Apple’s FileVault

Recently I turned on the “FileVault” option on my Mac. For those who don’t know FileVault is a preference that lets a user encrypt their /home directory. It is encrypted and the user sets a password to access it. Then when the user logs in their /home is decrypted on the fly as it is used.

Well I was looking at something eariler and noticed that the “Get Info” screen changed. Now not only is there the “where” area but also the “Disk Image” area. Mine said “/Users/.eric/eric.sparseimage”.

For the non-UNIX junkies, the dotted directory means it is hidden. So first thing I did was fire up a terminal and check out why I had a hidden directory. Come to find out there is an encrypted spareimage in there that is over 4GB. Ever more curious I then fired off a ‘df’ to see what was going on. Turns out my /home folder was mounted off a disk I didn’t know I had, but was the same size as my hard drive. Hmm these look connected.

Well to sum up, when you turn FileVault on it actually makes a hidden home directory for you, creates an encrypted sparceimage in there for you and then tranfers all your files over there. Then to finish up it mounts that image as your /home, thus making it appear nothing has changed. Kinda good idea. So for all those who have been using custom rsync’s to backup their computers (myself), can now just sync one sparceimage and it is already encrypted and setup corrctly.

Eric