Wednesday, 29 April 2009

Encrypted Timecapsule backups

Timecapsule backups aren't encrypted which seems a little dumb - as if someone nicks your TC then they've also got all your data in the clear too. There's a simple procedure that this smart post lays out - but I've copied it here in case that page goes away as it is so handy:
  • Set up Time Machine to back up to an AFP drive. I don’t think this will work with a local hard drive.
  • Let Time Machine start backing up, then stop the back up. This will have created _.sparsebundle on the AFP drive.
  • Disable Time Machine.
  • Open a Terminal and run these commands (replace name_mac with your mac's name, and TC_drive_name with your TimeCapsule's network drive name - ls /Volumes to check):
    $ cd /Volumes/TC_drive_name/
    $ mv name_mac.sparsebundle name_mac-old.sparsebundle
    $ hdiutil convert -format UDSB -o name_mac.sparsebundle -encryption AES-256 name_mac-old.sparsebundle

    It will ask you for a password. Type in a password you won’t forget.
  • Double click the sparsebundle in the Finder (You should find it in your TimeCapsule network drive). You will be prompted for your password. Type that in and tick the “Remember password” check box.
  • Open /Applications/Utilities/Keychain Access and find name_mac.sparsebundle. Right click it and select Copy name_mac.sparsebundle.
  • Select System Keychain on the left hand side of Keychain Access and paste it in the main area. Allow this action if you are asked. Remember to lock the System Keychain when you are done.
  • If using Snow Leopard then (as suggested here) you'll need to copy "com.apple.TimeMachine.MachineID.plist" from the old to the new sparsebundle. You can do this by going to the volume using Terminal as above and then doing:
    $ cd /Volumes/TC_drive_name/
    $ cp name_mac-old.sparsebundle/com.apple.TimeMachine.MachineID.plist name_mac.sparsebundle
  • Unmount the volume and then tell Time Machine to get busy.
  • Time Machine should not have no problem backing up to the encrypted volume. If everything works as planned, feel free to delete the name_mac-old.sparsebundle
[updated: 21sept09, 21aug10]

3 comments:

  1. I cannot figure out how to "click" on /Volumes/TimeCap/myname_010MAC010.sparsebundle

    It doesn't show up in the "GUI" like Finder?? Where do I click it?

    ReplyDelete
  2. It should show up in the Finder (but I've noticed that occasionally it doesn't). If it is mounted (as in you can see it in /Volumes) then you can create a soft-link to it so you can access it. By doing the following (assuming your TimeCapsule is named TimeCap):
    ln -s /Volumes/TimeCap ~/
    You should then be able to click on TimeCap in from you home directory in Finder

    ReplyDelete
  3. Thanks for the sunken time!

    Still works with 4th generation Time Capsule and 10.7.1.

    ReplyDelete