Symantec Drive Encryption Recovery for Mac OS X

Article:TECH149559  |  Created: 2009-09-22  |  Updated: 2013-11-08  |  Article URL http://www.symantec.com/docs/TECH149559
Article Type
Technical Solution


Environment

Subject

Issue



This article details how to use the EFI recovery disk on a Mac OS X system which is encrypted using Symantec Drive Encryption or PGP Whole Disk Encryption.


Solution



While the chances are extremely low that a boot.efi file could become corrupt on a boot disk or partition protected by Symantec Drive Encryption, it is possible. If this occurs, it could prevent your system from booting.  Prepare for this unlikely event by creating a Recovery CD before you encrypt a boot disk or partition using Symantec Drive Encryption on a Ma OS X system.

You may download and create a Recovery Disk for your version of Symantec Encryption Desktop or PGP Encryption Desktop using the link below.

To use the recovery disk

  1. Download and save recovery iso image to your system.
     
  2. Burn the image to a CD-ROM using the Mac OS X Disk Utility. Click here for an Apple Support article on how to burn a disk image file.
     
  3. Boot the Mac OS X system with the disk. Note: To boot with the disk, hold down the Option key when rebooting the system and select to boot from the recovery disk. The PGP BootGuard screen is displayed.
     
  4. Enter your passphrase when prompted and press Enter.
  5. To decrypt the disk press D then press Enter.
     

Caution: Once you have started to decrypt a disk or partition using a recovery disc or diskette, do not stop the decryption process. Depending on the size of the disk being decrypted, this process can take a long time. A faster way to decrypt the drive is to use another system that has the same version of Symantec Encryption Desktop installed on it. If using Target Disk Mode, see the following caution:

When using Target Disk Mode an internal disk can be decrypted using Target Disk Mode. However, the Macintosh to be decrypted should not be placed in Target Disk Mode. Start the second Macintosh system in target disk mode.  Connect the second Macintosh to the Macintosh to be decrypted and restart the Macintosh to be decrypted while holding down the option key. When the Disk Manager is displayed, choose to boot from the disk of the second Macintosh.

Target Operating Systems: Mac OS X 10.5 (Leopard), Mac OS X 10.6 (Snow Leopard), Mac OS X 10.7 (Lion), Macintosh OS X 10.8 (Mountain Lion)

When using the recovery disk, the PGP boot partition is not automatically removed. To remove the PGP partition, use the following steps:

  1. Partially encrypt the disk using the Symantec Encryption Desktop, and then decrypt disk using Symantec Encryption Desktop.
  2. Uninstall Symantec Encryption Desktop, and then reinstall Symantec Encryption Desktop.
  3. Use a third-party tool to remove the partition.

 




Legacy ID



1658


Article URL http://www.symantec.com/docs/TECH149559


Terms of use for this information are found in Legal Notices