You can use Terminal commands to unlock encrypted volumes. The commands in this section apply to
endpoints running macOS 10.12 or earlier with volumes formatted with HFS+.
These instructions tell you what the users will see and what they need to do. They must:
-
Open the Terminal application and run
diskutil corestorage
list
.
A list of all connected volumes is displayed.
-
Search for the volume name (
LV Name
) they want to recover and note the
Logical Volume
identification.
-
Call the administrator and ask for the recovery key using the
Logical Volume
identification as recovery key ID.
You give them the recovery key. For help on retrieving a key for one of your users, see the
Sophos Central
help.
-
Enter the recovery key in the disk password dialog to unlock the disk.
Alternatively, users can use the command diskutil corestorage unlockVolume
and enter the recovery key in the Terminal application to unlock the
disk.
The disk can now be accessed in Finder.