- Joined
- Mar 6, 2016
- Messages
- 102
- Motherboard
- Asus Maximus VIII Gene Z170
- CPU
- i7-6700K
- Graphics
- 5600XT
- Mobile Phone
Hi! This is actually quite simple to set up but requires a lot of knowledge that a fresh hackintosh builder like me did not have. Like a lot of hackintosh knowledge, once you know it its too obvious to state but if you don't know it, its blocking. I want to pass along what I've learned before it becomes so blindingly obvious to me that I assume everyone else knows it too 
As such, this post has a lot of extra info in it. If you just want the quick and dirty steps, scroll to the end.
The source of this solution is this thread:
http://www.insanelymac.com/forum/topic/317290-filevault-2/?hl=+clover++encryption
However, it seems like a thread of developers, is technical, assumes a lot of knowledge, and doesn't seem to have much patience for non developers. With a little help from mineralwasser I figured out enough to get it working.
Background info
First, it's critical to have a clone of your system drive and a way to easily wipe the system disk, lay down new partitions, and restore from the clone. I won't digress into what happened when I found out the hard way that I couldn't run SuperDuper! from the Unibeast install USB. Lets just say that right now I have an external ssd with a bootable 16GB macOS partition called Rescue, and the remainder of the ssd contains an encrypted partition with a daily SuperDuper! clone of my MacOS system partition on it. Rescue now also contains a dmg of a working Recovery HD partition too. More on that part later.
My Recovery HD partition had never worked, and I kept reading about people saying that with FileVault turned on, we had to boot from the Recovery HD partition. At this point I had no idea why the Recovery HD partition would have anything to do with FileVault, but I figured I should fix it. If you search this site and google there are a lot of ways to fix the recovery partition or create a new one, however the hackintosh info I found mostly had to do with scripts that didn't work in Sierra or extremely complicated processes. Then I found this post:
https://www.tonymacx86.com/threads/recovery-hd-partition-with-el-capitan.181701/
Bam. 5 minutes, working Recovery HD partition. Props to jimmyfoz.
It is worth noting here that I had to learn about command line diskutil because Disk Utility doesn't support showing hidden partitions like the APPLE_BOOT type. Apparently there used to be a debug menu that you could turn on but its gone in Sierra. diskutil is the only way that you can view and work with hidden partitions like EFI and Recovery HD. I suspect that EFI Mounter and Clover Configurator just call diskutil for EFI mounting.
At mineralwasser's suggestion for shits and giggles I updated my clover using clover configurator to 4061 and just enabled FileVault to see if the necessary files were part of Clover. They weren't. (In hindsight probably because you have to manually choose a driver for your keyboard type). I figured hey, I've got a clone, easy peasy Anyway, fast forward to me using my new Rescue drive to restore the clone back to my MacOS partition. At this point I learned that if you use Disk Utility to erase your system macOS partition, IT AUTOMATICALLY REMOVES THE RECOVERY HD PARTITION TOO! So I actually had to drop down a whole new unibeast / multibeast install to get the Recovery HD partition created, then I had to repair it again. This is why I recommend backing up your Recovery HD partition to a disk image. I learned how to do it here:
https://www.lifewire.com/create-os-x-recovery-hd-on-any-drive-2260909
In a nutshell you need to use diskutil list to find the identifier of your Recovery HD partition (diskXsX), then use this command:
sudo hdiutil create ~/Desktop/Recovery\ HD.dmg -srcdevice /dev/diskXsX
to make the image. I haven't tested this part but in theory now if I need to restore my system from a clone I can restore the Recovery HD partition too since it matters now.
So now I have a working system and a working recovery partition. Time to try this out for reals.
