Recovery: Symantec Drive Encryption (formerly PGP Whole Disk Encryption) for Mac
Article ID: 153436
Updated On:
Products
Drive Encryption
Issue/Introduction
After encrypting your boot disk with Symantec Drive Encryption (formerly PGP Whole Disk Encryption) the PGP BootGuard screen is not displayed and you are unable to boot your operating system. This article details connecting your disk to another Mac for troubleshooting.
Your system may display a blank screen with a Not Allowed symbol.
Resolution
Although rare, you may find it necessary to recover data from an encrypted drive that has been damaged or corrupted as well as repairing the PGP MBR.
Connecting your Symantec encrypted drive to another Mac with Symantec Encryption Desktop installed via USB or FireWire can allow you to decrypt the drive and correct any issues on the disk.
Use the following steps for troubleshooting:
- Connect the disk to a system with Symantec Encryption Desktop installed.
- Attempt to recover the disk using the following command from the terminal application:
pgpwde --disk 0 --recover --passphrase 'passphrase'
Note: Depending on the size of the disk, decryption is a time-consuming and CPU-intensive process. The larger the disk being decrypted, the longer the recovery process will take.
- Flush any data out to the disk by using the sync command.
- Double-check that the data is written to the raw device as well as the cached device by typing:
hexdump -C -n 128 /dev/rdisk0
hexdump -C -n 128 /dev/disk0
- PGPGUARD should be displayed in the first line of the boot sector.
- Unmount the disk by typing:
diskutil unmountdisk disk0
- Remount the disk so the new data can be seen by typing
diskutil mountdisk disk0
- Authenticate the disk so that it can be mounted using the following command:
pgpwde --disk 0 --auth-disk --passphrase 'passphrase'
Mount the volumes on the disk:
diskutil mountdisk disk0
Applies To
Mac OS X Supported Version
Symantec Encryption Desktop or PGP Desktop
Feedback
Yes
No
Powered by
