Mac – Create encrypted partition for Time Machine from command line using diskutil or gpt, instead of Disk Utility

disk-utilitydiskutilencryptionpartitiontime-machine

I can use Disk Utility to create an encrypted partition, intended for Time Machine backups. I would choose the Mac OS X Extended (Journaled, Encrypted) format.

However is there also away to achieve the same from the command line, using the diskutil or gpt command, or something else perhaps?

I know how to manually create partitions with either, I just don't know how to get the exact combination of Mac OS X Extended (Journaled, Encrypted) as the Disk Utility App does.

Best Answer

Below (in the steps 1-5) I assume you already formatted some device as JHFS+ volume with an arbitrary name (in my example I use TMBackup). If you have an unformatted/unpartitioned disk, you have to partition & format it to JHFS+ first:

$: diskutil list
$: diskutil partitionDisk diskX GPT jhfs+ Name 0

or (if the disk is already GPT-partitioned with one volume):

$: diskutil eraseDisk JHFS+ Name /dev/diskXsY

The content of diskX(sY) will be deleted.

Get the devices list:

$: diskutil list

Example:

...
/dev/disk1 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *1.1 TB     disk1
   1:                        EFI EFI                     209.7 MB   disk1s1
   2:                  Apple_HFS TMBackup                1.1 TB     disk1s2

Choose the future backup drive partition and convert it to CoreStorage:

$: diskutil cs convert diskXsY

Example result:

$: diskutil cs convert disk1s2
Started CoreStorage operation on disk1s2 TMBackup
Resizing disk to fit Core Storage headers
Creating Core Storage Logical Volume Group
Reviewing boot support loaders
Attempting to unmount disk1s2
Switching disk1s2 to Core Storage
Waiting for Logical Volume to appear
Mounting Logical Volume
Core Storage LVG UUID: 586B5316-C702-4704-B8B9-D5F063AB1F84
Core Storage PV UUID: 17373D1A-FCBD-4915-8699-3DA174B59BB7
Core Storage LV UUID: AE765219-2012-4876-91DD-FE128DC8CA6C
Core Storage disk: disk3
Finished CoreStorage operation on disk1s2 TMBackup

Encrypt the logical volume (LV)

$: diskutil cs encryptVolume $UUID(LV)

Example:

$: diskutil cs encryptVolume AE765219-2012-4876-91DD-FE128DC8CA6C
New passphrase for existing volume:
Confirm new passphrase:
The Core Storage Logical Volume UUID is AE765219-2012-4876-91DD-FE128DC8CA6C
Started CoreStorage operation on disk3 TMBackup
Reviewing boot support loaders
Scheduling encryption of Core Storage Logical Volume
Core Storage LV UUID: AE765219-2012-4876-91DD-FE128DC8CA6C
Finished CoreStorage operation on disk3 TMBackup

Set destination device for Time Machine backups:

$: sudo tmutil setdestination mountpoint

Example:

$: sudo tmutil setdestination /Volumes/TMBackup

Enable Time Machine
```
$: sudo tmutil enable
```

Best Answer

Related Solutions

MacOS – how to create a 128MB HFS+ partition using diskutil

Disk Utility reading disk incorrectly; viewing ext4 as JHFS+ and seeing Recovery HD

Related Question