I encrypted the TM disk to a password, but would like to change that password. Can't find any info on this anywhere. Is decrypting and re-encrypting the only way to do this?
I encrypted the TM disk to a password, but would like to change that password. Can't find any info on this anywhere. Is decrypting and re-encrypting the only way to do this?
changeVolumePassphrase | passwd lvUUID [-recoverykeychain file] [-oldpassphrase oldpassphrase] [-newpassphrase newpassphrase] [-stdinpassphrase]
Change the passphrase of an existing encrypted volume. It need not be unlocked nor mounted. The parameters, while variously optional, must be given in the above order.
You must authenticate either via the -oldpassphrase parameter, via the -stdinpassphrase parameter (with newline or eof-terminated data given to stdin), or via an interactive prompt (if no parameters are given), in the
same manner as diskutil coreStorage convert above. Alternatively, you can authenticate by specifying -recoverykeychain with a path to a keychain file.
A new passphrase must be supplied, again via one of the three methods above (interactive, -newpassphrase, or -stdinpassphrase).
If you are supplying both the old and new passphrases via stdin, they must be separated with a newline character.
That's intuitive!
Thanks
Been interested in this myself lately, but I don't suppose anyone knows where the password being used for an encrypted backup (or any encrypted core storage volume for that matter) is actually stored?
Reviving an old discussion - did you ever find this out?
I'm finding the situation where I don't want the TM encrypted backup partition automatically mounted. I'd like it to prompt for a password, and I also can't find that stored anywhere.
Hope you can help.
Yep! If you open /Applications/Utilities/Keychain Access.app then somewhere in your login or system keychain should be an entry with a name matching the name of your Time Machine backup volume; if you're having trouble finding it then you might also try looking for an entry with a kind listed as "Core Storage Password".Reviving an old discussion - did you ever find this out?
Yep! If you open /Applications/Utilities/Keychain Access.app then somewhere in your login or system keychain should be an entry with a name matching the name of your Time Machine backup volume; if you're having trouble finding it then you might also try looking for an entry with a kind listed as "Core Storage Password".
Try the man page for diskutil, specifically the core storage section:
Code:changeVolumePassphrase | passwd lvUUID [-recoverykeychain file] [-oldpassphrase oldpassphrase] [-newpassphrase newpassphrase] [-stdinpassphrase] Change the passphrase of an existing encrypted volume. It need not be unlocked nor mounted. The parameters, while variously optional, must be given in the above order. You must authenticate either via the -oldpassphrase parameter, via the -stdinpassphrase parameter (with newline or eof-terminated data given to stdin), or via an interactive prompt (if no parameters are given), in the same manner as diskutil coreStorage convert above. Alternatively, you can authenticate by specifying -recoverykeychain with a path to a keychain file. A new passphrase must be supplied, again via one of the three methods above (interactive, -newpassphrase, or -stdinpassphrase). If you are supplying both the old and new passphrases via stdin, they must be separated with a newline character.