I would like to know, how to remove FileVault2 keys from memory, when I close the lid on my Macbook pro 15" running Yosemite.
It works, when I leave the computer as it slowly goes into standby by itself (first lock-screen then the screensaver and then standby). I had manage to do this, with this classic command:
sudo pmset -a destroyfvkeyonstandby 1
But the problem is, that when I close the lid when the screen is just locked, or it isn't locked it, wouldn't destroy the keys. It just locks the screen.
Short version: I want to destroy FileVault2 keys when I close the laptop lid.
Best Answer
In addition to the destroyfvkeyonstandby option, you also need to specify that pmset is setting hibernatemode 25 for the power management options.
Setting both options ensures that the Mac in question will hibernate (where the contents of the RAM are written to disk) and also have the FileVault 2 key automatically removed from the saved RAM.
When the laptop is awakened from hibernation, you should see your account icon and a password blank at the FileVault 2 login screen, which would indicate that it had been asleep.
When this setting is set, you may run into some Power Nap-related issues. I have a post on that available from here:
Power Nap, power management settings and FileVault 2