#Crypt Crypt is a system for centrally storing FileVault 2 recovery keys. It is made up of a client app, and a Django web app for storing the keys. You will also need to download and install the webapp.
##Changes in this version
- 10.7 is no longer supported.
- Improved logging on errors.
- Improved user feedback during long operations (such as enabling FileVault).
##Client The client is written in Pyobjc, and makes use of the built in fdesetup on OS X 10.8 and higher. An example login hook is provided to see how this could be implemented in your organisation.
###Features
- If escrow fails for some reason, the recovery key is stored on disk and a Launch Daemon will attempt to escrow the key periodically.
- If the app cannot contact the server, it can optionally quit.
- If FileVault is already enabled, the app will quit.
###Screenshot
###Installation
- Install the package
- Install the Django webapp
###Configuration
sudo defaults write /Library/Preferences/FVServer ServerURL "http://yourserver.com"
To disable the network check (for example, in environments when the network isn't available until the user has authenticated):
sudo defaults write /Library/Preferences/FVServer NetworkCheck -bool NO
fdesetup, the binary Crypt uses to enable FileVault needs to be run as root. You will need to devise your own way of running this, whether it is via a LaunchDaemon or a LoginHook.
##Acknowledgements Many thanks to my lovely employers at pebble.it for letting me release this, and thanks to Greg Neagle and the other contributors at Munki for having code that I could borrow.