Unlock APFS volumes with Terminal commands

You can use Terminal commands to unlock encrypted volumes. The commands in this section apply to endpoints running macOS 10.13 and Apple File System (APFS).

These instructions tell you what the users will see and what they need to do. They must:

  1. Open the Terminal application and run diskutil apfs list
    A list of all connected volumes is displayed.
  2. Search for the volume name they want to recover and note the volume identification, for example, Volume disk1s1.
  3. Call the administrator and ask for the recovery key using the volume identification as recovery key ID.
    You give them the recovery key. For help on retrieving a key for one of your users, see the Sophos Central help.
  4. Enter the recovery key in the disk password dialog to unlock the disk.
    Alternatively, users can use the command diskutil apfs unlockVolume and enter the recovery key in the Terminal application to unlock the disk.

The disk can now be accessed in Finder.