PGP WDE with user folder on different HD

Discussion in 'macOS' started by pierat, Jan 23, 2011.

  1. pierat macrumors member

    Joined:
    Dec 28, 2010
    #1
    Hello all, I'm hoping someone here might have enough experience with PGP to know if this would work. I want to move my user folder to an external drive that has been encrypted with PGP and be able to login to the user on my PGP encrypted MBP. If I were to do this, would the boot loader screen come up for both drives since the hard drive would be connected at the time of boot, thus allowing me to decrypt both drives at the same time and launch my user folder at OS X login? I hope that makes sense.
     
  2. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #2
    It makes sense to me what you want to do, but I am not sure if it's possible or not. Perhaps get a second "throw away" drive and set it up with PGP and a fake account to test it. Don't do it with all your personal data first at the risk of something bad happening.
     
  3. tomllama macrumors regular

    Joined:
    Jan 7, 2007
    Location:
    CA
    #3
    I run it the opposite of your current setup. The boot drive is clear and the secondary drive is encrypted with PGP WDE. I use a SSD for boot and don't want things slowed due to PGP. For example, I have 2 WD 1.5TB EARS drives. The one without PGP runs at something like 75 MB/sec for R/W. The PGP disk runs at 45 MB/sec for R/W.

    The access to the "user" files and disk only comes after login once the drive gets mounted. So I assume you will get one screen at power on (as it sounds happens to you now) and one after login (which is when I get mine).
     
  4. pierat thread starter macrumors member

    Joined:
    Dec 28, 2010
    #4

    I'm not actually running PGP yet. I have it installed, but I haven't gone through a disk encryption yet. I just know it's going to be a big process to do the encryption, so I'm trying to get information on whether it will work first. My drives aren't quite as big as yours, (1TB and 500GB) but I'm trying to get some advice first because I know it's a commitment to start the process. From what you say, it sounds like it shouldn't be a problem. Basically, it was the user folder drive I was concerned about, and it's working fine for you so I think I'm good!

    But now you raise a whole other issue to me. I was concerned about my performance after the encryption, but everything I've read says it's maybe a 10% hit on the drive speeds. What you're getting is actually a 40% hit. Now, I'm concerned again about wanting to encrypt my drives at all! I think I'll go for it though. Thanks for the reply.
     
  5. Katagi macrumors newbie

    Joined:
    Dec 7, 2009
    #5
    Better late than never ;-)

    I've successfully done what you asked... It's good described here.

    Short HOWTO:

    1. Works only with PGP Desktop (WDE) 10++
    2. You have to do this in terminal with command line since this is not supported by GUI so far
    3. Assuming your main system disk is 0 (unencrypted SSD) and you already encrypted second internal disk 1 (hdd). You can check disk numbers by pgpwde --enum command
    4. Instrument (replace bootloader) on disk 0: pgpwde --instrument --disk 0
    5. Add disk 0 to the same group where disk 1 is: pgpwde --add-disk --base 1 --disk 0 --user <username> --passphrase <passphrase>
      The username and passphrase are a username and passphrase from the external disk.
    6. CAUTION! Don't reboot until you'll finish all steps.

    This way external disk is being decrypted and mounted on boot level and user folders can be moved there, better using this guide.
     

Share This Page