Unable to decrypt using Disk Utility while booted from Recovery HD
Originator: | rtrouton | ||
Number: | rdar://14099359 | Date Originated: | 6-8-2013 |
Status: | Closed | Resolved: | 8-16-2015 |
Product: | OS X | Product Version: | OS X 10.8.4 Build 12E55 |
Classification: | Security | Reproducible: | Always |
Summary: It appears that Disk Utility on Mac OS X 10.8.4's Recovery HD partition no longer can decrypt FileVault 2-encrypted Macs. If you boot from a 10.8.4 Recovery HD partition, you can unlock a FileVault 2-encrypted boot drive but you can't decrypt it from Disk Utility. Steps to Reproduce: 1. Boot Mac and hold down ⌘-R (Command –R) to boot from the Mac’s Recovery HD partition. 2. Open Disk Utility. 3. Select your locked hard drive. 4. Under the File menu, select "Turn Off Encryption…" Expected Results: 1. Boot Mac and hold down ⌘-R (Command –R) to boot from the Mac’s Recovery HD partition. 2. Open Disk Utility. 3. Select your locked hard drive. 4. Under the File menu, select "Turn Off Encryption…" 5. When prompted for a password, enter the password of any authorized account on the drive. 6. Mac should begin decrypting. Actual Results: 1. Boot Mac and hold down ⌘-R (Command –R) to boot from the Mac’s Recovery HD partition. 2. Open Disk Utility. 3. Select your locked hard drive. 4. Under the File menu, unable to select "Turn Off Encryption…" due to it being grayed out. Regression: Went back to 10.8.3's Recovery HD and saw the same behavior. Notes: All testing done in VMware running OS X VMs
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Closing bug report as resolved
I found a fix for this issue; see https://derflounder.wordpress.com/2013/06/11/decrypting-filevault-2-on-mac-os-x-10-8-4-unlock-first-then-decrypt/
Blog post
Added blog post with findings: http://derflounder.wordpress.com/2013/06/08/mac-os-x-10-8-4s-recovery-hd-removes-ability-to-decrypt-filevault-2-encrypted-mac/
Successfully reproduced outside of VMware
I've now reproduced my results on a 2011 MacBook Pro.