Apple's FileVault
Recently I turned on the “FileVault” option on my Mac. For those who don’t know FileVault is a preference that lets a user encrypt their /home directory. It is encrypted and the user sets a password to access it. Then when the user logs in their /home is decrypted on the fly as it is used.
Well I was looking at something eariler and noticed that the “Get Info” screen changed. Now not only is there the “where” area but also the “Disk Image” area. Mine said “/Users/.eric/eric.sparseimage”.
For the non-UNIX junkies, the dotted directory means it is hidden. So first thing I did was fire up a terminal and check out why I had a hidden directory. Come to find out there is an encrypted spareimage in there that is over 4GB. Ever more curious I then fired off a ‘df’ to see what was going on. Turns out my /home folder was mounted off a disk I didn’t know I had, but was the same size as my hard drive. Hmm these look connected.
Well to sum up, when you turn FileVault on it actually makes a hidden home directory for you, creates an encrypted sparceimage in there for you and then tranfers all your files over there. Then to finish up it mounts that image as your /home, thus making it appear nothing has changed. Kinda good idea. So for all those who have been using custom rsync’s to backup their computers (myself), can now just sync one sparceimage and it is already encrypted and setup corrctly.
Eric
Comments
-
How's the performance on large files (i.e. DVD image)?
-
Will have to check, entire /home is only about 4GB so far. Most of my large files are stored on a separate usb hard drive, but I will check it out soon. I think it uses "AES-128" to encrypt which it isn't the largest key, so it should be ok.
-
Well I just watched a DVD off the encrypted drive an deverything played fine. Not a sinlge problem at all. So it appears the performance of the drive is still good enough for some demanding tasks.
