PDA

View Full Version : Encrypted disks, now I'm stuck @ login




rubirock
Jun 5, 2013, 01:31 AM
mbp5,5 mid-09 2.26 ghz c2d, 8gb ram, 128gb Samsung 840pro ssd, 500gb wd blue, 10.8.2

installed my solid state drive and got everything working fine. decided to encrypt all my various hard drives (two onboard, TM, carboncopy disk) and now I can't log in to my user account. It takes my password (eventhough i had it set to auto login) but then stalls for a bit before giving me an error like "unable to login to account due to and error," and sends me back to the login screen. I assumed permissions were messed up, but verifying/repairing both ssd and hd has yielded nothing. a quick search on apples site gave me nothing. I tried restoring to the TM image from yesterday, but same problem.

I am suspicious that I f#cked something up when I was encrypting the ssd, as carbon copy informed me that I needed a recovery partition on the drive if I wanted to encrypt it, so I created one. now when I boot, there are two recovery partitions to choose from.

Anyone have any suggestions before I reinstall osx, or try to restore to the carbon copy backup?



justperry
Jun 5, 2013, 02:21 AM
Do you have your Home folder or any/all of its subfolders on an external disk, if so you are @#$%%&.

If you get an error like that it mostly due to the system not finding the keychain in your Home Folder.

Weaselboy
Jun 5, 2013, 10:48 AM
Let's backup a bit... how did you encrypt the drive?

Enter "diskutil list" (without the quotes) in Terminal and post up the output.

rubirock
Jun 5, 2013, 12:29 PM
well, I afraid that's the case, JP. my home folder is on the hd, which was encrypted, and now the ssd with the os is unable to access the keychain for my login and i'm guessing i'm boned.

Weaselboy,
as you requested (I have a fw timemachine disk and a usb carbon copy disk connected to the machine, both with multiple partitions attached)
/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *128.0 GB disk0
1: EFI 209.7 MB disk0s1
2: Apple_HFS Macintosh SSD 127.2 GB disk0s2
3: Apple_Boot Recovery HD 650.0 MB disk0s3
/dev/disk1
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *500.1 GB disk1
1: EFI 209.7 MB disk1s1
2: Apple_CoreStorage 499.2 GB disk1s2
3: Apple_Boot Recovery HD 650.0 MB disk1s3
/dev/disk2
#: TYPE NAME SIZE IDENTIFIER
0: Apple_partition_scheme *1.3 GB disk2
1: Apple_partition_map 30.7 KB disk2s1
2: Apple_HFS Mac OS X Base System 1.3 GB disk2s2
/dev/disk3
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk3
/dev/disk4
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk4
/dev/disk5
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk5
/dev/disk6
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk6
/dev/disk7
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk7
/dev/disk8
#: TYPE NAME SIZE IDENTIFIER
0: untitled *6.3 MB disk8
/dev/disk9
#: TYPE NAME SIZE IDENTIFIER
0: untitled *2.1 MB disk9
/dev/disk10
#: TYPE NAME SIZE IDENTIFIER
0: untitled *1.0 MB disk10
/dev/disk11
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *999.5 GB disk11
1: EFI 209.7 MB disk11s1
2: Apple_CoreStorage 500.0 GB disk11s2
3: Apple_Boot Boot OS X 134.2 MB disk11s3
4: Apple_CoreStorage 129.4 GB disk11s4
5: Apple_Boot Recovery HD 784.2 MB disk11s5
6: Apple_CoreStorage 368.9 GB disk11s6
7: Apple_Boot Boot OS X 134.2 MB disk11s7
/dev/disk12
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk12
/dev/disk13
#: TYPE NAME SIZE IDENTIFIER
0: untitled *524.3 KB disk13
/dev/disk14
#: TYPE NAME SIZE IDENTIFIER
0: untitled *1.0 MB disk14
/dev/disk15
#: TYPE NAME SIZE IDENTIFIER
0: CD_partition_scheme *804.4 MB disk15
1: Apple_partition_scheme 700.4 MB disk15s0
2: Apple_partition_map 32.3 KB disk15s0s1
3: Apple_HFS WD SmartWare 229.7 MB disk15s0s2
/dev/disk16
#: TYPE NAME SIZE IDENTIFIER
0: Apple_HFS SSDclone *129.0 GB disk16
/dev/disk17
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *2.0 TB disk17
1: EFI 209.7 MB disk17s1
2: Apple_CoreStorage 1.3 TB disk17s2
3: Apple_Boot Boot OS X 134.2 MB disk17s3
4: Apple_CoreStorage 666.5 GB disk17s4
5: Apple_Boot Boot OS X 134.2 MB disk17s5

----------

Let's backup a bit... how did you encrypt the drive?

all of the drives, apart from the ssd, I encrypted by picking "encrypt this disk" from the secondary click context menu. that option wasn't available for the ssd, but when I was poking around in carbon copy cloner, I did have the option to encrypt it, but only after I copied the recovery drive to it.

