FILEVAULT and my stupidity!

M

meatychi

Guest
OK so the scenario is I made a backup of my home folder but super stupid me, did not turn the filevault off before backing it up.

Now my G4 PB has gone awol and I cant recover my home directory because of the super encryption Apple have devised.

Are there any ways this can be unlocked?

Surely Apple have a means of opening these locked directories?

Someone please advise, I cant be the only one to have done this!

..........AM I?
 
OP
K

Kokopelli

Guest
I have never used File Vault but if i understand the OS X implimentation it is simply a secret key encrypted image. So as long as you know the password you should be able to get to the information.

Here is a gentleman who did something similar to that you might try.

http://www.rjauburn.com/archives/2004/04/12/moving-filevault-accounts-between-computers/

EDIT:

Yep, sure enough. It appears to be just a sparse image that is encrypted. You do not even need to go through the hoops above. Just mount the image using the password in question.

http://forums.macnn.com/showthread.php?t=252069
 
Padawan

Padawan


Joined
Jul 21, 2003
Messages
1,185
Reaction score
16
Points
38
Location
Coruscant, Galactic Republic
Your Mac's Specs
14" iBook G3 900/640/40 _ _ Power Macintosh G3 All-In-One 315/768/20 _ _ 20 GB iPod
Hope this helps (taken directly from Mac Help):

I forgot the password to my encrypted home folder

If you forget your login password and your home folder is protected by FileVault, you must know the master password to get access to your account. If you don't know the master password, ask your computer's administrator to help you.


If you are the administrator of the computer, and you can't remember the master password, the information in your home folder is lost forever.

To reset the password for an encrypted home folder:

1. Try to log in to your user account. When you see the password hint appear after the third unsuccessful try, click "Forgot Password."

2. Type (or have the computer's administrator type) the master password and click Continue.

3. Read the warning message about your keychain and click OK to proceed, or click Cancel to stop.

4. Type a new login password for your account, then type it again to verify it.

5. Type a hint that will help you remember your password next time.

6. Click Login.
Click to expand...
 
OP
M

meatychi

Guest
Kokopelli said:
I have never used File Vault but if i understand the OS X implimentation it is simply a secret key encrypted image. So as long as you know the password you should be able to get to the information.

Here is a gentleman who did something similar to that you might try.

http://www.rjauburn.com/archives/2004/04/12/moving-filevault-accounts-between-computers/

EDIT:

Yep, sure enough. It appears to be just a sparse image that is encrypted. You do not even need to go through the hoops above. Just mount the image using the password in question.

http://forums.macnn.com/showthread.php?t=252069
Click to expand...


Kokopelli!

Thankyou for your links of wisdom!

I will attempt to access my old filevault via the processes outlined in the threads.

Wish me luck!

Sorry Padawan but that isn't the answer to my problem! Thanks all the same!
 
OP
M

meatychi

Guest
Thank you again for your help!

I have checked out the links and the first one seemed to be the one that I need to perform.

In that article it states that I need to change the location filepath of the locked sparseimage.

Currently the file path is set to :

//localhost/users/......

I need to add the filepath of the sparseimage and that sits on an external drive, could you tell me what I would have to type in to link it to the file?
 
OP
K

Kokopelli

Guest
Yes, open nietinfo manager. It is under Users => <Your new accounts user name> => home_loc. In my case I do not have a home_loc, only home. I assume this is becasue I do not use file vault. If you do not have it either let me know and I will encrypt one of my spare accounts.

EDIT: Oops misread your post. Open a finder window to your file. Next open a terminal window. Drag the file to the terminal and it will list the full path to the file.

EDIT2: That will definitely give you the path. I am hoping that will work, //localhost/users is not a filepath though. If it does not work you might try //localhost/<path>
 
OP
M

meatychi

Guest
Cheers Koko!

I have managed to change the Home_loc to the correct path of

<home_dir><url>file://localhost/volumes/MacOS%2Extended/users/.....

and when I log into the account a desktop appears but I still cannot gain access to my original FV directory

and an additional directory is being created on my external HD.

Any Ideas?

I also tried that second option with the Target disk process but when I reboot and hold T I justget a giant firewire icon floating around my screen.

Any Ideas on this?
 
OP
K

Kokopelli

Guest
I think we are going at this the hard way. Why don't we take a step back and look at the problem in the "simple" way first.

1) Make sure you have an admin account that is not protected by file vault. I suggest you keep this account and never file vault protect it. This way if something goes very bad you have an admin account to log in as and try and fix things.

2) Login as the non file vault admin account.

3) Navigate to the file vault protected user directory in your backup. In that folder should be a single file called "<user name>.sparseimage" If there is not one there do a search for files with the extension of sparseimage, if you can't find any you are out of luck, sorry.

4) Assuming you found the image in the correct location, double click on the file and type in the password to your old account. It should mount the image. If it does we are golden. If nothing else you can retrieve the information from there.

4.1) Unmount the image once you have confirmed it is not corrupt.

5) Now for the account you want to use this image with, return the hom_loc to its original value.

6) Confirm that the file vault protected account opens with the default image by logging out of the admin account and back in as that user. If it opens the original (for this account) home directory then we have something to work from.

7) Log out of that account and back in to your admin account.

8) Go to the file vault protected account's home directory and find the sparseimage for that user.

9) Back that image up somewhere, and delete the original.

10) In the original images place put the sparseimage from your backup by copying it to the correct location.

11) If necessary change the sparseimage filename to match the user account.

12) Make sure the permissions are correct for the sparseimage. The user whose home directory it is should be the owner with read/write privilege. The group should be the users personal group (same as user name) with read only privilege. Others should have read only privilege. You might need to fix permissions inside the image as well to match the new user account. Those are easy though. Leave them the same levels just change the owner and groups.

Now when you log in as the file vault protected user you should see your old home. (Make sure the passwords match, that is very important.)

Hopefully that will work. If not we might try fixing this in IRC, but I am not too hopeful if the above steps do not work.

EDIT: Broke it down into steps so if something goes wrong we can more easily tell where.

EDIT2: added step 4.1

EDIT3: Step 12 occurred to me in the shower.
 
OP
M

meatychi

Guest
So Far So Good

I am just copying the sparseimage back onto my PB

Fingers Crossed!

Thanks again for all your help!
 
OP
M

meatychi

Guest
SPOT ON I OWE YOU BIG TIME KOKO!

Im sure this thread will save many peoplea lot of head-ache!

THANKS - YOU THE MAN or WOMAN
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top