Unlock or decrypt your FileVault 2-encrypted boot drive from the command line
In addition to using Disk Utility, you can also use the command line to unlock or decrypt a FileVault 2-encrypted drive. In order to make sure it all works, I recommend that you use the Recovery HD partition or the Recovery HD partition cloned onto an external drive. See below the jump for the procedure.
Update – June 11, 2013: As of Mac OS X 10.8.4, you will need to unlock the encrypted volume first, then you will be able to decrypt it. See this post for details.
Update – April 27, 2014: If you are working with a Fusion Drive, do not use the decryption instructions included with this post. See this post for how to unlock or decrypt a Fusion drive.
Update – August 11, 2014: Problems have been found when decrypting from Mavericks’ Recovery HD. See this post for a description of the problem and available workarounds.
To start with, you will need to identify the Logical Volume UUID of the encrypted drive using the diskutil corestorage list command:
diskutil corestorage list
Running that command will give you a listing of all Core Storage volumes. To help identify what you’re looking for, I’ve highlighted the UUID of the encrypted drive in this example:
Once you have the UUID, you can then either unlock or unencrypt the encrypted volume using the following commands.
Using the password of an authorized account on the command line
To unlock: diskutil corestorage unlockVolume UUID -stdinpassphrase
The -stdinpassphrase flag will cause the command to prompt you for the password/passphrase of an account that’s authorized to unlock the encryption.
If successful, the drive will unlock and mount. You should see output similar to that shown below.
Once you’ve unlocked the disk, you can then revert it back from being an encrypted volume.
To decrypt: diskutil corestorage revert UUID -stdinpassphrase
You’ll be prompted for the password/passphrase of an account that’s authorized to unlock the encryption. Once provided, decryption of the encrypted volume will begin.
To track its progress, you can use the diskutil corestorage list command. To help identify the decryption status, I’ve highlighted the relevant sections to check in the list.
Once the drive has been completely decrypted, it will no longer be listed as a CoreStorage volume by diskutil corestorage list. In Disk Utility, it should appear as a normal hard drive.
Using the FileVault 2-generated individual recovery key on the command line
If you don’t have the password of any of the authorized accounts and you are not using an institutional recovery key with FileVaultMaster.keychain, you can use the FileVault 2-generated individual recovery key instead. The commands are mostly the same, but instead of using the -stdinpassphrase flag, you instead use -passphrase and enter the recovery key.
To unlock: diskutil corestorage unlockVolume UUID -passphrase recoverykey
If successful, the drive will unlock and mount. You should see output similar to that shown below.
Once you’ve unlocked the drive, you should also be able to unencrypt it using this command: diskutil corestorage revert UUID -passphrase recoverykey
Using FileVaultMaster.keychain on the command line
At this time, it’s only possible to unlock or decrypt from the command line if you’re using a institutional recovery key that’s been set with FileVaultMaster.keychain. Here’s how you can unlock the encryption using an institutional recovery key with FileVaultMaster.keychain:
1. Copy your FileVaultMaster recovery keychain from the safe place your institution stored it in to a drive that you can access from Recovery HD.
2. Boot to the Recovery HD partition or the Recovery HD partition cloned onto an external drive.
3. Get the Logical Volume UUID of the encrypted drive by running diskutil corestorage list.
4. With the UUID information acquired, run the following command to unlock the FileVaultMaster.keychain:
security unlock-keychain /path/to/FileVaultMaster.keychain
Once this command is run, you’ll need to enter your institution’s Master Password when prompted. If the password is accepted, you’ll be taken to the next prompt.
5. Run the following command to unlock the encrypted Core Storage volume on the encrypted Mac:
diskutil corestorage unlockVolume UUID -recoveryKeychain /path/to/FileVaultMaster.keychain
6. You should then see output similar to the following:
Started CoreStorage operation
Logical Volume successfully unlocked
Logical Volume successfully attached as disk4
Logical Volume successfully mounted as /Volumes/Macintosh HD
Core Storage disk: disk4
At this point, with the disk unlocked and mounted, you should be able to recover your data using whatever tools you prefer.
Once you’ve unlocked the disk, you can also then decrypt the encrypted volume by running the following command:
diskutil corestorage revert UUID -recoveryKeychain /path/to/FileVaultMaster.keychain
Once it’s decrypted, you should have full access to your hard disk’s data.