Weaselboy
Jun 5, 2013, 01:00 PM
all of the drives, apart from the ssd, I encrypted by picking "encrypt this disk" from the secondary click context menu. that option wasn't available for the ssd, but when I was poking around in carbon copy cloner, I did have the option to encrypt it, but only after I copied the recovery drive to it.

JP is correct in his diagnosis. When you are trying to login it is looking for your user folders, which can't be located since they are encrypted.

When encrypting the main OS drive, you want to do it through the security pref pane to enable Filevault.

So let's see about getting you unencypted now. :)

Disconnect all those external drives so you can focus on the two internals for now. Boot to one of the working recovery partitions then get into a Terminal session.

Now enter "diskutil cs list" (without the quotes). That will list all volumes along with their UUID. It will look something like below for every volume.

Logical volume 4CC5881F-88B3-42DD-B540-24AA63952E31

Make note of the ones that are encrypted and their UUID. Then for each volume run the command below substituting your password where it says password at the end.

diskutil cs decryptvolume 4CC5881F-88B3-42DD-B540-24AA63952E31 -passphrase password

That should unencrypt each volume and get you back in business.

The CCC volumes will be different I believe. I think those are going to be encrpyted sparse bundles. If you don't need the data on them, it might be easier just to reclone after you get the main volumes fixed.

rubirock
Jun 5, 2013, 01:42 PM
JP is correct in his diagnosis. When you are trying to login it is looking for your user folders, which can't be located since they are encrypted.

When encrypting the main OS drive, you want to do it through the security pref pane to enable Filevault.
got it, will do.

Now enter "diskutil cs list" (without the quotes). That will list all volumes along with their UUID. It will look something like below for every volume.

Make note of the ones that are encrypted and their UUID. Then for each volume run the command below substituting your password where it says password at the end.

diskutil cs decryptvolume 4CC5881F-88B3-42DD-B540-24AA63952E31 -passphrase password

That should unencrypt each volume and get you back in business.
thank you! i'm off to try this now, i'll let you know how it works.

rubirock
Jun 5, 2013, 01:59 PM
Make note of the ones that are encrypted and their UUID. Then for each volume run the command below substituting your password where it says password at the end.

diskutil cs decryptvolume 4CC5881F-88B3-42DD-B540-24AA63952E31 -passphrase password

That should unencrypt each volume and get you back in business.
well, i'm running into a problem:
Started CoreStorage operation
Error: -69808: Some information was unavailable during an internal lookup

Edit:
I think that error may be due to a botched tm restore leading the hd volume to have the ssd name, so I'm restoring the image from my ccc clone and I'll try those decrypt commands once it's finished.

Weaselboy
Jun 6, 2013, 12:10 PM
well, i'm running into a problem...

Having any luck getting this sorted?

rubirock
Jun 10, 2013, 02:50 PM
Having any luck getting this sorted?
yeah, well, after a bunch of unsuccessful attempts to get it working, I ended up using an external hd to boot and fix/reinstall osx on the ssd, then erased the hd and copied all the user files from the TM backup, and i was finally able to log back in! SSD and HD are now both successfully unencrypted thanks to your advice.

now I'm thinking I need to move my user folder back to the ssd and just leave the downloads/docs/music/photos on the hd to avoid this (admittedly self-imposed) problem in the future. I just need to figure out exactly what needs to be moved back to the ssd before changing the home folder back to the ssd

Weaselboy
Jun 10, 2013, 06:17 PM
yeah, well, after a bunch of unsuccessful attempts to get it working, I ended up using an external hd to boot and fix/reinstall osx on the ssd, then erased the hd and copied all the user files from the TM backup, and i was finally able to log back in! SSD and HD are now both successfully unencrypted thanks to your advice.

