修复你的物品 社区 商店

A1418/EMC3069/2017/3.0GHz四核心Intel Core i5、3.4GHz四核心Intel Core i5或3.6GHz四核心Intel Core i7处理器。于2017年6月8日发布。

176 个问题 查看全部

更多选项

How to encrypt non-boot Volume so available at login?

Hi folks - this follows from my original hardware question Looking for the definitive answer on upgrading my Mac. Good news is the hardware upgrade and Big Sur clean install all went very well.

I now have a 240GB blade SSD as the Mac boot volume with Admin account, and a second 1TB SATA SSD as my Data volume for my regular user account and home folder.

Where I’m stuck now before getting too far restoring data… is it still possible to encrypt the SATA SSD using FileVault or similar, such that drive contents are encrypted until login? It seems FileVault only supports the boot volume which is the blade only, and I tried creating an encrypted volume on the SATA but is does not automatically decrypt at login and login then fails.

Seems this would be a fairly common use case especially for the higher end machines with multiple physical storage drives.

Is there a simple way through this? Potentially I could recreate the Fusion set combining the 2 SSDs but understand that is a bad idea from performance and reliability POV (one drive dies and it all becomes inaccessible).

Thanks much

已回答! 显示答案 我也有这个问题

这是一个好问题吗?

得分 0
添加一条评论

2个答案

筛选条件:
最有帮助的 最新 最老的
已选择的解决方案

更多选项

For the record books, here is where I landed.

After not being able to find a simple way to reenable FileVault or similar encryption on my Data Drive, I opted to refuse the 2 SSD’s per the simple steps here. Note there is a lot of outdated information elsewhere on refusing drives per older OS versions. As of BigSur and Nov 2020, these worked perfectly for me and took about 60 seconds to complete.

While there is a lot of discussion online why technically this may not yield absolute maximum drive performance, so far practically it has been plenty fast for my purposes and far simpler in terms of leaving things where Mac OS expects them (on the boot drive), thus allowing things like:

  • Simple reactivation of FileVault on the full volume
  • Full use of the combined 1.24TB of the 2 SSD’s
  • No monkeying around with advanced user settings to relocate the User Home folder.

Hope others find it useful.

djd

Block Image

Block Image

这个答案有帮助吗?

得分 0
添加一条评论

更多选项

Did you add the Admin Blade drive user account to the SATA drive as well as add the SATA user account to the Blade drive?

这个答案有帮助吗?

得分 0

5条评论:

No, what would that entail?

Steps I took were:

1. Create the admin user with the initial Big Sur install.

2. add my standard account while logged in as admin.

3. Steps here to point the standard users home folder to the SATA SSD. https://www.idownloadblog.com/2017/01/25...

When I point to APFS non encrypted volume it logs in no problem.

But when I tried encrypting the APFS volume the login times out with a generic error after 30 seconds or so.

Am I missing a step?

完成的

Click on the drive icon then right click to get to the Get Info menu. at the very bottom is the Sharing and Permissions options for the drive. Add the users.

完成的

Tried that now but no impact and not sure the permissions are the issue TBH. Issue is the Data Volume itself is encrypted and unmounted at initial boot up. Trying to login to the user profile on that device fails, until I login as admin on the blade, enter the data volume password to decrypt and mount it, then logout and back in as the main account. Super clunky and not convinced MacOS will be happy with that in the long run.

完成的

OK, then the last thing I can think of is to use the Automator to create a login script.

I don't personally use drive encryption, it's been awhile I've used where I has worked when they used it.

完成的

Ok, thanks for all your input Dan.

完成的

添加一条评论

添加你的答案

davidduran 将永远感激不已
浏览统计数据:

过去 24 小时: 0

过去 7 天: 0

过去 30 天: 0

总计 111