Leave a Reply
Recent Comments
 | rtrouton on Creating a NexThink installer… |
 | this is not the Pete… on Creating a NexThink installer… |
 | Shri Sivakumaran on Adding password protection to… |
 | isotopp on Creating a sysdiagnose file us… |
 | Daniel O'Donnell on Apple Device Management Second… |
Der Flounder 
Aww, the images, they be broken…
The images are loading for me. Please try reloading the page (or viewing from a different browser) and see if they’re showing up now.
Whoops, yes they’re loading for me now too. Weird.
Hi,
I am trying to decrypt the Filevault 2 volume. When I run “diskutil cs list”, it shows Logical Volume Group and Physical Volume UUID but it does not shows “Logical Volume UUID”…
sh-3.2# diskutil cs list
CoreStorage logical volume groups (1 found)
|
+– Logical Volume Group 237C72C9-59A0-4AA5-8FD2-D628B88B0E0F
=========================================================
Name: Mac OS X Lion
Sequence: 1
Free Space: 0 B (0 B)
|
+-< Physical Volume 7818D8D6-0DC0-48CC-B9B1-D7DB85DC3D99
—————————————————-
Index: 0
Disk: disk0s5
Status: Failed
Size: 278845444096 B (278.8 GB)
I am not able to find Logical Volume UUID… The filevault 2 enabled partition stopped booting suddenly …
Any ideas?
Thanks & Regards,
Karthikeyan
In my case, I cannot find “Logical Volume UUID” too, simply because the volume is not a logical volume but a physical volume.
Here is the solution has worked for me:
1, Find the “Logical Volume Group UUID”, i.e., lvgUUID
2, In terminal, diskutil coreStorage delete lvgUUID
3, After that, the volume is reverted to normal disk, available for erasing and/or formatting.
I don’t think data in the volume would be lost but I’m not sure. Losing data not a crucial point for me because they are backed up elsewhere.
The solution is found here https://derflounder.wordpress.com/2011/11/23/using-the-command-line-to-unlock-or-decrypt-your-filevault-2-encrypted-boot-drive/
Karthikeyan,
From the diskutil output you’ve posted, it appears that your hard drive is having a problem. Is the FileVault 2 partition on its own separate hard drive, or is it on the same physical hard drive as another partition that’s working fine?
If the FileVault 2 partition is the only one on the hard drive, the drive may be suffering a hardware failure.
I have three partition on a single hard drive. The remaining two partition works fine. Filevault2 partition is on the same hard drive thats working fine.
sh-3.2# diskutil list
/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *500.1 GB disk0
1: EFI 209.7 MB disk0s1
2: Apple_HFS Data 210.4 GB disk0s2
3: Apple_Boot Recovery HD 650.0 MB disk0s3
4: Apple_HFS Mac OS X Install ESD 9.2 GB disk0s4
5: Apple_CoreStorage 278.8 GB disk0s5
6: Apple_Boot Recovery HD 650.0 MB disk0s6
sh-3.2#
disk0s5 is the hard drive encrypted with Filevault2.
The Scenario happened was ” I created a standard user and rebooted the mac. Then I tried logging in directly from Standard user. It showed “No Parking Symbol error” after the apple logo. Then I rebooted the mac and logged in with Filevault enabled user but again the machine shows the same error after the apple logo…
Hi Karthikeyan ,
Were you able to solve your problem? as I am having the same problem and I really need to save my data . Thanks in advance.
Karthikeyan,
Unfortunately, I don’t have a good answer here. One thing that you may want to try (if you have not already) is running the following command to see if it can fix the partition:
sudo diskutil repairVolume disk0s5
If that doesn’t work, you’ll likely need to go to your backups.
I am getting many error. Is there any way to convert physical volume to logical volume in CoreStorage?
Thank you so much, rtrouton! I tried to convert an external drive to Core Storage and it seemed to be stuck at “Status: Checking”, with only a Logical Volume Group and a Physical Volume listed by diskutil cs list. So, no Logical Volume Family or Logical Volume. I already thought about erasing the disk, but
diskutil repairVolume
(where is a volume ID for the partition of type Apple_CoreStorage, such as disk0s5) triggered the actual conversion process. It immediately asked for the passphrase, and both the LVF and the LV are listed.
(Sorry, the first time I tried to post this I used angled brackets, which were filtered out)
Thank you so much, rtrouton! I tried to convert an external drive to Core Storage and it seemed to be stuck at “Status: Checking”, with only a Logical Volume Group and a Physical Volume listed by diskutil cs list. So, no Logical Volume Family or Logical Volume. I already thought about erasing the disk, but
diskutil repairVolume diskXsY
(where diskXsY is a volume ID for the partition of type Apple_CoreStorage, such as disk0s5) triggered the actual conversion process. It immediately asked for the passphrase, and both the LVF and the LV are listed.