now I'm thinking I need to move my user folder back to the ssd and just leave the downloads/docs/music/photos on the hd to avoid this (admittedly self-imposed) problem in the future. I just need to figure out exactly what needs to be moved back to the ssd before changing the home folder back to the ssd

Glad you got if fixed up. Yeah, if your want to use encryption, I think having the user folder on the SSD is going to be a requirement. Maybe just your music and photos on the HDD would work for you like you said.

rubirock
Jun 10, 2013, 06:48 PM
Glad you got if fixed up. Yeah, if your want to use encryption, I think having the user folder on the SSD is going to be a requirement. Maybe just your music and photos on the HDD would work for you like you said.
again, thanks for all your help.
I do plan to use filevault, but it will have to wait for at least a few days as I can't afford any more down time at the moment if something goes awry.
i'll update when things are up and running

rubirock
Jul 10, 2013, 10:54 PM
Update: everything is working pretty well. Moved user folder back to the ssd and turned on FV2 for the SSD, then created symlinks for the downloads/docs/music/photos folders on the HD. Externals are all encrypted. Also, I gave up on TimeMachine and have started using CarbonCopyCloner exclusively, as TM wasn't cutting it.

Only issue now is occasionally on reboot, it seems like it can't find the user folder (stock desktop backgrounds, one desktop instead of the 4 I have set up, etc.) so I end up having to reset PRAM for it to work properly as a simple reboot doesnt solve the problem. Any ideas?

Weaselboy
Jul 11, 2013, 06:34 AM
Update: everything is working pretty well. Moved user folder back to the ssd and turned on FV2 for the SSD, then created symlinks for the downloads/docs/music/photos folders on the HD. Externals are all encrypted. Also, I gave up on TimeMachine and have started using CarbonCopyCloner exclusively, as TM wasn't cutting it.

Only issue now is occasionally on reboot, it seems like it can't find the user folder (stock desktop backgrounds, one desktop instead of the 4 I have set up, etc.) so I end up having to reset PRAM for it to work properly as a simple reboot doesnt solve the problem. Any ideas?

That still sounds related to your moving the Users folder around. Are you sure it is back on the main drive with permissions set properly and everything?

rubirock
Jul 12, 2013, 03:27 AM
That still sounds related to your moving the Users folder around. Are you sure it is back on the main drive with permissions set properly and everything?
unfortunately, I'm finding out that I've screwed something up.
I still had a user folder at the root of my hdd, so i'm thinking that is what has caused my problem. The user on the HD was called "iq" and I recall naming the user on the SSD "IQ" when I reinstalled osx though I'm not sure it is case sensitive.
I moved the downloads/docs/music/photos out of the "iq" folder and deleted it, then deleted the same folders on the SSD and replaced them with the new symlinks to the revised location on the HD.

I attempted to boot into the recovery hd, but all that shows up is the SSD.

Also, I have experienced a couple of kernel panics on reboot, though only the latest one is in the log
Fri Jul 12 03:27:47 2013
panic(cpu 0 caller 0xffffff80026b7bd5): Kernel trap at 0xffffff7f836ae578, type 13=general protection, registers:
CR0: 0x000000008001003b, CR2: 0xffffff80e4155000, CR3: 0x0000000005360000, CR4: 0x0000000000000660
RAX: 0x0000000011778e4d, RBX: 0x01ffff8014539000, RCX: 0x000000007182352e, RDX: 0x0000000000000000
RSP: 0xffffff80e994be50, RBP: 0xffffff80e994be60, RSI: 0x0000000000000002, RDI: 0xffffff8002c01ef0
R8: 0x0000000000000001, R9: 0x00000000000003ff, R10: 0xffffffffffffffff, R11: 0x00000000ffffffff
R12: 0xffffff8014539000, R13: 0xffffff8014158b00, R14: 0xffffff80144f8100, R15: 0x0000000000000001
RFL: 0x0000000000010246, RIP: 0xffffff7f836ae578, CS: 0x0000000000000008, SS: 0x0000000000000000
Fault CR2: 0xffffff80e4155000, Error code: 0x0000000000000000, Fault CPU: 0x0

