Skip to main content

How to decrypt the Filevault encrypted volume using Recovery HD ?

There might be a time where you want decrypt the FileVault encrypted mac, but you are facing issues in logging into Mac to perform decryption using system preferences. In such cases the following steps will help you in decrypting the disk using Recovery HD.
  1. Reboot the Mac, Go to recovery HD partition of the system. (To start your computer from Recovery, restart your Mac and hold down the Command and R keys at startup.)
  2. Open Terminal application from Utilities -> Application. 
  3. First will need to identify the Logical Volume UUID of the encrypted drive using the diskutil corestorage list command:
          diskutil corestorage list 


      4.  Once you have the UUID of the logical volume as shown in above picture, you can then either             unlock or decrypt the encrypted volume using the following commands.

      a) Using the password of an authorised account or the recovery key ( Provided by the                                FileVault at the time of enabling it) on the command line
  
           To unlock: diskutil corestorage unlockVolume UUID –stdinpassphrase  

           The -stdinpassphrase flag will cause the command to prompt you for the password/passphrase
          of an account that’s authorised to unlock the encryption or the recovery key for the system. If              successful, the drive will unlock and mount.

      5.   Once we have unlocked the disk, we can now decrypt the volume.
        
            To decrypt: diskutil corestorage revert UUID –stdinpassphrase  

          You’ll be prompted for the password/passphrase of an account that’s authorised to unlock the              encryption or the recovery key. Once provided, decryption of the encrypted volume will                      begin. To track its progress, you can use the diskutil corestorage list command. Once the drive            has been completely decrypted, it will no longer be listed as a CoreStorage volume by diskutil            corestorage list. In Disk Utility, it will appear as a normal hard drive.  

      6.   Reboot the mac , It is now no longer encrypted with FileVault.



  

Labels:

Comments

  1. La Chica con el Tatuaje de DragonTuesday, October 16, 2018

    No luck. No corestorage logical volume group found. Any idea?

    ReplyDelete
  2. La Chica con el Tatuaje de DragonTuesday, October 16, 2018

    I got the UUID and the user password of course but nothing. It's Mojave updated from High Sierra MacBook pro

    ReplyDelete

Post a Comment

Popular posts from this blog

How to find firmware or boot ROM version in Mac OS X

Firmware and boot ROM version of your mac can be found in two ways. Way 1 : 1. From "Apple" menu , choose "About This Mac" menu item. 2. Click " More Info " to open "System Profiler" application. 3. Under Contents -> Select Hardware Tree item. On the right side panel Under hardware overview section, we can see Boot ROM Version and SMC (Firmware) Version. Way 2 : Run the below command in terminal to get boot ROM version and SMC(firmware) version : $ system_profiler SPHardwareDataType | grep -i "Version" | awk -F ':' '{print $1 $2}'
6 comments
Read more

How to disable USB ports on Mac OS X Mavericks, Yosemite or El Capitan ?

We might wonder how to disable the USB ports on Mac to prevent data copy to external USB mass storage devices. The USB kext on os x is loaded at the time of start of the system, this can be loaded / unloaded using kextload or kextunload command. To disable USB port on Mac , follow below steps: On Macs running  Mountain Lion, Mavericks  and Yosemite : Unmount any connected USB devices to the system by running below command                  $ diskutil unmount /Volumes/USBDISK. Now unload the USB related kernel extensions in the following order using kextunload command.             sudo kextunload -b com.apple.driver.AppleUSBCardReader             sudo kextunload -b com.apple.driver.AppleUSBODD             sudo kextunload -b com.apple.iokit.IOUSBMassStorageClass        This wil...
11 comments
Read more

What are the useful nvram settings in macOS ?

The OS X boot arguments are useful for troubleshooting problems with system startup and how the system behaves when running. sudo nvram boot-args="-v" :  This command will set the system to always boot to verbose mode, so we do not need to hold Command + V at system startup. sudo nvram boot-args="-x" :  This will set the system to always boot into Safe Mode. sudo nvram boot-args="-s" :  This command will boot the system into single user mode without needing to hold Command-S at system startup. sudo nvram boot-args="iog=0x0"  :   when you close the display but connect the system to an external monitor and keyboard the system will stay awake. After running this command, when connecting an external monitor, the internal display will be disabled, which can be beneficial in some situations such as those where you are mirroring your desktop but wish to run the external display at a higher resolution than your laptop can run. sudo nvram b...
Post a Comment
Read more