How it Works
PGP
Loading...
#
C
D
E
M
N
P
R
U
W
Loading...
Loading...
Whole Disk Encryption Command Line - 10.2
Instruction Manual
88 pgs275.55 Kb0
Table of contents
Loading...

PGP Whole Disk Encryption Command Line - 10.2 Instruction Manual

PGP™ Whole Disk Encryption Command Line
User's Guide
10.2
The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.
Version 10.2.0. Last updated: July 2011.
Copyright (c) 2011 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, PGP, Pretty Good Privacy, and the PGP logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED"AS IS"AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. “Commercial Computer Software and Commercial Computer Software Documentation”, as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation 350 Ellis Street Mountain View, CA 94043
Symantec Home Page (
Printed in the
10 9 8 7 6 5 4 3 2 1
United States of America.
http://www.symantec.com)
Contents
Introduction 5
About PGP Whole Disk Encryption 5 About PGP Whole Disk Encryption Command Line 5 Important Terms 6 Audience 7 System Requirements 7 Installing and Uninstalling 7 PGP Whole Disk Encrypting a Drive 7 Technical Support 8
Contacting Technical Support 8 Licensing and registration 9 Customer service 9 Support agreement resources 9
The Command-Line Interface 11
Overview 11 Scripting 12 Editing the Path 12 WDE-ADMIN Active Directory Group 13 Passphrases 13
Licensing 15
Overview 15
--license-authorize 15 Licensing via a Proxy Server 16
Generic Commands 19
--help (-h) 19
--version 20
Disk Information Commands 21
--enum 21
--info 22
--show-config 23
--status 23
The PGP BootGuard Screen 25
Overview 25
User Management Commands 27
--add-user 27
ii Contents
--change-passphrase 28
--change-userdomain 29
--list-users 31
--offload (deprecated command) 31
--remove-user 32
--verify-user 32
Disk Management 35
--auth 35
--instrument 36
--uninstrument 36
Disk Operation 39
--decrypt 39
--encrypt 40
--resume 41
--secure 41
--stop 42
Boot Bypass Commands 45
--add-bypass 45
--check-bypass 46
--remove-bypass 47
Recovery Token Commands 49
--new-wdrt 49
PGP BootGuard Customization Commands 51
--set-background 51
--set-language 52
--set-sound 53
--set-start 54
--set-text 54
Local Self Recovery 57
--recovery-configure 57
--recovery-questions 59
--recovery-verify 60
--recovery-remove 60
--recovery-change-passphrase 61
Options 63
"Secure" Options 66
--admin-authorization 66
--admin-passphrase 66
--all 67
--answers-file 67
--auto-start 67
--beep 67
--count 68
--dedicated-mode 68
--disk (-d) 68
--display 68
--domain-name (--domain) 69
--fast-mode 69
--image 69
--interactive 70
--keyboard 70
--keyid 70
--license-email 71
--license-name 71
--license-number 71
--license-organization 72
--message 72
--new-domain 72
--new-passphrase 72
--no-beep 73
--partition 73
--passphrase (-p) 73
--proxy-passphrase 74
--proxy-server 74
--proxy-username 74
--questions-file 75
--recovery-token (--wdrt, --rt) 75
--safe-mode (--safe) 75
--sso 75
--username (-u, --user) 76
--xml 76
Contents iii
Quick Reference 77
Commands 77 Options 78
Troubleshooting 81
Overview 81 Problems at PGP BootGuard 82
1

Introduction

This User's Guide tells you how to use PGP Whole Disk Encryption Command Line.
In This Chapter
About PGP Whole Disk Encryption .............................................................................. 5
About PGP Whole Disk Encryption Command Line................................................... 5
Important Terms ............................................................................................................. 6
Audience ...........................................................................................................................7
System Requir
Installing and Uninstalling............................................................................................ 7
PGP Whole Disk Encrypting a Drive ............................................................................ 7
Technical Support ........................................................................................................... 8
ements..................................................................................................... 7

About PGP Whole Disk Encryption

PGP Whole Disk Encryption (WDE) is a software product from PGP Corporation that uses encryption to lock down the entire contents of a boot disk, partition, external disk, or removable disk.
For more information about PGP WDE, see the:
PGP Desktop User's Guide PGP WDE Quick Start Guide PGP WDE Data Sheet (available via the PGP WDE page on the PGP Corporation
website)

