• Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Encrypt OS X Yosemite Server

    Encrypting a volume in OS X Yosemite couldn’t be easier. In this article, we will look at three ways to encrypt OS X Yosemite volumes. The reason there are three ways is that booted volumes and non-booted volumes have different methods for enabling encryption. Encrypting Attached Storage For non-boot volumes, just control-click or right-click on them and then click on Encrypt “VOLUMENAME” where the name of the volume is in quotes. When prompted, provide an encryption password for the volume, verify that password and if you so choose, provide a hint. Once the encryption process has begun, the entry previously clicked on says Encrypting “VOLUMENAME” where the name of the…

  • Mac OS X,  Mac OS X Server,  Mac Security

    OS X 10.9 Mavericks Makes fdesetup A Bit More Useful

    Previously I’ve written a little here and there about using FileVault and more specifically scripting things around Filevault. The fdesetup command that enables FileVault for OS X clients from the command line got a few new options in OS X 10.9 Mavericks. We’ve always been able to enable FileVault using scripts thanks to fdesetup but now Apple’s taken some of the difficulty out of configuring recovery keys. This comes in the form of the changerecovery, haspersonalrecoverykey, hasinstitutionalkey, usingrecoverykey and validate recovery options. These options all revolve around one idea: make it easier to deploy centrally managed keys that can be used to unlock encrypted volumes in the event that such an…