Encrypting filesystems with OS X Lion

Sadly some manufacturers1 of portable USB hard drives have yet to realise that there are operating systems other than Windows™ and include non-OS specific hardware encryption. OS X Lion supports software encrypted filesystems but the graphical Disk Utility application can only create new encrypted partitions. Fortunately the command line version of the same program can encrypt an existing partition without loss of data.

The drive must have a GUID partition scheme and the partition must have a HFS Journaled filesystem. You can view the partition information by typing diskutil list in a Terminal. The final column of output shows the IDENTIFIER you must use in the next command (disk1s2 in my case).

Encrypt the partition using the command:
diskutil cs convert disk1s2 -passphrase

You will them be prompted for a passphrase (do not lose or forget this, there is no way to recover the data if you do!). The drive will then be converted to a special corestorage volume and encrypted. Converting and encrypting a 1TB drive (with 500GB of data) took nearly 24 hours for me. You can monitor the process using the command diskutil cs list (the cs stands for core storage).

  1. Western Digital being one for which this is not true, their My Passport drive has been an excellent Mac citizen. [back]

Kangaroo Valley and the Blue Mountains

After Christmas we travelled from the NSW coast to the Blue Mountains via Kangaroo Valley and the Southern Highlands. Having previously visited NSW during a drought Kangaroo Valley was surprisingly lush and verdant, so much so that during one woodland walk only the bright and multi-coloured birds gave any clue that this was not Britain!

While the Southern Highlands were pleasantly off the main international tourist route, the spectacular vistas in the Blue Mountains fully justified its reputation.