Time Machine Encryption
For those who are concerned about the safety of their backups in Time Machine, there is a solution.
The method described below works if you use:
- Time Machine paired with Time Capsule;
- Time Machine, coupled with an external drive formatted in HFS + and connected to the AirPort via USB.
Certainly other tricks will work, the main thing is that the disk be shared on the network using the AFP protocol.
So the procedure is as follows:
1. Open the terminal (Applications - Utilities - Terminal).
2. Copy the ready Time Machine backup of the username.sparsebundle type (for convenience, to the root of any disk).
2.1. For reliability, I advise you to make a copy of the backup from your carrier so as not to lose data in case of inept actions.
3. Go to the administrator mode (sudo su) and enter the password for your account.
')
4. In the terminal we make the transition to the core disk where the backups lie:
- cd / Volumes - go to the folder with available disks;
- ls - we get the list of available disks;
- go to the disk where the backup is stored - cd BackupDisk (disk name).
5. Encrypt the bundle with the hdiutil utility.
The utility syntax is like this:
hdiutil convert -format UDSB -o OUTPUT FILE / -encryption AES-256 INPUT FILE / .
To speed up the name of the backup, you must type the first 2 characters of the name and press the tab - the name will be added automatically.
Example:
hdiutil convert -format UDSB -o cryptobackup.sparsebundle / -encryption AES-256 username.sparsebundle /
Enter a new password to secure "cryptobackup.sparsebundle":
Re-enter new password:
Reading Driver Descriptor Map (DDM: 0) ...
Reading Apple (Apple_partition_map: 1) ...
Reading disk image (Apple_HFSX: 2) ...
.................................................. ..........
Get the encrypted file
6. Open the Finder and right-click on the source backup file - select show package contents, copy the file com.apple.TimeMachine.MachineID.plist.
7. Open a similarly received encrypted backup and paste this file into an encrypted backup.
8. Then we execute the command for the encrypted backup (the command will set the maximum size of the encrypted container that will store your data):
hdiutil resize -size 1t (1 gigabyte - 1g) cryptobackup.sparsebundle /
9. We give the name of the encrypted backup in full accordance with what is stored on your carrier, which uses Time Machine and copy it with replacement on your carrier for backups.
10. After copying is finished, open the backup through the Finder and enter the password, save the password if necessary to your Keychain so as not to enter it manually when backing up, then dismount the backup (Eject).
11. Since Time Machine is a system application, open the Keychain, find the password from the backup and drag it into the System category.
12. We make backups automatically to an encrypted file.
Ps. If you have done something wrong Time Machine will make a new file with a backup of the form username1.sparsebundle
I tried to paint everything as detailed as possible for users with different levels of training. I cannot illustrate visually, because This method was tested at work with a test copy of the Time Capsule.
The method described below works if you use:
- Time Machine paired with Time Capsule;
- Time Machine, coupled with an external drive formatted in HFS + and connected to the AirPort via USB.
Certainly other tricks will work, the main thing is that the disk be shared on the network using the AFP protocol.
So the procedure is as follows:
1. Open the terminal (Applications - Utilities - Terminal).
2. Copy the ready Time Machine backup of the username.sparsebundle type (for convenience, to the root of any disk).
2.1. For reliability, I advise you to make a copy of the backup from your carrier so as not to lose data in case of inept actions.
3. Go to the administrator mode (sudo su) and enter the password for your account.
')
4. In the terminal we make the transition to the core disk where the backups lie:
- cd / Volumes - go to the folder with available disks;
- ls - we get the list of available disks;
- go to the disk where the backup is stored - cd BackupDisk (disk name).
5. Encrypt the bundle with the hdiutil utility.
The utility syntax is like this:
hdiutil convert -format UDSB -o OUTPUT FILE / -encryption AES-256 INPUT FILE / .
To speed up the name of the backup, you must type the first 2 characters of the name and press the tab - the name will be added automatically.
Example:
hdiutil convert -format UDSB -o cryptobackup.sparsebundle / -encryption AES-256 username.sparsebundle /
Enter a new password to secure "cryptobackup.sparsebundle":
Re-enter new password:
Reading Driver Descriptor Map (DDM: 0) ...
Reading Apple (Apple_partition_map: 1) ...
Reading disk image (Apple_HFSX: 2) ...
.................................................. ..........
Get the encrypted file
6. Open the Finder and right-click on the source backup file - select show package contents, copy the file com.apple.TimeMachine.MachineID.plist.
7. Open a similarly received encrypted backup and paste this file into an encrypted backup.
8. Then we execute the command for the encrypted backup (the command will set the maximum size of the encrypted container that will store your data):
hdiutil resize -size 1t (1 gigabyte - 1g) cryptobackup.sparsebundle /
9. We give the name of the encrypted backup in full accordance with what is stored on your carrier, which uses Time Machine and copy it with replacement on your carrier for backups.
10. After copying is finished, open the backup through the Finder and enter the password, save the password if necessary to your Keychain so as not to enter it manually when backing up, then dismount the backup (Eject).
11. Since Time Machine is a system application, open the Keychain, find the password from the backup and drag it into the System category.
12. We make backups automatically to an encrypted file.
Ps. If you have done something wrong Time Machine will make a new file with a backup of the form username1.sparsebundle
I tried to paint everything as detailed as possible for users with different levels of training. I cannot illustrate visually, because This method was tested at work with a test copy of the Time Capsule.
Source: https://habr.com/ru/post/94983/
All Articles