About PGP Whole Disk Encryption Command Line

PGP Whole Disk Encryption Command Line gives you access to PGP WDE functionality using a command-line interface. Accessing PGP WDE functions from the command line is useful for scripting PGP WDE functions, troubleshooting problems, or if the graphical user interface is not available.
Note: Not all PGP WDE functions are available via the command line.
PGP WDE command line functionality is available for both Windows and Mac OS X systems. This Guide covers both versions. Differences between the two versions are noted where applicable.
6 Introduction

Important Terms

Note: The Mac OS X Safe Boot feature does not work on a boot disk that has been
whole disk encrypted; if you hold down the Shift key to enter Safe Boot, the system will fail to boot after authenticating at the PGP BootGuard screen.
Important Terms
Understanding the following terms will help make it easier to use PGP Whole Disk Encryption Command Line:
PGP Whole Disk Encryption (PGP WDE): a standalone product from PGP
PGP WDE command line: the command-line interface to PGP WDE functionality.
passphrase user: a user who can authenticate to an encrypted disk using a
public-key user: a user who can authenticate to an encrypted disk using the
encrypt: the process of "scrambling" data so that it is not usable unless you
decrypt: the process of "unscrambling" encrypted data. master boot record (MBR): software on a disk that is "in front" of the partition
instrument: a part of the process of whole disk encrypting a disk/partition where
PGPMBR: an MBR from PGP Corporation that implements the PGP BootGuard.
PGP BootGuard: the screen that appears after instrumenting a disk that requires
uninstrument: removing the PGPMBR and replacing it with the original Windows
whole disk recovery token (WDRT): an additional passphrase for a whole disk
PGP Universal Server: a management console for securing data from PGP
recovery: the process of restoring access to a disk/partition that has been whole
Corporation and a feature of PGP Desktop that lets you encrypt the entire contents of a disk; boot disks, partitions, and non-boot disks such as USB thumb drives can all be whole disk encrypted. PGP WDE functionality is available via a graphical user interface and through a command-line interface.
Because PGP WDE is available on both Windows and Mac OS X systems, you can use the PGP WDE command line interface using command line utilities such as the Command Prompt application, cmd.exe, on Windows systems or the Terminal application on Mac OS X systems.
passphrase.
passphrase to the corresponding private key.
properly authenticate.
table; that is, it is implemented during the startup process before the operating system itself. The instructions in the MBR tells the system how to boot.
the Windows or Mac OS X MBR is replaced with the PGPMBR.
Once a disk is instrumented, even if it is not fully encrypted, subsequent startups will bring up the PGP BootGuard.
proper authentication for the boot process to continue. If proper authentication is not provided, the boot process will not continue; the operating system will not load and the system will not be usable.
or Mac OS X MBR (which was saved when the disk was instrumented).
encrypted disk that is passed to the appropriate PGP Universal Server if the disk is part of a PGP Universal-managed environment.
Corporation.
disk encrypted but now cannot be decrypted.
Introduction
Audience 7

Audience

This User's Guide is for anyone who is going to be using PGP Whole Disk Encryption Command Line to perform PGP WDE functions from the command line.
It assumes you are familiar with using PGP WDE via the graphical user interface, either in the standalone product or as part of PGP Desktop.

System Requirements

PGP Whole Disk Encryption Command Line has the same requirements as PGP Whole Disk Encryption for Windows or Mac OSX. If PGP Whole Disk Encryption is installed on a system, then PGP Whole Disk Encryption Command Line is also installed and available for use.

Installing and Uninstalling

PGP Whole Disk Encryption Command Line is installed automatically when PGP WDE or PGP Desktop is installed on a system.
To uninstall PGP Whole Disk Encryption Command Line, simply uninstall PGP WDE or PGP Desktop.

