Once upon a time there was a dead snow leopard....

I'll tell you all a story about a magic environment where everything just works....

That is to say in Apple's ideal world where they can control everything and everyone only uses the software that they spoon feed them.

So that fact aside, unlike the frothing masses that bought Apple's OS X 10.7 Lion release just because it had shiny (not to mention useless, invasive and down right annoying) features I happened to be keen to take advantage of the native full disk encryption and explore what could be done to generally make my Apple products better.

I am of course referring to the simultaneous release of OSX 10.7 Lion Server where Apple have finally released their MDM for Apple devices.

The problem with paranoia

My MacBook Pro 5.5 had been previously running 10.6 with what Snow Leopard called "File Vault" or encrypted home directories quite successfully though I never really liked the idea of just my ~ being secured. (And even then there are reports that the encryption used has a few leaky holes).

After the upgrade to Lion I naturally enabled the feature I was interested in being Full Disk Encryption. In 10.7 Lion this is now called “File Vault” with the old encrypted homes being referred to as “Legacy File Vault”.

After encrypting my content and having been rebooted my Macbook Pro was for the purpose of disk encryption fully protected.

I am currently exposed to Kaspersky anti-virus on some of the Linux servers I manage and naturally when I saw a KAV build for Mac figured, Why Not?!

PS: Don't bother with KAV it leads to the following problem....

TL;DR (Recovering data from encrypted volumes in Mac OSX Lion)

My Macbook Pro no longer logs in. Trying my usual user password returns me back to the login prompt and the so called “recovery key” also loops back to the start. To make matters worse a whole swag of precious not yet archived data is still held within the encrypted volumes + encrypted home dirs that are now not functioning.

Lion contains a very useful feature where a “recovery” partion is created on your Mac's harddisk. (Some caveats, be sure to check it exists before relying on it by holding option+R when booting).


Boot into recovery using option+R at boot

Open a Terminal by selecting Utilities from the menu bar

Mount your full disk encrypted disk

diskutil cs unlock /dev/disk0s2

Then once you have access to your fully encrypted volume you will still need to mount your encrypted home directories using yet another undocumented tool

hdiutil mount /Volume/yourhddtitle/Users/.username/username.sparsebundle

In both instances you should be prompted for the encryption password prior to the mount. Obviously if you hardware is hosed or somehow you killed your partition layout these commands wont help you much. However if your like me and have data locked deep inside FileVault AND Legacy FileVault you will be glad to know getting it back really is not too hard


God speed!