First of all, I'd like to describe my setup. I have a 27" iMac SSD+HDD, with OS X installed on the SSD and my home directory on the HDD. I moved my home directory by copying it to the HDD and going to System Preferences -> (opt click) Users and Groups -> right click on account name -> Advanced.
It has worked great for the last year like this.
Now, after reading about Lion's new FileVault stuff on the internet, I've decided that I wanted to encrypt all of my drives. So, I turned on FileVault in System Preferences, which encrypted my SSD but nothing else. Then, I formatted a 6TB WD My Studio II as HFS+ Encrypted and now I use that for Time Machine. Now the only thing left is my HDD where my home directory sits.
I used instructions I found in Ars Technica's Lion review to turn on disk encryption without having to format the drive, by converting it into a CoreStorage logical volume. It seems to have encrypted the drive because I see this when I run diskutil coreStorage list:
So it's encrypted and converting.
After three days of converting, I decided it was time to restart my computer and take another route because I was tired of it taking so long. When I trie to log into my account, I got an error saying that "logging into the account failed because an error occurred". I know I can't log in because my account doesn't have access to the drive upon which it lives! It was then that I realized there may be no way I could encrypt the drive and provide my account the necessary credentials to decrypt the drive on its own upon login.
Is my only option going to be moving the home directory back onto the boot volume and just using symlinks for all of the folders in there that redirect data to my HDD? If I did that but left the ~/Library on the boot volume, then my account will have the proper keychains to access the drive where all my stuff is?
It has worked great for the last year like this.
Now, after reading about Lion's new FileVault stuff on the internet, I've decided that I wanted to encrypt all of my drives. So, I turned on FileVault in System Preferences, which encrypted my SSD but nothing else. Then, I formatted a 6TB WD My Studio II as HFS+ Encrypted and now I use that for Time Machine. Now the only thing left is my HDD where my home directory sits.
I used instructions I found in Ars Technica's Lion review to turn on disk encryption without having to format the drive, by converting it into a CoreStorage logical volume. It seems to have encrypted the drive because I see this when I run diskutil coreStorage list:
Code:
+-- Logical Volume Group 54CEEFE1-6E6B-4B9C-85EC-7AE550659FF6
| =========================================================
| Name: Storage
| Sequence: 1
| Free Space: 0 B (0 B)
| |
| +-< Physical Volume 277BB165-8D12-43EC-BBBE-56EC4FB19306
| | ----------------------------------------------------
| | Index: 0
| | Disk: disk1s2
| | Status: Online
| | Size: 3000249008128 B (3.0 TB)
| |
| +-> Logical Volume Family 35391860-639F-48C5-8C9A-ACA56EB9FB68
| ----------------------------------------------------------
| Sequence: 4
| Encryption Status: Unlocked
| Encryption Type: AES-XTS
| Encryption Context: Present
| Conversion Status: Converting
| Has Encrypted Extents: Yes
| Conversion Direction: -none-
| |
| +-> Logical Volume 6202C75C-F221-4090-9F27-1D58670D7850
| ---------------------------------------------------
| Disk: disk3
| Status: Online
| Sequence: 4
| Size (Total): 2999930236928 B (3.0 TB)
| Size (Converted): -none-
| Revertible: Yes (no decryption required)
| LV Name: Storage
| Volume Name: Storage
| Content Hint: Apple_HFSSo it's encrypted and converting.
After three days of converting, I decided it was time to restart my computer and take another route because I was tired of it taking so long. When I trie to log into my account, I got an error saying that "logging into the account failed because an error occurred". I know I can't log in because my account doesn't have access to the drive upon which it lives! It was then that I realized there may be no way I could encrypt the drive and provide my account the necessary credentials to decrypt the drive on its own upon login.
Is my only option going to be moving the home directory back onto the boot volume and just using symlinks for all of the folders in there that redirect data to my HDD? If I did that but left the ~/Library on the boot volume, then my account will have the proper keychains to access the drive where all my stuff is?