When you reboot a macOS computer with an encrypted drive, you must login to unlock the volume before the boot process can complete. This creates a problem if you are working remotely.
The solution is to add a key temporarily in memory to make it through the reboot process.
Is FileVault on? If off, you don’t have to do any of this.
$ sudo fdesetup status
FileVault is On.
Does your hardware support authrestart? If not, this doesn’t help.
$ fdesetup supportsauthrestart
true
Turn on authrestart, but don’t reboot yet.
$ sudo fdesetup authrestart -delayminutes -1
The old prompt wants a recover key or an admin password? confusing question. This was changed in the current OS to ask for a username of a user who is authorized to unlock the drive.
Enter a password for '/', or the recovery key: # enter the admin password, or the internal drive key
The new version asks for a username and then a password
$ sudo fdesetup authrestart -delayminutes -1
Password:
Enter the user name:support
Enter the password for user 'support':
other useful commands
list of users who are able to unlock a FileVault volume.
$ sudo fdesetup list
No comments:
Post a Comment