The Actual Fix
The problem that the whole insanelymac thread solves is that you will need to type in a password while booting from the Recovery HD and your regular keyboard driver won’t work in this circumstance. So you need to install one of two keyboard drivers. Details on which one to pick are in the thread but the oversimplification is that wired usb keyboards use one driver and the apple bluetooth keyboards use a different one. Both are linked in the first post of the thread. Only install the driver that you need. I picked the one called AptioInputFix since I'm using a wireless apple keyboard and mouse hooked up to a native Broadcom pci card from osxwifi.
I downloaded the driver, which, confusingly enough, was called AsAmiShimBinaries, not AptioInputFix as everyone talks about in that thread. As it turns out its the same thing and the name doesn’t matter. I grabbed the non debug version and copied it to the /EFI/CLOVER/drivers64UEFI folder of the EFI partition on the drive containing my MacOS partition.
Next I went to Security & Privacy in System Preferences and turned on FileVault. Following the prompts, I set and recorded my recovery key, allowed each user account access to the encrypted drive, and let the system reboot.
Another big unknown for me was what the Recovery HD had to do with Filevault. I don’t really know how or why this worked but it turned out to be magic. Upon reboot, Clover already had the recovery hd partition selected, so I chose it. Previously, booting into the recovery partition would bring me into a ui that was very similar to the unibeast installer ui. Now, magically, it brought me to a login screen showing the user accounts of my MacOS partition. Crossing my fingers that my keyboard worked, I logged in and was taken to my desktop. I just wanted to officially state that no one talks about this step because it magically just works, so don’t spend time worrying about what it means. And because its magic, I'm going to make a disk image of this version of the Recovery HD and put it on my Rescue drive too. You know, since I don't *actually* understand whats going on here
One final note: after the reboot your drive will still be encrypting for a little bit, you can see the progress in System Preferences -> Security & Privacy. I read somewhere that if you want to change your encryption password, WAIT TILL THE DRIVE IS DONE ENCRYPTING BEFORE YOU DO IT!
Quick and Dirty List of Steps
I hope this helps some folks out! Feel free to ask the other noob questions like how do you update clover, etc. I had to figure that out too
As such, this post has a lot of extra info in it. If you just want the quick and dirty steps, scroll to the end.The source of this solution is this thread:
http://www.insanelymac.com/forum/topic/317290-filevault-2/?hl=+clover++encryption
However, it seems like a thread of developers, is technical, assumes a lot of knowledge, and doesn't seem to have much patience for non developers. With a little help from mineralwasser I figured out enough to get it working.
Background info
First, it's critical to have a clone of your system drive and a way to easily wipe the system disk, lay down new partitions, and restore from the clone. I won't digress into what happened when I found out the hard way that I couldn't run SuperDuper! from the Unibeast install USB. Lets just say that right now I have an external ssd with a bootable 16GB macOS partition called Rescue, and the remainder of the ssd contains an encrypted partition with a daily SuperDuper! clone of my MacOS system partition on it. Rescue now also contains a dmg of a working Recovery HD partition too. More on that part later.
My Recovery HD partition had never worked, and I kept reading about people saying that with FileVault turned on, we had to boot from the Recovery HD partition. At this point I had no idea why the Recovery HD partition would have anything to do with FileVault, but I figured I should fix it. If you search this site and google there are a lot of ways to fix the recovery partition or create a new one, however the hackintosh info I found mostly had to do with scripts that didn't work in Sierra or extremely complicated processes. Then I found this post:
https://www.tonymacx86.com/threads/recovery-hd-partition-with-el-capitan.181701/
Bam. 5 minutes, working Recovery HD partition. Props to jimmyfoz.
It is worth noting here that I had to learn about command line diskutil because Disk Utility doesn't support showing hidden partitions like the APPLE_BOOT type. Apparently there used to be a debug menu that you could turn on but its gone in Sierra. diskutil is the only way that you can view and work with hidden partitions like EFI and Recovery HD. I suspect that EFI Mounter and Clover Configurator just call diskutil for EFI mounting.