PGP Whole Disk Encrypting a Drive

To PGP Whole Disk Encrypt a drive requires several things: the drive must be instrumented, there must be at least one authorized user on the drive, and the drive must be encrypted.
There are two ways to PGP Whole Disk Encrypt a drive:
using a single command, --secure: this one command instruments the drive,
creates an authorized user, and encrypts the drive. This command is most useful when you have just installed PGP Whole Disk Encryption Command Line and thus have not instrumented any drives, created any authorized users, or encrypted any drives.
using multiple commands: for scenarios where you do not need all three things
required to PGP Whole Disk Encrypt at drive, or if you just prefer using individual commands, you can use --instrument, --add-user, and finally --encrypt to PGP Whole Disk Encrypt a drive.
8 Introduction

Technical Support

Technical Support
Symantec Technical Support maintains support centers globally. Technical Support’s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates.
Symantec’s support offerings include the following:
A range of support options that give you the flexibility to select the right amount
Telephone and/or Web-based support that provides rapid response and up-to-the-
Upgrade assurance that delivers software upgrades Global support purchased on a regional business hours or 24 hours a day, 7 days a
Premium service offerings that include Account Management Services
For information about Symantec’s support offerings, you can visit our Web site at the following URL:
www.symantec.com/business/support/
All support services will be delivered in accordance with your support agreement and the then-current enterprise technical support policy.
of service for any size organization
minute information
week basis

Contacting Technical Support

Customers with a current support agreement may access Technical Support information at the following URL:
www.symantec.com/business/support/
Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem.
When you contact Technical Support, please have the following information available:
Product release level Hardware information Available memory, disk space, and NIC information Operating system Version and patch level Network topology Router, gateway, and IP address information
Problem description:
Error messages and log files Troubleshooting that was performed before contacting Symantec Recent software configuration changes and network changes

Licensing and registration

If your Symantec product requires registration or a license key, access our technical support Web page at the following URL:
www.symantec.com/business/support/

Customer service

Customer service information is available at the following URL:
www.symantec.com/business/support/
Customer Service is available to assist with non-technical questions, such as the following types of issues:
Questions regarding product licensing or serialization Product registration updates, such as address or name changes General product information (features, language availability, local dealers) Latest information about product updates and upgrades Information about upgrade assurance and support contracts Information about the Symantec Buying Programs Advice about Symantec's technical support options Nontechnical presales questions Issues that are related to CD-ROMs or manuals
Introduction
Technical Support 9

Support agreement resources

If you want to contact Symantec regarding an existing support agreement, please contact the support agreement administration team for your region as follows:
Asia-Pacific and Japan customercare_apac@symantec.com
Europe, Middle-East, Africa semea@symantec.com
North America, Latin America supportsolutions@symantec.com
2

The Command-Line Interface

This section describes the command-line interface used by PGP Whole Disk Encryption Command Line.
In This Chapter
Overview .........................................................................................................................11
Scripting .........................................................................................................................12
Editing the Path.............................................................................................................12
WDE-ADMIN Active Dire
Passphrases....................................................................................................................13
ctory Group........................................................................ 13

Overview

PGP Whole Disk Encryption Command Line uses a command-line interface.
You enter a valid command at the command prompt and press Enter or return. PGP Whole Disk Encryption Command Line responds based on what you entered: with success (if you entered a valid command) or with an error message (if you entered an invalid or incorrectly structured command).
All PGP Whole Disk Encryption Command Line commands have a long form: the text "pgpwde", a space, two hyphens "--", the command name, and options (if appropriate).
For example:
C:\>pgpwde --help [Enter]
is the command to display the built-in help information. It has no options.
(The command prompt, C:\> in the above example, and [Enter] will no longer be shown in examples; only the necessary commands and options will be shown.)
A few commands also have a short form: either one hyphen and then a single letter or two hyphens and two letters.
For example:
-h for help instead of --help
--aa for administrative authorization instead of --admin-authorization
You can mix long forms and short forms in a single command.
Short forms are noted where appropriate.
12 The Command-Line Interface

Scripting

Scripting
PGP Whole Disk Encryption Command Line commands can easily be inserted into scripts for automating common tasks, such as encrypting a disk or getting information about an encrypted disk.
PGP Whole Disk Encryption Command Line commands can easily be added to scripts written with scripting languages such as Perl or Python.

