Skip to content

November 4, 2012

Encrypted Fusion Drives on Older Mac Hardware

A few months ago, I removed my MacBook Pro’s optical drive and replaced it with an inexpensive disk caddy from Amazon and a 120GB Intel SSD disk from BestBuy all told for about $110.

After removing the optical drive and placing the SSD into the caddy, I wanted to do a clean install so the Mac was running on the SSD – so I downloaded OS 10.8 and placed it on a thumb drive (yes, I purchased it and just let the App Store download it again). I made sure the TimeMachine backup was up-to-date and that I could restore from it before I went any further.

Most of my information was based on this blog post by Andres Petralli, so credit is due almost 100% to Andres – thanks!

Insert your OS X thumb drive into an available USB port and restart your Mac.

Hold down the Option key to force your Mac into Recovery mode.

Choose the OS X thumb drive – it’ll look like an Orange USB Drive

Once you’re booted up into recovery mode, launch Disk Utility.

Delete all of your partitions on both disks and leave them empty.

Exit out of Disk Utility, navigate the menu of the Recovery Partition – select Utilities -> Terminal

Enter the command:

diskutil list

You should get some output that will display your physical disks. Almost always, your two physical disks will show up with /dev/disk0 and /dev/disk1 – compare the sizes to be sure you’re working with the right ones.

Enter the command:

diskutil coreStorage create NameYourPartition disk0 disk1

You can name your LVG (Logical Volume Group) anything you wish – I named mine FusionDrive to keep it simple while I followed Andres’ instructions.

Enter the command:

diskutil coreStorage list

Now you’ll see your LVG, that is currently built on two physical volumes and presenting a Logical Volume Family to the computer. Notice the < and > on the tree structure. The physical disks are “feeding” the logical volume family. Also notice the long alphanumeric strings after each item – these are called UUIDs or universally unique identifications – they allow a computer to maintain unique ids on hardware or objects that could be similar in every other way.

Now we have a single empty volume to work with and create a partition to be formatted and be used by the computer.

Now run the command:

diskutil coreStorage createVolume [copy and paste the Logical Volume Family UUID here without the brackets] jhfs+ MacintoshFD [enter the number of gigabytes you want to use, subtract 10GB for a recovery partition]g

Example: My LVG has a total size of 869.0 GB and the LVF UUID is 928D4C88-86FD-46DF-B487-3B0E0467349E
Example command:

diskutil coreStorage createVolume 928D4C88-86FD-46DF-B487-3B0E0467349E jhfs+ MacintoshFD 859g

You’ve now created an HFS+ Journaled volume called MacintoshFD that is 859GB large.

One last step while you’re here – let’s encrypt this beast so our data remains secure.

Run the command:

diskutil cs encryptVolume [UUID of the Logical Volume of MacintoshFS]

You’ll be prompted for a password and confirmation – but after that, the encryption will begin and happen in the background. Rebooting, shutting down, installing the OS, whatever – it’ll just chug along in the background until it’s done.

Now, go and install your OS X and retrieve your data from your backup.


Some related reading:

Read more from Apple, Security

Comments are closed.

%d bloggers like this: