[herbsman]

Is it possible to open up a filevault sparesebundle that is copied on a different mac with the master password from the machine it originated from?

I notice that if I have a FV master password set for a machine, even if I don't have a particular user's password, I can type in the incorrect password 3 times in a row, which will then prompt me for the master password. The master password then logs me into the user's account.

However, if I were to copy the sparse bundle onto a different mac, the sparsebundle will not open with the master password.

Is there a way around this?

[Art Vandelay]

You can only open the image if you have the original password or the master password. There is no way around it. If there was, it wouldn't be that secure, would it?

[herbsman]

The master password will unlock the user's filevaulted account on the machine it originated from (i.e. when you attempt to login) , but it does not open the bundle for me when I copy the bundle over to a different machine (disk image/sparsebundle). How do you force the bundle to open with the master password? In my case it only accepts the user's password. thanks

[Art Vandelay]

From my understanding, there is a master keychain that stores the individual filevault passwords. So, when you use the master password on the Mac that the filevault was created on, the master keychain is unlocked and it supplies the individual password to unlock the image. If you can figure out where that keychain is and transfer it to the other Mac, then you'd be able to open it on the other Mac with the master password.

[Art Vandelay]

The keychain and it's certificate are in /Library/Keychains. However, they are not accessible via KeyChain Access even if you add them manually. The master keychain will show up but you can't unlock it.

[herbsman]

I see. So I guess it's not possible then

[tightsocks]

It may be possible to move the keychain containing the master password...

See http://images.apple.com/support/secu...nfig_v10.6.pdf
Chapter 7, page 154 onward.