Karthikeyan,
At this point, you may want to try booting from one of your Recovery HD partitions and see if you can use Disk Utility to unlock the encrypted volume then repair it. If that doesn’t work, the encrypted partition may be unrecoverable.
Thanks a lot for for posting this info. It was immensely valuable in helping me recover data from a Filevault 2 disk with a bad partition table due to bad sectors. Quick summary of what I did:
1) clone bad disk with GNU ddrescue
2) diskutil corestorage list
3) diskutil corestorage unlockVolume UUID -stdinpassphrase
4) diskutil corestorage revert disk[123]
5) run disk warrior to rebuild directory structure and repair file permissions
I am having the same problem, and want to try exactly this, but where you typed in “diskutil corestorage unlockVolume UUID -stdinpassphrase”, where did you get the UUID? From your OP, and from what I’m seeing on my end, I don’t see a UUID for the logical volume, just the group and physical disk, which it won’t accept for unlocking.
Can you please run the following command and then paste the output into a new comment?:
diskutil corestorage list
Thanks,
Rich
I think your procedure can help me , i hope you have email notifications on and help me with the only step i cant do #1 Clone bad disk with gnu ddrescue
Kevin,
I have a post on installing and using ddrescue available here:
https://derflounder.wordpress.com/2012/01/31/using-ddrescue-on-a-failing-hard-drive/
Very useful collection of information. Thank you.
I have the same problem (and the same question). Here is my diskutil cs list:
CoreStorage logical volume groups (1 found)
|
+– Logical Volume Group A779418C-8E16-4ED3-842B-E91417BD863B
=========================================================
Name: System
Sequence: 1
Free Space: 0 B (0 B)
|
+-< Physical Volume 1EF3E032-B8FF-41B7-BD98-6E7AE3B5F9A3
—————————————————-
Index: 0
Disk: disk1s2
Status: Failed
Size: 749295239168 B (749.3 GB)
And my diskutil list (I have two identical drives, the one with the OS failed, so I installed lion on the other drive to try and repair the other):
/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *750.2 GB disk0
1: EFI 209.7 MB disk0s1
2: Apple_HFS Macintosh HD 749.3 GB disk0s2
3: Apple_Boot Recovery HD 650.0 MB disk0s3
/dev/disk1
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *750.2 GB disk1
1: EFI 209.7 MB disk1s1
2: Apple_CoreStorage 749.3 GB disk1s2
3: Apple_Boot Recovery HD 650.0 MB disk1s3
Thanks so much for this. Bookmarked, and was very useful. 🙂
Thanks for this post. This saved me after a failed installation of Mountain Lion, which caused my MBPro encrypted disk to appear faulty. I tried reinstalling Lion (from USB and from Apple – using CommandR sequence) but it kept ion failing. Only after I decrypted the drive using the commands from this post – my MBPro came back to life. Thanks again
Another way to do it, even if you don’t have the password of the encrypted disk, is to “diskutil zeroDisk — “. That way the disk will be wiped clean and is ready for new partitioning
Thanks 🙂 after two hours of trying everything else I noticed your post and your suggestion worked perfectly
Just wanted to say thanks for your article. This saved my hard drive. My backup hd was encrypted as a time machine backup. I knew the pw but each time I entered it the hd would not appear to unlock through the gui interface (the pw entry box would become unselectable indefinitely). I used this function diskutil corestorage unlockVolume UUID -stdinpassphrase to unlock the disk. It allowed me to unlock the disk and then attached it the computer as disk2 but it wouldn’t mount. Even so I was able to use this to unlock the disk and then access the files. Thanks very much.
In an attempt to be clever, I recently formatted a new blank drive as Encrypted using Disk Utility. I chose a password, which I know. I then cloned my old boot drive to this encrypted drive – this way I both copied all the data AND encrypted it at the same time. I don’t believe I was ever shown the long “recovery key” I only have the password. Is there any way to retrieve the recovery key? I’m a bit nervous only having the password and not the recovery key. Should I be? Thanks much!
Casey,
When you encrypt a non-boot volume (which is the method you encrypted your disk with before cloning your OS to it) there is no recovery key, only the password. There is no way to add a recovery key after you encrypt, so your password is the only way to unlock your drive.
I strongly recommend decrypting your drive, restarting, then re-encrypting your boot volume using the standard FileVault 2 encryption tools. When you re-encrypt, a recovery key will be generated.