At mineralwasser's suggestion for shits and giggles I updated my clover using clover configurator to 4061 and just enabled FileVault to see if the necessary files were part of Clover. They weren't. (In hindsight probably because you have to manually choose a driver for your keyboard type). I figured hey, I've got a clone, easy peasy
Anyway, fast forward to me using my new Rescue drive to restore the clone back to my MacOS partition. At this point I learned that if you use Disk Utility to erase your system macOS partition, IT AUTOMATICALLY REMOVES THE RECOVERY HD PARTITION TOO! So I actually had to drop down a whole new unibeast / multibeast install to get the Recovery HD partition created, then I had to repair it again. This is why I recommend backing up your Recovery HD partition to a disk image. I learned how to do it here:https://www.lifewire.com/create-os-x-recovery-hd-on-any-drive-2260909
In a nutshell you need to use diskutil list to find the identifier of your Recovery HD partition (diskXsX), then use this command:
sudo hdiutil create ~/Desktop/Recovery\ HD.dmg -srcdevice /dev/diskXsX
to make the image. I haven't tested this part but in theory now if I need to restore my system from a clone I can restore the Recovery HD partition too since it matters now.
So now I have a working system and a working recovery partition. Time to try this out for reals.
The Actual Fix
The problem that the whole insanelymac thread solves is that you will need to type in a password while booting from the Recovery HD and your regular keyboard driver won’t work in this circumstance. So you need to install one of two keyboard drivers. Details on which one to pick are in the thread but the oversimplification is that wired usb keyboards use one driver and the apple bluetooth keyboards use a different one. Both are linked in the first post of the thread. Only install the driver that you need. I picked the one called AptioInputFix since I'm using a wireless apple keyboard and mouse hooked up to a native Broadcom pci card from osxwifi.
I downloaded the driver, which, confusingly enough, was called AsAmiShimBinaries, not AptioInputFix as everyone talks about in that thread. As it turns out its the same thing and the name doesn’t matter. I grabbed the non debug version and copied it to the /EFI/CLOVER/drivers64UEFI folder of the EFI partition on the drive containing my MacOS partition.
Next I went to Security & Privacy in System Preferences and turned on FileVault. Following the prompts, I set and recorded my recovery key, allowed each user account access to the encrypted drive, and let the system reboot.
Another big unknown for me was what the Recovery HD had to do with Filevault. I don’t really know how or why this worked but it turned out to be magic. Upon reboot, Clover already had the recovery hd partition selected, so I chose it. Previously, booting into the recovery partition would bring me into a ui that was very similar to the unibeast installer ui. Now, magically, it brought me to a login screen showing the user accounts of my MacOS partition. Crossing my fingers that my keyboard worked, I logged in and was taken to my desktop. I just wanted to officially state that no one talks about this step because it magically just works, so don’t spend time worrying about what it means. And because its magic, I'm going to make a disk image of this version of the Recovery HD and put it on my Rescue drive too. You know, since I don't *actually* understand whats going on here
One final note: after the reboot your drive will still be encrypting for a little bit, you can see the progress in System Preferences -> Security & Privacy. I read somewhere that if you want to change your encryption password, WAIT TILL THE DRIVE IS DONE ENCRYPTING BEFORE YOU DO IT!
Quick and Dirty List of Steps
- Have Clover updated to at least r3877. I used r4061 which was the latest version at this time.
- Have a working Recovery HD partition.
- Download a keyboard driver from the first post here. I used AptioInputFix since I use an apple wireless keyboard / trackpad and a native Broadcom card. If you use a wired keyboard you might need the other driver. Copy the appropriate driver to /EFI/CLOVER/drivers64UEFI on the boot drive's EFI partition.
- Turn on FileVault. Follow the various prompts
- Allow the system to reboot and choose the Recovery HD partition in Clover. Type in your password when requested. (This is the part that needed the fix from insanelymac).
- Observe your FileVault enabled hackintosh and profit.
I hope this helps some folks out! Feel free to ask the other noob questions like how do you update clover, etc. I had to figure that out too
Last edited:
