I am considering enabling File Vault 2 on my Macbook Pro, which frequently stays at work overnight, and which I often need to log into remotely using ssh. What are the ramifications of using File Vault 2 for a machine that needs to receive ssh connections? Specifically,
-
Will I need to stay logged into my user account overnight, or will I still be able to sign out and leave the machine at the login screen when I leave?
-
Can the machine sleep without requiring keyboard authentication for File Vault 2 when it wakes up? Right now, I allow the machine to sleep and utilize "Wake for network access". Will this still be possible with File Vault 2 enabled, or will I need to prevent it from sleeping?
(I'll note that I'm aware of the sudo fdesetup authrestart option to restart the machine from remote without physically being there, which is helpful only if these other issues are not a problem.)
Best Answer
The only time the machine will need the filevault key to unlock is at boot, at all other times the system is effectively decrypted with the key in ram.
As soon as the machine powered off, it will be locked again.
You do not need to be logged in, and waking the machine up from sleep is no issue.