely store the keyfiles on. (I don't want to use a USB key.) The problem seems to be that at the point that the system asks for the password to the first listed encrypted partition in /etc/crypttab it only unlocks that partition, but does not seem to mount it yet, so I can't store the keyfiles for the other encrypted partitions there.
  I found this post (https://bbs.archlinux.org/viewtopic.php … 98#p523098) that suggests a way to store the keys in an encrypted loop partition partition stored on the root partition, then mount it with a modified version of rc.sysinit that executes a couple other scripts.
  My difficulty with this solution is that I'm an end user and patching rc.sysint, creating the scripts, etc., is a little beyond me. I don't know how to do the patching. I don't really know how to create scripts. (Although I'm trying to figure it out.)
  So I'm wondering if this is really the simplest solution, if I don't have an encrypted root partition? Thanks for any help.

  I've set up my system to encrypt my /home and other data partitions (on two different hard drives), using LUKS and dm-crypt, but did not want to encrypt my root partition.
  This has created the problem that if I want to store keyfiles to unlock the encrypted partitions and only have to enter a password once at boot, there is no encrypted partition to securely store the keyfiles on. (I don't want to use a USB key.) The problem seems to be that at the point that the system asks for the password to the first listed encrypted partition in /etc/crypttab it only unlocks that partition, but does not seem to mount it yet, so I can't store the keyfiles for the other encrypted partitions there.
  I found this post (https://bbs.archlinux.org/viewtopic.php … 98#p523098) that suggests a way to store the keys in an encrypted loop partition partition stored on the root partition, then mount it with a modified version of rc.sysinit that executes a couple other scripts.
  My difficulty with this solution is that I'm an end user and patching rc.sysint, creating the scripts, etc., is a little beyond me. I don't know how to do the patching. I don't really know how to create scripts. (Although I'm trying to figure it out.)
  So I'm wondering if this is really the simplest solution, if I don't have an encrypted root partition? Thanks for any help.

• How to unlock iPhone 5 backup, iPhone backup password unlocker, unlock encrypted iPhone 5 backup

  how to unlock iphone 5 backup ?

  If the backup is encrypted and you don't know the password, then there's no way to access the backup.

• Hacking systemd and encrypted volumes

  I am slowly migrating my system over to partitions encrypted with dm-crypt/LUKS. I am working on /var now. I would like to have the keyfile for /var created each time during boot based off my specific hardware and stored to /tmp (the exact same keyfile would be created each time since my hardware will not be changing). /var would automatically unlock from this keyfile. The idea is that, unless someone has my login credentials they will not be able to read /var while my computer is on. If someone tries to read the hard drive in another computer, they will never find the keyfile. And if the thief is smart enough to know what's going on, they will have a hard time figuring out how the keyfile is created.
  So, I'm thinking I need a boot order as follows:
  Mount / and /tmp
  Create keyfile
  Mount /var
  Delete keyfile from /tmp
  Continue with rest of boot
  Is it possible to hack systemd to do this? Any tips on how to do it? I can write a shell script to create the file and mount /var (since /etc/fstab would have already been read) but I'm not sure how to make it run at the right time in systemd.

  Why would someone steal your hard drive and not your computer? Hard drives aren't that valuable. And if they stole your computer, and your root wasn't encrypted, they would be able to figure out how to decrypt your /var fairly easily. If your root is encrypted, then any old keyfile would work, as they couldn't access it unless they decrypted your root. So your scheme would only work in the odd scenario where a person steals your hard drive and not your computer. Taking out your hard drive would take a decent amount of time; it wouldn't just be a snatch and grab. So if a thief is going to take that much time to steal your hard drive only (leaving your computer behind), then they would probably have enough time to use a livecd to check if your hard drive is encrypted, and how. If your root is encrypted, they might do the evil maid attack. And if a person invests THAT much time into stealing your data, they would probably check to see if they could decrypt the rest of your data before they yanked your drives and ran.
  Honestly, I don't think your scheme would secure your system any more than a basic full disk encryption would. There is a far better chance of an attack coming from the net than someone trying to break your encryption. Your encryption can't stop those attacks.

• AI install on a Mac encrypted volume

  My HD is encrypted with Filevault and the trial CC demo of Illustrator refuses to install there.
  Is there anyway around the problem ?
  I've tried to create a second partition but since the whole volume is encrypted it won't change anything. Besides, there is no way to select the target partition at intall even if a number of partitions are mounted...
  Jean-Christophe Helary

  If it's a retail OS, yes. There are no Mac Pro G5s.
  (51931)

• Fedora encrypted volumes?

  Hi,
  A friend of mine installed Fedora 10 yesterday and he had the opportunity to choose if we wanted an encrypted file-system or not.
  Just out of curiosity, what kind of encryption is this and how safe/secure is this?

  About the same in terms of brute strength, if you assume they all use similar algorithms and hashes (AES, SHA, etc.). Compare features instead. TrueCrypt is very inflexible, but offers very nice plausible deniability features (hidden volumes, etc.). LUKS is much more flexible than TrueCrypt, but is less (though not completely lacking in) multi-OS, and lacks plausible deniability. eCryptfs offers transparent encryption without even having to deal with an entire other volume, but is the slowest of the three.
  Etc.
  Last edited by Ranguvar (2009-05-28 21:32:29)

• How do I unlock my volume limit if I forgot my code?

  Hello, I forgot the code I created for my volume limit and I would like to unlock it. My volume is too low and I would like to turn it up. My ipod is 30gb. Any info would be greatly appreciated. Thanks.

  Connect it to your computer and Restore it in iTunes. You will have to Resync after doing this as it will remove all data from your iPod.

• Using my combination to "unlock" the volume setting is being rejected

  I wrote down my combination, (unless I mis-entered), I have tried the following ways to enter the combination:
  click to each number, advance to the next, etc, then press the middle bottom- rejected
  click to each number, hit middle button, then advance to next number, repeat, finish with middle button- rejected
  Is Restore my last option?

  Hello dajhnsn,
  It sounds like you are using the correct motions to unlock your iPod, so at this point, yes, your only option is to restore your iPod via iTunes. Keep in mind that restoring your iPod will delete all the music and files from your iPod and set it back to its original default settings.
  [Restoring iPod to factory settings|http://support.apple.com/kb/HT1339]
  Hope this helps.
  B-rock