Editing the Path

By default, the PGP Whole Disk Encryption Command Line application, pgpwde.exe, is installed in C:\Program Files\PGP Corporation\PGP Desktop\ on Windows systems.
To use PGP Whole Disk Encryption Command Line using the Windows Command Prompt application, you need to navigate to the PGP Whole Disk Encryption Command Line directory to execute commands (or the commands will fail).
If you wish to be able to execute PGP Whole Disk Encryption Command Line commands from any location when using Windows Command Prompt, you need to change the path on the system to include the location of the PGP Whole Disk Encryption Command Line application.
Note: On Mac OS X systems, you can use the Terminal application that ships with
Mac OS X as your command line editor. You can enter commands from any location on the system; you do not have to navigate to a specific location.
To add the PGP Whole Disk Encryption Command Line application to your path on a Windows 7 or Vista system:
1 On the Windows desktop, right click the Computer icon, then select Properties. 2 On the left side of the System Control Panel screen, click Advanced System
Settings.
3 If you are prompted for permission to continue, click Continue. 4 At the bottom of the System Properties screen, click Environment Variables. 5 In the System Variables section at the bottom of the Environment Variables
screen, select Path, then click Edit.
6 At the end of the existing Variable value line, enter a semicolon (;), then add the
path to the PGP Whole Disk Encryption Command Line application
7 Click OK to save the change, then close the windows you opened.
To add the PGP Whole Disk Encryption Command Line application to your path on a Windows XP or 2000 system:
1 On the Windows desktop, right click the My Computer icon, then select
Properties.
2 On the System Properties dialog, click the Advanced tab. 3 At the bottom of the Advanced tab, click Environment Variables.
4 In the System Variables section at the bottom of the Environment Variables
screen, select Path, then click Edit.
5 At the end of the existing Variable value line, enter a semicolon (;), then add the
path to the PGP Whole Disk Encryption Command Line application.
6 Click OK to save the change, then close the windows you opened.

WDE-ADMIN Active Directory Group

If you are an administrator of Windows PGP WDE clients in a PGP Universal environment and using Active Directory, you can create a special Active Directory group. With this group, you can authenticate commands with the group administrator passphrase in place of the user passphrase. This means you can run commands on your managed PGP WDE clients, without knowing the passphrase of a user on the encrypted disk.
This special Active Directory group, which must be called WDE-ADMIN, must be a security group, not a distribution group.
Using the --admin-authorization option is useful for running administrative tasks in an enterprise.
this feature applies only to Windows installations of PGP Whole Disk Encryption Command Line.
Refer to the PGP Universal Administrator's Guide for more information about creating and using the WDE-ADMIN Active Directory group.
The Command-Line Interface
WDE-ADMIN Active Directory Group
13

Passphrases

For consistency, all example passphrases in this guide are shown in single quotation marks ('). Putting passphrases between single quotation marks ensures that reserved characters and spaces are interpreted correctly.
If you do not use any reserved characters or spaces in your passphrases, then you do not have to enclose them in single quotation marks.
On Windows systems, if you have a space in a passphrase, you must enclose the passphrase in single or double quotation marks when you enter it. Also, double quotation marks (") as part of the passphrase must be escaped with a preceding double quotation mark.
For example, if you want to use
Thomas "Stonewall" Jackson
as your passphrase, you would have to enter it as
'Thomas ""Stonewall"" Jackson'
on the command line. You need the quotation marks at the beginning and end for the spaces and you need to escape each double quotation mark used in the passphrase with another double quotation mark.
14 The Command-Line Interface
Passphrases
If you do enclose your passphrases in single quotation marks, and you have a single quotation mark as part of a passphrase on a *NIX system, you must escape the single quotation mark that is part of the passphrase. Escaping means you need to put another special character in front of the character; in this case, a backslash (\).
For example, if you enclose your passphrases in single quotation marks and you want to use
I can't believe it's not butter
as your passphrase, you would have to enter it as
'I can\'t believe it\'s not butter'
on the command line. You need the quotation marks at the beginning and end for the spaces and you need to escape each single quotation mark used in the passphrase with a backslash.
Note: If you are having problems entering certain characters in your passphrases,
check the information about how to handle reserved characters for the operating system or shell interpreter you are using.
3

