Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Create multiple nested secure disk images' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Create multiple nested secure disk images
Authored by: bluehz on Jan 16, '05 08:15:33AM

So no one has any suggestions as how to create anything other than the default AES-128 disk image using hdiutil? What are the cli switches necessary to create a higher level encrypted disk image??????



[ Reply to This | # ]
Create multiple nested secure disk images
Authored by: caesurae on Jan 19, '05 04:07:23PM
I believe that AES 128 encrypted disk images are the only choice with hdiutil. this is not necessarily a limitation of hdiutil itself, but a limitation of the current framework which hdiutil uses for working with disk images.

"/System/Library/PrivateFrameworks/DiskImages.framework"

If this is indeed the case, then it may be possible to use stronger encryption in future versions of OS X.

The hdiutil man page indicates that the default specification, or [crypto_method], used by the the hdiutil create -encryption option is called CEncryptedEncoding. After searching the OS X 10.3.7 filesystem, the Apple Developer Connection, and the WWW in general, I have found no mention of any possible alternative specifications. Furthermore, if there were such an alternative, there would have to be mention of it in a framework somewhere otherwise such an image would be unrecognizable/unmountable.

For the curious, there is a file called CEncryptionEncoding.strings located with "/System/Library/PrivateFrameworks/DiskImages.framework/Versions/A/Resources/English.lproj/" which simply provides some strings for use with Disk Utility.

To create an AES 128 encrypted disk image from the command line, from a folder named "MyFolder" located on the desktop, one could type the following:

hdiutil create -encryption -srcfolder ~/Desktop/MyFolder ~/Desktop/MyFolder.dmg

after being prompted for a password, the resulting image should be created on the desktop.

[ Reply to This | # ]

Create multiple nested secure disk images
Authored by: jago_lebow on Nov 24, '05 11:23:28AM

I'm trying to do this on my clients OSX server and I get no propt for a pass word .. they only way it works is to put the passphrase as a comandline arg ( kinda defats the point )



[ Reply to This | # ]