Unlock HFS+ volumes with Terminal commands

You can use Terminal commands to unlock encrypted volumes. The commands in this section apply to endpoints running macOS 10.12 or earlier with volumes formatted with HFS+.

These instructions tell you what the users will see and what they need to do. They must:

  1. Open the Terminal application and run diskutil corestorage list.
    A list of all connected volumes is displayed.
  2. Search for the volume name (LV Name) they want to recover and note the Logical Volume identification.
  3. Call the administrator and ask for the recovery key using the Logical Volume identification as recovery key ID.
    You give them the recovery key. For help on retrieving a key for one of your users, see the Sophos Central help.
  4. Enter the recovery key in the disk password dialog to unlock the disk.
    Alternatively, users can use the command diskutil corestorage unlockVolume and enter the recovery key in the Terminal application to unlock the disk.

The disk can now be accessed in Finder.