Help

Remove FileVault Institutional Key - All Encrypted Macs

kirkd
New Contributor II

Posted on ‎04-28-2017 09:47 AM

Hey all,
In hopes of increasing security on my Macs I would like to remove the Institutional key from both the encrypted Mac as well as in the JSS for all encrypted Macs. All Macs still have individual keys that will remain. I am aware of @rtrouton 's extensive FileVault tutorial on his awesome website. I did run the commands on a test laptop to remove the Institutional key. However, after running recon the institutional ID still reports in the JSS. Sooooooo did I actually remove the institutional key or does the JSS not update properly? Any help would be appreciated.

0 Kudos
Reply
2 REPLIES 2

rderewianko
Valued Contributor II

Posted on ‎04-29-2017 06:54 PM

I can't confirm. I'd suggest you try and see if a enterprise key works.

Another option for re-keying is: https://github.com/square/fde-rekey

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎05-01-2017 06:51 AM

@kirkd we saw the same... it,s not being used &a is more of a UI issue.

0 Kudos
Reply