Encrypt Time Machine and Time Capsule backups

Posted on 10. Sep, 2008 by in tech

Today at work we got a Time Capsule for everyone’s backups. While this may not be the best answer for a company back up solution, it’s still better than what most companies I’ve worked for have for backup solutions (read nothing). With the the Time Capsule in plain sight of the glass door, and everyone’s files saved on them, it would be pretty easy for someone to break in, unplug it, and have a copy of every file on everyone’s computer. To solve this problem you can encrypt your time machine backups. How do I do that you ask? Well, use Apple’s fancy built in feature to. Encrypt the sparsebundle images.

  • Set up Time Machine to back up to an AFP drive. I don’t think this will work with a local hard drive.
  • Let Time Machine start backing up, then stop the back up. This will have created <machine_name>_<mac_address>.sparsebundle on the AFP drive.
  • Disable Time Machine.
  • Open a Terminal and run these commands:
    $ cd /Volumes/<AFP Drive>/
    $ mv name_mac.sparsebundle name_mac-old.sparsebundle
    $ hdiutil convert -format UDSB -o name_mac.sparsebundle -encryption AES-256 name_mac-old.sparsebundle
    It will ask you for a password. Type in a password you won’t forget.
  • Double click the sparsebundle in the GUI. You will be prompted for your password. Type that in and tick the “Remember password” check box.
  • Open /Applications/Utilities/Keychain Access and find name_mac.sparsebundle. Right click it and select Copy name_mac.sparsebundle.
  • Select System Keychain on the left hand side of Keychain Access and paste it in the main area. Allow this action if you are asked. Remember to lock the System Keychain when you are done.
  • Time Machine should not have no problem backing up to the encrypted volume. If everything works as planned, feel free to delete the name_mac-old.sparsebundle

Your backups are now encrypted.

When you need to restore, make a temporary account when you reinstall, and then decrypt the sparsebundle.

Now that you’re all secure, don’t forget those passwords.

