Encryption of a Folder (OS X)

From The System Administrator Zone

See also: File Encryption Tools

Using the Disk Utility from the Command Line

The Disk Utility needs to be given the name of an existing folder on the command line. You can work with an empty directory or you can put the files you want to encrypt into it.

For the first example, let us assume we have a directory name "OriginalSecrets" that we want to encrypt into an encrypted DMG file named "CurrentSecrets.dmg".

From a terminal window:

$ hdiutil create -encryption -stdinpass -srcfolder OriginalSecrets CurrentSecrets.dmg

This will prompt you for your password and create the DMG version. The original is not deleted.

You can supply the password on the command line if you desire.

$ echo -n "passphrase" | hdiutil create -encryption -stdinpass -srcfolder OriginalSecrets CurrentSecrets.dmg

This creates "CurrentSecrets.dmg". If you double-click on this file, you will be prompted for your password.

To open it from the command line:

$ hdiutil attach -stdinpass stuff.dmg 
Enter disk image passphrase:
expected   CRC32 $F1B2F39C
/dev/disk2          	Apple_partition_scheme         	
/dev/disk2s1        	Apple_partition_map            	
/dev/disk2s2        	Apple_HFS                      	/Volumes/CurrentSecrets 

As you can see, it is mounted as /Volumes/CurrentSecrets and can be treated like any normal folder until it is unmounted.

I had a problem with remounting this file system read-write at a later time, which I did not resolve.


Using the Disk Utility from the GUI

  1. Create a New Folder and place in it the files you would like in your disk image.
  2. Right click (or CTRL-Click) the folder and select "Get Info" and note the size of the contents.
  3. Open Disk Utility: Applications -> Utilities -> Disk Utility
  4. Click the "New Image" icon to create a new disk image. Enter a name for the Image, and select a size adequate for the size of your folder you created. Set the "AES-128" under the "Encryption" drop-down menu and Format to "read/write disk image".
  5. Place the contents of the folder created above into the newly mounted disk image.
  6. Unmount by clicking the Eject symbol next to the mounted image in Finder.

You can still access it either through the finder on your desktop or via /Volume/folder_name.