Overview

Licensing

This section describes how to license PGP Whole Disk Encryption Command Line.
In This Chapter
Overview .........................................................................................................................15
--license-authorize ........................................................................................................15
Licensing via a Proxy Server .......................................................................................16
PGP Whole Disk Encryption Command Line requires a valid license to operate. This section describes how to license PGP Whole Disk Encryption Command Line if it is currently unlicensed or if you want to change to a different license.
PGP Whole Disk Encryption Command Line supports the following licensing scenarios:
Using a License Number. This is the normal method to license PGP Whole Disk
Encryption Command Line. You must have your license information and a working connection to the Internet.
Through a Proxy Server. If you connect to the Internet through a proxy server,
use this method to license PGP Whole Disk Encryption Command Line. You must have your license information and the appropriate proxy server information.
The licensing command is --license-authorize.
Once PGP Whole Disk Encryption Command Line is correctly installed and licensed on your system, you can encrypt your drive.

--license-authorize

Use --license-authorize to license PGP Whole Disk Encryption Command Line.
The usage format is:
pgpwde --license-authorize --license-name <name> --license­number <number> [--license-email <emailaddress>] [--license­organization <org>]
Where:
--license-authorize is the command to license PGP Whole Disk Encryption
Command Line.
--license-name is the option to specify the user.
16 Licensing

Licensing via a Proxy Server

<name> is your name or a descriptive name.
--license-number is the option to enter a license number.
<number> is a valid license number for PGP Whole Disk Encryption Command
Line.
--license-email is the option to enter an email address.
<emailaddress> is a valid email address.
--license-organization is the option to enter an organization.
<org> is the name of your organization.
If you decide not to enter a license email, you may see a warning message but your license will authorize.
Example:
pgpwde --license-authorize --license-name "Alice Cameron"
--license-number "aaaaa-bbbbb-ccccc-ddddd-eeeee-fff"
--license-email "
acameron@example.com
"
--license-organization "Example Corporation"
(When entering this text, it all goes on a single line.)
Licensing via a Proxy Server
If the Internet access of the system hosting PGP Whole Disk Encryption Command Line is via an HTTP proxy connection, you can still license PGP Whole Disk Encryption Command Line directly; you simply need to add the necessary proxy information.
Use --license-authorize to license PGP Whole Disk Encryption Command Line via a proxy server.
The usage format is:
pgpwde --license-authorize --license-name <name> --license­number <number> [--license-email <emailaddress>] [--license­organization <org>] [--proxy-server <proxyserver>] [--proxy­username <proxyusername>] [--proxy-passphrase <proxypass>]
Where:
--license-authorize is the command to license PGP Whole Disk Encryption
Command Line.
--license-name is the option to specify the user.
<name> is your name or a descriptive name.
--license-number is the option to enter a license number.
<number> is a valid license number for PGP Whole Disk Encryption Command
Line.
--license-email is the option to enter an email address.
<emailaddress> is a valid email address.
--license-organization is the option to enter an organization.
Licensing via a Proxy Server
Licensing
17
<org> is the name of your organization.
--proxy-server is the command to go through a proxy server to access the
Internet.
<proxyserver> is the appropriate proxy server.
--proxy-username is the command to specify a user on the proxy server when
authentication is required.
<proxyusername> is a valid username on the specified proxy server.
--proxy-passphrase is the option to specify the passphrase of the specified
user when authentication is required.
<proxypass> is the passphrase for the specified user on the proxy server.
Example:
pgpwde --license-authorize --license-name "Alice Cameron"
--license-number "aaaaa-bbbbb-ccccc-ddddd-eeeee-fff"
--license-email "acameron@example.com
"
--license-organization "Example Corporation"
--proxy-server "proxyserver.example.com"
--proxy-username "acameron"
--proxy-passphrase 'a_cameron1492sailedblue'
(When entering this text, it all goes on a single line.)
4

Generic Commands

PGP Whole Disk Encryption Command Line generic commands are:
--help (-h), which shows basic help information for PGP Whole Disk
Encryption Command Line.
--version, which shows version information for PGP Whole Disk Encryption
Command Line.
In This Chapter
--help (-h) ........................................................................................................................19
--version.......................................................................................................................... 20

--help (-h)

The --help command provides a brief description of the commands and options available in PGP Whole Disk Encryption Command Line.
The long form usage format is:
pgpwde --help
The short form usage format is:
pgpwde -h
Note: There are differences between the commands and options produced with the --
help command (the Help contents) and those in this guide. The Help contents lists commands and options related to disk groups. In contrast, this guide omits any mention of disk groups. Use disk group commands and options only with the supervision of your Symantec customer representative.
Example:
pgpwde --help
PGP WDE command line tool.
Commands:
Generic:
-h --help this help message
--version show version information
and so on.
This example shows the response to the --help command.
20 Generic Commands