Tags: , , , , , , , , , ,

PHVsPjxsaT48c3Ryb25nPndvb19hZHNfcm90YXRlPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkXzI1MF9hZHNlbnNlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWRfMjUwX2ltYWdlPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tL2Fkcy93b290aGVtZXMtMjUweDI1MC5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF8yNTBfdXJsPC9zdHJvbmc+IC0gaHR0cDovL3d3dy53b290aGVtZXMuY29tPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF9hZHNlbnNlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWRfY29udGVudF9kaXNhYmxlPC9zdHJvbmc+IC0gdHJ1ZTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX2NvbnRlbnRfaW1hZ2U8L3N0cm9uZz4gLSBodHRwOi8vd3d3Lndvb3RoZW1lcy5jb20vYWRzL3dvb3RoZW1lcy00Njh4NjAtMi5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF9jb250ZW50X3VybDwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbTwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX2ltYWdlXzE8L3N0cm9uZz4gLSBodHRwOi8vd3d3LnR3aS5ncy93cC1jb250ZW50L3RoZW1lcy9uZXdzcHJlc3MvaW1hZ2VzL2FkLTEyNXgxMjUuZ2lmPC9saT48bGk+PHN0cm9uZz53b29fYWRfaW1hZ2VfMjwvc3Ryb25nPiAtIGh0dHA6Ly93d3cudHdpLmdzL3dwLWNvbnRlbnQvdGhlbWVzL25ld3NwcmVzcy9pbWFnZXMvYWQtMTI1eDEyNS5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV8zPC9zdHJvbmc+IC0gaHR0cDovL3d3dy50d2kuZ3Mvd3AtY29udGVudC90aGVtZXMvbmV3c3ByZXNzL2ltYWdlcy9hZC0xMjV4MTI1LmdpZjwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX2ltYWdlXzQ8L3N0cm9uZz4gLSBodHRwOi8vd3d3LnR3aS5ncy93cC1jb250ZW50L3RoZW1lcy9uZXdzcHJlc3MvaW1hZ2VzL2FkLTEyNXgxMjUuZ2lmPC9saT48bGk+PHN0cm9uZz53b29fYWRfaW1hZ2VfNTwvc3Ryb25nPiAtIGh0dHA6Ly93d3cudHdpLmdzL3dwLWNvbnRlbnQvdGhlbWVzL25ld3NwcmVzcy9pbWFnZXMvYWQtMTI1eDEyNS5naWY8L2xpPjxsaT48c3Ryb25nPndvb19hZF9pbWFnZV82PC9zdHJvbmc+IC0gaHR0cDovL3d3dy50d2kuZ3Mvd3AtY29udGVudC90aGVtZXMvbmV3c3ByZXNzL2ltYWdlcy9hZC0xMjV4MTI1LmdpZjwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3BhZ2U8L3N0cm9uZz4gLSBTZWxlY3QgYSBwYWdlOjwvbGk+PGxpPjxzdHJvbmc+d29vX2FkX3RvcF9hZHNlbnNlPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fYWRfdG9wX2Rpc2FibGU8L3N0cm9uZz4gLSB0cnVlPC9saT48bGk+PHN0cm9uZz53b29fYWRfdG9wX2ltYWdlPC9zdHJvbmc+IC0gaHR0cDovL3d3dy5mdGpjZnguY29tL2ltYWdlLTMxNjkxMTktMTA4NzgyNjc8L2xpPjxsaT48c3Ryb25nPndvb19hZF90b3BfdXJsPC9zdHJvbmc+IC0gaHR0cDovL3d3dy5kcGJvbHZ3Lm5ldC9jbGljay0zMTY5MTE5LTEwODc4MjY3PC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzE8L3N0cm9uZz4gLSBodHRwOi8vZXhhbXBsZS5jb20vYWRzL2FkMV9kZXN0aW5hdGlvbi5odG1sPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzI8L3N0cm9uZz4gLSBodHRwOi8vZXhhbXBsZS5jb20vYWRzL2FkMV9kZXN0aW5hdGlvbi5odG1sPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzM8L3N0cm9uZz4gLSBodHRwOi8vZXhhbXBsZS5jb20vYWRzL2FkMV9kZXN0aW5hdGlvbi5odG1sPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzQ8L3N0cm9uZz4gLSBodHRwOi8vZXhhbXBsZS5jb20vYWRzL2FkMV9kZXN0aW5hdGlvbi5odG1sPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzU8L3N0cm9uZz4gLSBodHRwOi8vZXhhbXBsZS5jb20vYWRzL2FkMV9kZXN0aW5hdGlvbi5odG1sPC9saT48bGk+PHN0cm9uZz53b29fYWRfdXJsXzY8L3N0cm9uZz4gLSBodHRwOi8vZXhhbXBsZS5jb20vYWRzL2FkMV9kZXN0aW5hdGlvbi5odG1sPC9saT48bGk+PHN0cm9uZz53b29fYWx0X3N0eWxlc2hlZXQ8L3N0cm9uZz4gLSBibGFjay5jc3M8L2xpPjxsaT48c3Ryb25nPndvb19hcmNoaXZlczwvc3Ryb25nPiAtIFNlbGVjdCBhIHBhZ2U6PC9saT48bGk+PHN0cm9uZz53b29fYXV0b19pbWc8L3N0cm9uZz4gLSB0cnVlPC9saT48bGk+PHN0cm9uZz53b29fY2F0X2V4PC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fY29tbWVudF9wb3N0czwvc3Ryb25nPiAtIFNlbGVjdCBhIG51bWJlcjo8L2xpPjxsaT48c3Ryb25nPndvb19jb250ZW50PC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19jb250ZW50X2FyY2hpdmVzPC9zdHJvbmc+IC0gZmFsc2U8L2xpPjxsaT48c3Ryb25nPndvb19jb250ZW50X2ZlYXQ8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2N1c3RvbV9mYXZpY29uPC9zdHJvbmc+IC0gPC9saT48bGk+PHN0cm9uZz53b29fZmVhdHVyZWRfY2F0ZWdvcnk8L3N0cm9uZz4gLSBTZWxlY3QgYSBjYXRlZ29yeTo8L2xpPjxsaT48c3Ryb25nPndvb19mZWF0dXJlZF9lbnRyaWVzPC9zdHJvbmc+IC0gMzwvbGk+PGxpPjxzdHJvbmc+d29vX2ZlYXR1cmVkX3Bvc3RzPC9zdHJvbmc+IC0gMjwvbGk+PGxpPjxzdHJvbmc+d29vX2ZlZWRidXJuZXJfaWQ8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19mZWVkYnVybmVyX3VybDwvc3Ryb25nPiAtIDwvbGk+PGxpPjxzdHJvbmc+d29vX2dvb2dsZV9hbmFseXRpY3M8L3N0cm9uZz4gLSA8c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj4NCg0KICB2YXIgX2dhcSA9IF9nYXEgfHwgW107DQogIF9nYXEucHVzaChbXCdfc2V0QWNjb3VudFwnLCBcJ1VBLTI2NTgxNjQ1LTFcJ10pOw0KICBfZ2FxLnB1c2goW1wnX3RyYWNrUGFnZXZpZXdcJ10pOw0KDQogIChmdW5jdGlvbigpIHsNCiAgICB2YXIgZ2EgPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50KFwnc2NyaXB0XCcpOyBnYS50eXBlID0gXCd0ZXh0L2phdmFzY3JpcHRcJzsgZ2EuYXN5bmMgPSB0cnVlOw0KICAgIGdhLnNyYyA9IChcJ2h0dHBzOlwnID09IGRvY3VtZW50LmxvY2F0aW9uLnByb3RvY29sID8gXCdodHRwczovL3NzbFwnIDogXCdodHRwOi8vd3d3XCcpICsgXCcuZ29vZ2xlLWFuYWx5dGljcy5jb20vZ2EuanNcJzsNCiAgICB2YXIgcyA9IGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKFwnc2NyaXB0XCcpWzBdOyBzLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKGdhLCBzKTsNCiAgfSkoKTsNCg0KPC9zY3JpcHQ+PC9saT48bGk+PHN0cm9uZz53b29fZ3JhdmF0YXI8L3N0cm9uZz4gLSB0cnVlPC9saT48bGk+PHN0cm9uZz53b29faG9tZV9hcmM8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2hvbWVfbGluazwvc3Ryb25nPiAtIGZhbHNlPC9saT48bGk+PHN0cm9uZz53b29faG9tZV9saW5rX2Rlc2M8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb19ob21lX2xpbmtfdGV4dDwvc3Ryb25nPiAtIEhvbWU8L2xpPjxsaT48c3Ryb25nPndvb19ob21lX3RodW1iX2hlaWdodDwvc3Ryb25nPiAtIDEwMDwvbGk+PGxpPjxzdHJvbmc+d29vX2hvbWVfdGh1bWJfd2lkdGg8L3N0cm9uZz4gLSAxMDA8L2xpPjxsaT48c3Ryb25nPndvb19pbWFnZV9oZWlnaHQ8L3N0cm9uZz4gLSAyMTA8L2xpPjxsaT48c3Ryb25nPndvb19pbWFnZV9zaW5nbGU8L3N0cm9uZz4gLSBmYWxzZTwvbGk+PGxpPjxzdHJvbmc+d29vX2ltYWdlX3dpZHRoPC9zdHJvbmc+IC0gNTQwPC9saT48bGk+PHN0cm9uZz53b29fbGF5b3V0PC9zdHJvbmc+IC0gZGVmYXVsdC5waHA8L2xpPjxsaT48c3Ryb25nPndvb19sb2dvPC9zdHJvbmc+IC0gaHR0cDovL3d3dy50d2kuZ3Mvd3AtY29udGVudC93b29fdXBsb2Fkcy8zLXR3aWdzLnBuZzwvbGk+PGxpPjxzdHJvbmc+d29vX21hbnVhbDwvc3Ryb25nPiAtIGh0dHA6Ly93d3cud29vdGhlbWVzLmNvbS9zdXBwb3J0L3RoZW1lLWRvY3VtZW50YXRpb24vYnVzeS1iZWUvPC9saT48bGk+PHN0cm9uZz53b29fb3RoZXJfZW50cmllczwvc3Ryb25nPiAtIDY8L2xpPjxsaT48c3Ryb25nPndvb19wb3B1bGFyX3Bvc3RzPC9zdHJvbmc+IC0gMzwvbGk+PGxpPjxzdHJvbmc+d29vX3Jlc2l6ZTwvc3Ryb25nPiAtIHRydWU8L2xpPjxsaT48c3Ryb25nPndvb19zaG9ydG5hbWU8L3N0cm9uZz4gLSB3b288L2xpPjxsaT48c3Ryb25nPndvb19zaW5nbGVfaGVpZ2h0PC9zdHJvbmc+IC0gMTIwPC9saT48bGk+PHN0cm9uZz53b29fc2luZ2xlX3dpZHRoPC9zdHJvbmc+IC0gMTgwPC9saT48bGk+PHN0cm9uZz53b29fdGFiczwvc3Ryb25nPiAtIHRydWU8L2xpPjxsaT48c3Ryb25nPndvb190aGVtZW5hbWU8L3N0cm9uZz4gLSBCdXN5IEJlZTwvbGk+PGxpPjxzdHJvbmc+d29vX3RodW1iX2hlaWdodDwvc3Ryb25nPiAtIDg4PC9saT48bGk+PHN0cm9uZz53b29fdGh1bWJfd2lkdGg8L3N0cm9uZz4gLSA4ODwvbGk+PGxpPjxzdHJvbmc+d29vX3R3aXR0ZXI8L3N0cm9uZz4gLSA8L2xpPjxsaT48c3Ryb25nPndvb191cGxvYWRzPC9zdHJvbmc+IC0gaHR0cDovL3d3dy50d2kuZ3Mvd3AtY29udGVudC93b29fdXBsb2Fkcy8zLXR3aWdzLnBuZzwvbGk+PGxpPjxzdHJvbmc+d29vX3ZpZGVvX2NhdGVnb3J5PC9zdHJvbmc+IC0gU2VsZWN0IGEgY2F0ZWdvcnk6PC9saT48L3VsPg==