Thank you for that information!
I know I will not forget the password I used. Is there any other reason I should decrypt and re-encrypt it as you suggest? I’d prefer not to, partly because before using the technique I did I had a problem where it finished encrypting then said there was an error and I could neither encrypt nor decrypt it! I actually had to use command line techniques like you showed here to unlock the drive so I could reformat it again.
Casey,
The recovery key is there as a backup in case your password is not accepted to unlock the encryption.
If you choose to go on without having that backup, it’s your right to run your Mac as you see fit. I would not make or endorse that choice for my own Macs.
excellent information here. rare gem
Hi, I recently encrypted my hard drive. I’m not even sure how I did it, every time i try to access it to try and remove the encryption it denies entry. I have no de-cryption software ect ect and i really need advice on how to get rid of my problem; also it doesn’t allow me to save anything therefore i cant download anything.
This thread is a close as I could come to finding a solution. I used disc utility to encrypt a external HDD. During the encryption, the drive unmounted, I think due to the cable to the drive being bumped. It then tried to mount and would not. The passphrase would not work either. I have data on it. I ran the diskutil corestorage list and is copied in below. It still says it is converting and there is no disk activity.
+– Logical Volume Group 7CD6AAEC-F256-48E6-B72E-73F0228BE071
=========================================================
Name: WD Red
Size: 2000054960128 B (2.0 TB)
Free Space: 16777216 B (16.8 MB)
|
+- Logical Volume Family 7B8E9717-5D59-4D6E-B247-6B36B43B9805
———————————————————-
Encryption Status: Locked
Encryption Type: AES-XTS
Conversion Status: Converting
Conversion Direction: forward
Has Encrypted Extents: Yes
Fully Secure: No
Passphrase Required: Yes
|
+-> Logical Volume 36D7C1A4-F013-4F8E-9B5E-8B65D0C3C61D
—————————————————
Disk: -none-
Status: Locked
Size (Total): 1999719411712 B (2.0 TB)
Size (Converted): -none-
Revertible: Yes (unlock and decryption required)
LV Name: WD Red
Content Hint: Apple_HFS
I’m having this same issue! Were you able to fix this?
hi im having a huge issue i need resolving… i just bought a new solidstae hard disk to put in my MBP. now i bought the rack replacement for my dvdrw drive and put my 500gb in it.works like a charm.. now the issue is that i started deleting files from mt 500gb and transfering the required to the new solidstate.. finally wanted to format the 500gb and cant because of the filevault security… it will not allow me to unmount the drive… please advise as ive lost my key (i know i bad for loosing the key) and i cant unmount the 500gb for me to format… please advise
jp
Jean-Paul,
Is the drive mounting? I’m asking because you’re referencing being unable to unmount the drive.
If it’s mounting, it’s getting the authentication credentials needed to mount from somewhere. Are you entering a password before it mounts, or do you have a password stored in your login keychain?
If you have the password available, you can decrypt the drive using that password by following the instructions in the “Using the password of an authorized account on the command line” section of this post.
Hi rtrouton… thanks for the response but i got another thread from another site and its all good now… thanks a lot… have a happy holidays
jp
Hi guys,
I was wondering if you could perhaps give me a hand… My problem is very similar to some of those mentioned before. What happened is after my Mac failed to boot from the CS partition (grey Apple logo taking forever) I did boot into the internet recovery. Now what is happening with the diskutil is that:
diskutil cs list showing only the LVG and PV (no LV)
diskutil repairVolume failing with POSIX error
Is there some other way I can perhaps follow?
Thanks!
Jan
JanC,
If you can unlock the volume in Disk Utility, I’d recommend you try DiskWarrior 4.4. DiskWarrior 4.4 is able to work with CoreStorage volumes and may be able to fix the problem.
If that does not work, a colleague of mine has reported success with using Data Rescue 3 to recover files from an unlocked encrypted drive.
i had file vault on my android phone..i formatd my phone and nw i jst hav the encripted file..how to decript it..please help..
Vinit,
Unfortunately, this post has nothing to do with the FileVault software available on Android devices. This is for Apple’s FileVault 2 encryption on Macs.
Oh god i’ve finally found some light to my problem(for that i thank you rtrouton) , unfurtunately not my solution. Maybe you can or somebody can help or give me any idea.
I got a 500 gb HDD with only one partition ( or so it seems because Recovery partition never showed up with my installation of lion) obviously this partition with turned on Filevault 2 and just couple of days ago when i started it up after it turns on ,show me my profile and guest one , ask for my password and show apple logo it gives me the error sign of death.