Backtrace (CPU 0), Frame : Return Address
0xffffff80e994baf0 : 0xffffff800261d626
0xffffff80e994bb60 : 0xffffff80026b7bd5
0xffffff80e994bd30 : 0xffffff80026ce4ed
0xffffff80e994bd50 : 0xffffff7f836ae578
0xffffff80e994be60 : 0xffffff8002a3181b
0xffffff80e994bea0 : 0xffffff8002a3133e
0xffffff80e994bf30 : 0xffffff8002a2d2d0
0xffffff80e994bf70 : 0xffffff8002a31e99
0xffffff80e994bfb0 : 0xffffff80026b26b7
Kernel Extensions in backtrace:
com.apple.driver.AppleUSBOHCI(5.2.5)[1C94C4BC-B05C-36D4-B1A2-B0BE04A5C620]@0xffffff7f836ad000->0xffffff7f836b9fff
dependency: com.apple.iokit.IOUSBFamily(5.4.0)[C3094550-7F58-3933-A4F7-CD33AE83F8B9]@0xffffff7f83557000
dependency: com.apple.iokit.IOPCIFamily(2.7.1)[9901C237-547C-3B52-99DE-C4870A19E2B5]@0xffffff7f82cc2000

BSD process name corresponding to current thread: kernel_task
Boot args: arch=x86_64

Mac OS version:
Not yet set

Kernel version:
Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64
Kernel UUID: 69A5853F-375A-3EF4-9247-478FD0247333
Kernel slide: 0x0000000002400000
Kernel text base: 0xffffff8002600000
System model name: MacBookPro5,5 (Mac-F2268AC8)

System uptime in nanoseconds: 860083050
last loaded kext at 293897671: com.apple.driver.AppleFileSystemDriver 3.0.1 (addr 0xffffff7f8480b000, size 16384)
loaded kexts:
at.obdev.nke.LittleSnitch 3876
com.apple.driver.AppleFileSystemDriver 3.0.1
com.apple.AppleFSCompression.AppleFSCompressionTypeDataless 1.0.0d1
com.apple.AppleFSCompression.AppleFSCompressionTypeZlib 1.0.0d1
com.apple.BootCache 34
com.apple.iokit.IOAHCIBlockStorage 2.2.2
com.apple.driver.AirPort.Brcm4331 602.15.22
com.apple.driver.AppleEFINVRAM 1.6.1
com.apple.driver.AppleFWOHCI 4.9.6
com.apple.driver.AppleUSBHub 5.2.5
com.apple.driver.AppleAHCIPort 2.4.1
com.apple.driver.AppleIntelCPUPowerManagementClient 196.0.0
com.apple.nvenet 2.0.19
com.apple.driver.AppleSmartBatteryManager 161.0.0
com.apple.driver.AppleUSBEHCI 5.4.0
com.apple.driver.AppleUSBOHCI 5.2.5
com.apple.driver.AppleRTC 1.5
com.apple.driver.AppleHPET 1.7
com.apple.driver.AppleACPIButtons 1.6
com.apple.driver.AppleSMBIOS 1.9
com.apple.driver.AppleACPIEC 1.6
com.apple.driver.AppleAPIC 1.6
com.apple.nke.applicationfirewall 4.0.39
com.apple.security.quarantine 2
com.apple.driver.AppleIntelCPUPowerManagement 196.0.0
com.apple.iokit.IO80211Family 500.15
com.apple.iokit.IOFireWireFamily 4.5.5
com.apple.iokit.IOUSBUserClient 5.2.5
com.apple.iokit.IOAHCIFamily 2.2.1
com.apple.iokit.IONetworkingFamily 3.0
com.apple.driver.AppleEFIRuntime 1.6.1
com.apple.iokit.IOUSBFamily 5.4.0
com.apple.driver.NVSMU 2.2.9
com.apple.iokit.IOHIDFamily 1.8.0
com.apple.iokit.IOSMBusFamily 1.1
com.apple.security.sandbox 220
com.apple.kext.AppleMatch 1.0.0d1
com.apple.security.TMSafetyNet 7
com.apple.driver.DiskImages 344
com.apple.iokit.IOStorageFamily 1.8
com.apple.driver.AppleKeyStore 28.21
com.apple.driver.AppleACPIPlatform 1.6
com.apple.iokit.IOPCIFamily 2.7.1
com.apple.iokit.IOACPIFamily 1.4
com.apple.kec.corecrypto 1.0


I am just going to try to repair osx with the ml image