MacOS: mounting password-protected sparsebundle doesn't ask for password

1

0

I have an encrypted, password-protected sparsebundle that I occasionally mount and unmount from the terminal. I want the system to ask for the password every time I mount it, but for some reason it keeps remembering.

This is how I mount it: hdiutil attach ~/path/to/my/bundle -mountpoint ~/my/mountpoint

These are some of the ways I've tried to unmount it:

hdiutil detach -force ~/path/to/my/bundle
hdiutil detach -force /Users/me/path/to/my/bundle
hdiutil eject -force ~/path/to/my/bundle
diskutil eject ~/path/to/my/bundle
diskutil unmount force ~/path/to/my/bundle

(I've read here that hdiutil unmount is not sufficient to make the system forget the password.)

However, whatever I try, the system "helpfully" remembers the password each time.

Only when I use the eject button in Finder, does the system forget the password.

Also, there is no entry in my keychain that suggest the password has been cached. (At least, I can't find it. There are none with kind disk image password.)

I've even created a new sparsebundle, with a new name and a different password, but the problem persists.

What am I missing here? How can I make sure the sytem always asks for the password, each time I mount the sparsebundle?

jqno

Posted 2018-11-23T14:52:12.600

Reputation: 43

In this post the following procedure was suggested: "I had to first use unmount force option, then open the volume again in the script, then eject it. And that worked."

– harrymc – 2018-11-29T10:04:03.787

Tried it, but sadly doesn't work for me. – jqno – 2018-11-29T13:26:24.733

Using detach, then closing the terminal session. Will opening a new terminal session still allow you to mount without password? – Elmo – 2018-11-29T15:46:10.817

2Another case of Apple saving you from yourself. Ease of use is more important than security. – HackSlash – 2018-11-29T21:56:49.743

@Elmo Nope. Only the eject button in finder seems to work reliably so far. And rebooting the system. – jqno – 2018-11-30T10:50:42.130

What version are you running? On El Capitan, "hdiutil eject ~/my/mountpoint" (note not "~/path/to/my/bundle" as in the question) results on password prompt on all subsequent "hdiutil attach ~/Documents/Test.sparsebundle -mountpoint ~/my/mountpoint" – lx07 – 2018-12-04T15:50:18.023

@lx07 I'm running Mojave. – jqno – 2018-12-05T08:46:47.277

@lx07 I just gave it another shot with the exact same commands that you mention, but still no dice... – jqno – 2018-12-05T08:49:56.667

Answers

0

It feels kind of sad, but in the end I managed to find a way to do it using AppleScript:

osascript -e 'tell application "Finder" to eject "<name>"'

The <name> should match the name in Finder's sidebar.

jqno

Posted 2018-11-23T14:52:12.600

Reputation: 43

Asked: 2018-11-23T14:52:12.600

Viewed: 330 times

Active: 2018-12-14T10:49:47.627