--version

--version
The --version command displays information about the version of PGP Whole Disk Encryption Command Line you are using.
The usage format is:
pgpwde --version
Example:
pgpwde --version
PGP WDE, Version 10.0.0
Copyright (C) 2010 PGP Corporation
This example shows the response to the --version command.
5

Disk Information Commands

PGP Whole Disk Encryption Command Line includes several commands that provide information about the disks on a system and their status:
--enum: Tells you about the disks on the system, including disk designation. --status: Gives you PGP WDE information about a disk on the system. --show-config: Gives you PGP BootGuard information about a disk on the
system.
--info: Gives you general information about a disk on the system.
In This Chapter
--enum.............................................................................................................................21
--info................................................................................................................................22
--show-config .................................................................................................................23
--status ............................................................................................................................23

--enum

Displays disk designations (for example, Disk 0 as the boot disk), which is used in other PGP Whole Disk Encryption Command Line commands.
The usage format is:
pgpwde --enum
Where:
--enum displays information about the disks on your system.
Examples:
pgpwde --enum
Total number of installed fixed/removable storage device (excluding floppy and CDROM): 1
Disk 0 has 1 online volumes:
volume C:\ is on partition 2 with offset 80325
Enumerate disks completed
This example shows that the system has one disk, Disk 0, which is drive letter C and is the boot disk. Drive 0 is the boot disk in most cases on Windows and Mac OS X systems.
pgpwde --enum
22 Disk Information Commands

--info

Total number of installed fixed/removable storage device (excluding floppy and CDROM): 2
Disk 0 has 1 online volumes:
volume C:\ is on partition 2 with offset 80325
Disk 1 has 1 online volumes:
volume F:\ is on partition 1 with offset 245
Enumerate disks completed
--info
This example shows information for the boot disk and a USB token on the system; the token is Disk 1 and drive letter F.
You can find out more information about the disks on your Windows system in the Disk Management section of the Computer Management tool (compmgmt.msc). You can find out more information about the disks on your Mac OS X system using the Disk Utility application (/Applications/Utilities/Disk Utility).
Provides general status information for the specified disk.
Use the --status command for PGP WDE-specific information about a disk.
Information you can see about a disk using --info includes:
model information. total number of sectors on the disk.
The usage format is:
pgpwde --info --disk <number>
Where:
--disk specifies the disk to which the operation applies. <number> is the disk number on the system.
Examples:
pgpwde --info --disk 0
Disk information for disk disk 0.
Model Number: ST910021AS
Total number of sectors on disk: 192426569
Display disk information completed
This example shows the model number and sectors for a boot disk.
pgpwde --info --disk 1
Disk information for disk 1.
Model Number: SanDisk U3 Titanium USB 2.18
Total number of sectors on disk: 4001425
Display disk information completed
Disk Information Commands

--show-config

23
--show-config
This example shows the model number and sectors for a USB thumb drive.
Displays information about how PGP BootGuard is configured on an encrypted disk.
No information displays if the command is run on a disk that is not encrypted by PGP WDE.
The usage format is:
pgpwde --show-config --disk <number>
Where:
--disk specifies the disk to which the operation applies. <number> is the disk number on the system.
Examples:
pgpwde --show-config --disk 0
Login Message:
Display Startup Screen: No
Use Audio Prompts: No
User lockout: Disabled
Allow user decrypt: Yes
Show configuration information completed
This example shows the PGP BootGuard information for a boot disk that is encrypted.

--status

Provides PGP WDE-specific status information for the specified disk.
(Use the --info command for general information about a disk.)
Information you can see about a disk using --status includes:
whether or not the disk is instrumented. whether or not the disk is whole disk encrypted. the number of sectors on the disk. the highwater mark (the number of encrypted sectors on the disk).
Note: If you are decrypting a disk, and you want to check progress, you can run --
status periodically and check the high water mark; this number decreases as the
decryption progresses.
The usage format is:
Loading...
+ 61 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use