So after some research i came with all the bad implications of have filevault turned on, one of them the difficulty to solve boot problems!
So i came up with your blog entry and after reading all of it and the comments ive got the same problem as a few other “above” friends , and using an external
usb flash memory with a fresh 10.7.5 installation using the terminal i got that :
diskutil cs list showing only the Logical Volume Group and Physical Volume (no Logical Volume )
CoreStorage logical volume groups (1 found)
|
+– Logical Volume Group 47994043-7CFE-4295-9034-01327C59EF65
=========================================================
Name: Kevin HDD
Sequence: 1
Free Space: 0 B (0 B)
|
+-< Physical Volume E78C8767-6489-454C-9D93-0FEC29160F82
—————————————————-
Index: 0
Disk: disk0s2
Status: Failed
Size: 499248005120 B (499.2 GB)
———————————————————————————————————————
/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *500.1 GB disk0
1: EFI 209.7 MB disk0s1
2: Apple_CoreStorage 499.2 GB disk0s2
3: Apple_Boot Recovery HD 650.0 MB disk0s3
So i cant get the logical volume UUID to perform the unlocking of my filevault image!
Tho i cant use a recovery partition i can perfectly use the guest account in the HDD
With an SMART status utility i now that there are some damaged sectors and errors on my HDD ( http://cl.ly/Md5s )
I tried to clone and repair the partition on my HDD with my valuable data but im not a experiences user and i cant follow properly this user advice
"E.T.
Thanks a lot for for posting this info. It was immensely valuable in helping me recover data from a Filevault 2 disk with a bad partition table due to bad sectors. Quick summary of what I did:
1) clone bad disk with GNU ddrescue
2) diskutil corestorage list
3) diskutil corestorage unlockVolume UUID -stdinpassphrase
4) diskutil corestorage revert disk[123]
5) run disk warrior to rebuild directory structure and repair file permissions"
(I cant install GNU ddrescue and i cant get my proper UUID to unlock disk)
Any idea or ami lost? i wish ive never turned on file vault and theres some valuable data that i cant loose.
Thanks for reading me.
Correction i do have working recovery partition on my HDD but still cant get to retrieve logical volume UUDID
What I can’t understand is how to get to the command prompt when the hard drive does not boot? So I can do all these procedures?
I’m having this issue currently. How did you solve this??
You boot from a mac os CD. Then under utilities you’ll find “command prompt” 🙂
I know this post is old, but I thought I’d let you know about an issue not addressed here.
“Once you’ve unlocked the disk, you can also then decrypt the encrypted volume by running the following command:
diskutil corestorage revert UUID -recoveryKeychain /path/to/FileVaultMaster.keychain
Once it’s decrypted, you should have full access to your hard disk’s data.”
I have the newest iMac, the late 2012 model, and I’m sorry that I don’t recall the message exactly, but when I enter that command, the terminal says that it can’t decrypt because there is more than one volume. – That’s because I bought the build with a Fusion drive.
I thought would be very helpful but instead has been a nightmare when combined with HFS+ and FileVault 2.
Luckily I’ve been able to get a lot of data off copied to a hard drive with just the instructions you gave up to that point. Unluckily the iMac now crashes exactly at the point it says it has been unlocked and mounted. – All in recovery mode of course
Thank you for the help with such a great post. I was really looking forward to finding out about your recent speaking engagement, so now I’m off to read your presentation.
Oh, also about the Fusion drive, I’m not even sure how to make an image of the hard drive since it’s spread across both drives. I’m still trying to figure that one out. Would you post something about that soon if you could?
Sorry, I meant to copy the line with the revert command, not the recoveryKeychain
I only meant to post that you can’t “revert” a Fusion drive. Or maybe you can, but I certainly can’t.
You are awesome! Thanks SO MUCH for this!
You totally just kept me from having to document this. Is love to strong a word? LoL
So I’m logged in as Root, I do this and it outputs this error. How can I fix this? it is indeed an external hard drive. Thanks
Started CoreStorage operation
Logical Volume successfully unlocked
Logical Volume successfully attached as disk3
Error: -69810: Disk object invalid or unable to serialize
You, sir, are a hero. It’s possible that I may never forget the time you saved my Mac when I was on a trip out of the country and decided to turn on encryption “just in case”. After turning on FileVault 2 I got a normal login screen but after logging in got nothing but the circle-slash. The machine had Boot Camp, which may or may not have been a factor, but luckily it enabled me to bring it to life (in Windows) so that I found this page. The “…list” command showed that the volume was “revertable” and that no encryption had actually been done, The diskutil revert command above gave me my fully functional Mac side back. I can’t tell you how much this has saved my day in getting me access to my cloud data (Mac Contacts, iCal). THANK YOU, THANK YOU.
I have been reading this and it is really informative.
I have a question, can we mount the encrypted volume as a target disk drive on another running system (not on recovery mode) with institutional master key for easy backup and file manipulation? – in case the we do not have the password of the user
I have been trying a lot but I keep getting the error below and been not succesfull mounting it.
Error: -69749: Unable to unlock the Core Storage volume
Phil,
Unlocking or decrypting with the institutional key can only be performed from a recovery partition or from Internet Recovery. If you’re not booted from a recovery drive, you’ll see the error you’ve described.
You just made my day.
I could kiss you. Thanks so much for writing this!
Thank you su much, your article help me unlock my 3TB hard drive!
Happy new year!
I followed the second method – Using the FileVault 2-generated individual recovery key on the command line
diskutil corestorage unlockVolume UUID -passphrase recoverykey
Started CoreStorage operation
Logical Volume successfully unlocked
Error: -69774: Couldn’t bring the new Core Storage Logical Volume online
Are there any solution to that?
Similar to Jamie, I get the same error message.
Have managed to finish converting but struggling to unlock and mount. Stuck at:
Logical Volume Family 88899AC3….
Encryption Status: Locked
Encryption Type: None
Conversion Status: Complete
Conversion Direction: -none-
Has Encrypted Extents: Yes
Fully Secure: No
Passphrase Required: No
Logical Volume 887AC606…
Disk: -none-
Status: Locked
Size (Total): 248.9 GB
Conversion Progress: -none-
Revertible: Yes (No decryption required)
LV Name: Macintosh HD
Content Hint: Apple_HFS
I’ve purchased DiskWarrior 4.4 but it’s not seeing my HD and I’m super confused now.
Please help….
Hi… I’ve gotten my drive into a funny state. I did not use ‘revert’, instead I used decryptVolume. It merrily went on its way and seems to have decrypted everything, *but* it did not remove the lock from the volume. Now, I am unable to unlock it, revert it, or re-encrypt it. How do I get back to some sane state?
Here’s the original status:
-bash-3.2# diskutil coreStorage list
CoreStorage logical volume groups (1 found)
|
+– Logical Volume Group C7D31432-02C3-4230-8171-764EF8542CCE
=========================================================
Name: Macintosh HD
Sequence: 1
Free Space: 16777216 B (16.8 MB)
|
+- Logical Volume Family 1033C50C-9567-4C4F-B5C2-05CC556A846B
———————————————————-
Sequence: 9
Encryption Status: Unlocked
Encryption Type: AES-XTS
Encryption Context: Present
Conversion Status: Complete
Has Encrypted Extents: Yes
Conversion Direction: -none-
|
+-> Logical Volume E89007ED-C375-4EDB-A869-8FE5BC4F3EE4
—————————————————
Disk: disk13
Status: Online
Sequence: 4
Size (Total): 498912555008 B (498.9 GB)
Size (Converted): -none-
Revertible: Yes (unlock and decryption required)
LV Name: Macintosh HD
Volume Name: Macintosh HD
Content Hint: Apple_HFS
then I ran:
diskutil coreStorage decryptVolume E89007ED-C375-4EDB-A869-8FE5BC4F3EE4
which took a really long time, and I monitored via “diskutil cs list” until it appeared to complete at 100% converted
but now:
-bash-3.2# diskutil cs list
CoreStorage logical volume groups (1 found)
|
+– Logical Volume Group C7D31432-02C3-4230-8171-764EF8542CCE
=========================================================
Name: Macintosh HD
Status: Online
Size: 499248103424 B (499.2 GB)
Free Space: 16777216 B (16.8 MB)
|
+- Logical Volume Family 1033C50C-9567-4C4F-B5C2-05CC556A846B
———————————————————-
Encryption Status: Locked
Encryption Type: None
Conversion Status: Converting
Conversion Direction: backward
Has Encrypted Extents: Yes
Fully Secure: No
Passphrase Required: No
|
+-> Logical Volume E89007ED-C375-4EDB-A869-8FE5BC4F3EE4
—————————————————
Disk: -none-
Status: Locked
Size (Total): 498912555008 B (498.9 GB)
Conversion Progress: -none-
Revertible: Yes (no decryption required)
LV Name: Macintosh HD
Content Hint: Apple_HFS
Note that it appears the LV is fully decrypted, but the LVF still thinks its encrypted. Plus, the LV is locked, and cannot be mounted anymore after it is unlocked without encountering a weird error:
-bash-3.2# diskutil cs unlockVolume E89007ED-C375-4EDB-A869-8FE5BC4F3EE4
Passphrase:
Started CoreStorage operation
Logical Volume successfully unlocked
Error: -69774: Couldn’t bring the new Core Storage Logical Volume online
-bash-3.2#
Any ideas?
Richard, I hit exactly the same error. Did you ever find a solution?
Hai Richard and John did you ever guys ever solve this?
Can I restart into the system as soon as the converting process starts? Or wait until the it’s completely done?
I have been able to follow the instructions up until the point where it asks for a passphrase, but I am unable to type anything after that. I literally can’t enter anything or copy and paste my password in. Any ideas?
Hi Peter, if you are on the Terminal and inputting passwords, Terminal never shows any stars or dots or anything for the password. So just type it as it is, and press enter. Hope this helps.
Hoping I could get some help with decryption. I have unlocked my encrypted hard drive using an institutional recovery key and have decrypted it using the “revert” command, but it appears to be stuck. I left it to decrypt over night and the decryption progess now shows 100% however, the conversion status still shows “Converting” and the conversion direction still shows “backward.”
If the conversion progress shows 100%, shouldn’t the other status indicators be showing “complete”? Should I have used the “decryptVolume” command instead of the “revert” command? Any ideas?
For others experienced the same problem, I worked out a solution for the disk not being completed decrypted through terminal like I mentioned in the comment above.
After decrypting from the terminal and letting the progress reach 100%, I then quit terminal and opened Disk Utility and selected to turn off encryption on the encrypted volume which worked (all while being booted in recovery mode cmd+r). I then restarted and was able to login and confirm that FileVault has been turned off in System Preferences. I don’t know what extra thing turning off encryption through Disk Utility does after decryption reaches 100% in terminal, but it seems to fully remove encryption attributes from the disk/volume.
I also tested another way by again, booting into recovery mode (cmd+r), going through terminal to unlock the disk with my institutional recovery key but NOT decrypting the drive through terminal. Instead, after unlocking the disk with the recovery key, I then quit terminal and open Disk Utility and select to turn off encryption on the volume. I get prompted for the password for my institutional recovery key and after entering it, I’m prompted that decryption has started and that I can track the progress in Sys Pref>FV. I then proceed to restart and I can login and confirm in Sys Pref>FV that the disk is being decrypted.
Is there a way to completely remove the core storage disk from the list of partitions?
Well it take awhile to show that uuid is working
This page has saved me! Thank you! I can now access my decrypted external drive again by using the unlock instructions. But each time I plug it in, I have to unlock it again. If I use Disk Utility instead of the command line, I don’t even have to enter a password to unlock it!
Get Info in the Finder still shows it as Journaled, Encrypted, whereas DU shows it as simply Journaled. Maybe that’s part of the problem. I can live with this, but if there is a way to permanently unlock this disk, I would love to know what it is.
When I go to enter the passphrase it won’t allow me. In the grey box there’s a circle, for some reason it won’t allow me to enter a passphrase?
Is there anyway to bypass this?
You win! exactly what i was looking for Many thanks!
Thank you very much !
Hi,
I am using Yosemite. turning off the decryption from Disk utility from the recovery mode, didn’t work with me, it gives me error, not sure why!
however if I use the terminal option, is it safe? would it wipe my data? because my data is not backed
Your support is appreciated
Thank you so much)
It’s October 18th, 2015. This article saved me from having reformat my hard drive and start over. I have a MBP 15 inch, with 3 partitions on the SSD. One for OS Yosemite one for Windows 10 and another Recovery partition. My Yosemite drive is fire vaulted and I knew that it had to have something to do with fire vault because I could still boot into my Windows 10 drive with no problems but one day my Yosemite partition would not load past 50% and would just keep hanging. I hadn’t done a backup to my external HD in two months and would’ve lost some very important pictures and about 500 songs I had downloaded in my library since my last backup.
Thank you so much! This saved the day and from me having to reformat once again.
I’m turning firevault off as soon as I get through with a backup.
Hi guys, i did everything that you have explained and it has successfully unlocked but when i do the final “diskutil coreStorage decryptVolume **** -stdinpassphrase” operation i get “Error: -69749: Unable to unlock the Core Storage volume”
WHAT’S HAPPENING ??? please help…
hey Marc,i have the same problem did u get any help ?
You are elite.
I have a very grateful college student that sends her thanks.
What does it mean if you can see your disk using “diskutil list”, but not as a corestorage volume when you run “diskutil corestorage list”?
I’m trying to read data from an old iMac startup HDD – ive attached it via a USB-SATA connector and I can see it in Finder.. But cannot find a UUID via diskutil corestorage. (I did manage to find the Volume UUID using “System Info”).
I’ve exported the instituitional recovery key and unlocked it on the MacBook Air I’m trying to decrypt. That went fine. However when I try to unlock the drive with the unlocked key I get Error: -69749: Unable to unlock the core storage volume.
Does that code mean anything to anyone? I’d love some help. Thanks!
Brad
I get the error: Error-69750: Unable to modify a File Vault context
I need to disable FileVault because my computer won’t start and my only options left are to wipe it or access it in SafeMode which won’t work with FileVault enabled (I’m using Recovery Mode)
I was able to unlock a logical volume successfully but now am not able to decrypt. Conversion progress is “paused”. Is there a command to resume? When I type in the revert command again on that logical volume I get the same error the person above me is getting…”Error-69750: Unable to modify a FileVault context”
I am getting the same error. But this is the best info that I have found all day.
Did u guys Solve this?
When my volume mounts, it is read only — I can see all the files and such but the filesystem is R/O.
Is there a corestorage command for re-mounting the disk RW or anything more advanced? My disk filled up and now the Mac won’t boot. I also can’t decrypt it because the disk is 100% full.
Any tips for mounting r+w on an encrypted disk at a terminal?
I just wanted to say thank you very much, my drive got corrupted and i was not able to get to the data due to encryption. Disk Utility was failing to decrypt it.
Your post and instructions saved me, thank you very much again
Dear Friends,
Anybody will help me on this, i screwed on my Toshiba 1 TB hard disc as i cannot decrypt through terminal. please help me on this and the progress in my terminal i just copied and pasted below
Logical Volume Group F5AFA188-88A7-446E-8231-C18BDF89B39A
=========================================================
Name: Muhammed Aslam NV
Status: Online
Size: 999860912128 B (999.9 GB)
Free Space: 18923520 B (18.9 MB)
|
+- Logical Volume Family 7ACEDB8C-9113-4AEE-AEE4-1A775EF9BF9F
———————————————————-
Encryption Type: AES-XTS
Encryption Status: Unlocked
Conversion Status: Converting (backward)
Reversion State: Reverting
High Level Queries: Not Fully Secure
| Has Visible Users
| Has Volume Key
|
+-> Logical Volume 4D15C595-CEAA-43C8-86F1-21176175BF09
—————————————————
Disk: disk3
Status: Online
Size (Total): 999489667072 B (999.5 GB)
Conversion Progress: 8%
Revertible: Yes (unlock and decryption required)
LV Name: Muhammed Aslam
Volume Name: Muhammed Aslam
Content Hint: Apple_HFSX
How long would you expect a revert request to take, for a 500 GB SSD drive?
I started this several hours ago, and it still shows Conversion Status of “Converting”. Below this, for the Logical Volume, it shows Conversionh Progress of “Paused”. How can I tell if this is actually doing anything
hello guys when i run diskutil cs list I am getting “No CoreStorage logical volume groups found.
Los, I’m pretty sure that just means you don’t have any encrypted volumes attached to your computer.
John I. Clark.. I wouldn’t be so sure. Los might be using APFS. It’s a completely different story with APFS stuff. I too am battling a client’s FileVault drive, and when typing diskutil corestorage list, I get “No CoreStorage logical volume groups found”. Guess I gotta find out how to solve this FileVault issue when in APFS-world.
Los, I have the exact same issue. “No CoreStorage logical volume groups found”. But my Mac keeps encrypting everytime it’s charging and thus I can’t turn it on for hours until it finishes encrypting. When I finally get it to turn on and I go into System Preferences the “disable filevault” sign is greyed out. On the rare occasion that it is not greyed out and I click on it; nothing happens. I’ve tried Terminal and ‘sudo diskutil CoreStorage list’, but as I said no corestorage logical volumes are found… can anyone help?
Karen, it would appear that these instructions will not work for those of us that have APFS drives instead of HFS/HFS+. Guess we gotta keep looking for a Terminal & APFS way of decrypting the FileVault drive.
You saved my day. Thanks!