Saving the password of your backup in the keychain of the system you are in the process of backing up is convenient, but if/when the time comes to restore because your main computer is stolen or corrupt you should also REMEMBER IT or have it stored safely ELSEWHERE (tip: use lastpass.cm) or you end up empty handed.

Also, an even better backup routine also has two sets of backups (ideally one local backup, one remote).

Nevertheless, a very helpful article on how to set this is up.

Storing passwords securely in a different location is also important. But to have a good backup solution with Time machine is just basics, but many people forget about basics. Thanks for your comments, Brusle!

Nice tutorial, but for some reason it doesn't work for me even though I've followed it to the letter.
I'm trying to backup my Macbook to a new 4th gen Time Capsule and Time Machine just keeps creating and mounting a new disk image while ignoring my homemade encrypted one. I've tried both the Wi-Fi and ethernet MAC-addresses in the name to no avail. Even tried dropping the whole MAC-address altogether, but that doesn't work either, Time Machine just adds number one (1) the the name of sparse bundle it is creating and happily goes on backing up my files onto that volume.

I'm trying to create a 750GB volume to my home folder in Time Capsule. Time Machine creates sparse bundle named like: computername.sparsebundle, mounts that volume and starts backing up.

Any ideas what might be happening and what can I do to resolve this issue?

I had the same issue when I just put my computer name as the sparse bundle name. The backup would create a file "JaneEyre 1.sparsebundle". I'd stop backup, renamed the newly created file to "something.sparsebundle" just to be safe and renamed my encrypted file name to "JaneEyre_MACADDRESS.sparsebundle" and re-initiated the backup. Then the backup went OK and then I removed the "something" file and all my subsequent backups went just fine. Let me know if it works for you.

Thanks for the tip Michael, that helped and now my encrypted image is used by the Time Machine.
This has to be some kind of bug, don't you think? There can be no reason why Time Machine would not accept an encrypted sparse bundle at first but then after renaming its own creation and putting MAC-address to the end of the name for file you created it suddenly does.
Perhaps this could even be considered a some kind of security issue; malware is sitting on the system, detects a first time Time Machine activity and stops the process at the right point, creates its own encrypted image with pre-determined password and waits... until there is a need to use the backup and then starts to demand something (money most likely) to allow user to access those backups. Far fetched maybe, but still.

But anyway, thanks for the tip and help solving my issue - maybe you should include the problem and the solution as a footnote since I can hardly imagine this affects only the two of us.

Mac OSX Lion is a great OS but it's still quite buggy. Doesn't seem as polished as Snow Leo was when it came out. This backup problem happened on my computer but didn't happen on my wife's Air. Don't know why. Glad it worked for you Tomi!

In your article you mention that you can change the space of the sparsebundle with one terminal command... what is that command?

Sparse bundle files with Time Machine backups can be easily resized if you need to. For example, if you want to resize your file, just go to terminal and type:

hdiutil resize -size 500g MyFile.sparsebundle

and it will now be resized to max size of 500GB - of course it will not occupy so much space until you put so much stuff in it (so many backups for example). Hope it helps.

Time Machine in Lion is a much ore mature product respect to Snow Leopard even with the few bugs that are in the new LION OS. At Dolly Drive we add the ability of bringing and performing your Time Machine backups were ever you are http://www.dollydrive.com

Merging my Time Machine backup with a cloud-based solution will be my next logical step. For now it's good I'm backed up well at home :-)

great. works perfect for me.
thanks :)

Hi Micheal. I keep getting the issue with time machine creating a new file instead of using the one i created. maybe i misunderstood your fix. what do you mean by "JaneEyre_MACADDRESS.sparsebundle"? i literally have to write the world MACADDRESS? i tried that and also replacing such world with the wifi card address. in both cases my mac create a new sparse bundle. what should i do?

MIchael, let me clarify better. i created a file called ManuelaMac_0026bb1a57ee.sparsebundle following the process described above. 0026bb1a57ee is the wifi/mac address. when time machine starts backing up however, it creates a new file called ManuelaMac.tmp.sparsebundle ; i changed the name of this file to something.sparsebundle and the original file into several alternatives:

ManuelaMac_0026bb1a57ee_0026bb1a57ee.sparsebundle
ManuelaMac_0026bb1a57ee_MACADDRESS.sparsebundle
ManuelaMac_MACADDRESS.sparsebundle

However, in all these cases time machines keeps creating a new file

what am i doing wrong? thank

Hi, do you have any feedback for me? thanks

I updated the post on Lion and Time Capsule encrypted backup with some more details that I tested last night on two Macbook Airs. I think the problem was with the Format of the sparsebundle disk - it shouldn't be "case-sensitive" like I posted the first time. It should be just "journaled". Riccardo please refresh this blog post and follow the instructions again and let me know if it worked for you. This worked on both my and my wife's Airs without a hiccup. Best!

Hi MIchael thank you for the suggestion. Unfortunately it did not work. i created a new sparse bundle formatted as just "journaled". all other settings stayed the same as in your previous post. thus i created ManuelaMac_0026bb1a57ee.sparsebundle

however, when mac starts backing up... time machine keeps creating a second bundle called ManuelaMac.sparsebundle and the original remains on the time machine. so the second is not just a renaming but a completely new file (without the proper setting)

I'm really sorry it doesn't work for you. I recently clean-installed my Air and did a backup with these instructions and it worked. Then I did a backup with my wife's Air again after upgrading her Air to Lion and it worked, too.

Are you sure you put also just your computer name in (b)? If you did follow all of my instructions here and it doesn't work for you, I'm really sorry for that. Can't trouble-shoot it anymore as it worked in all of my cases. Did you try to delete the automatically created file and hit backup again? It also didn't help?

Anyone had the same issues?

I'm really sorry Riccardo, hard to say why it doesn't work for you....

Same happened to me. (same as Ricardo) Any idea?

IMPORTANT: Please use your Ethernet MAC address! It does not work with the WIFI MAC address... (for Ricardo)

The MAC address you have to use is the one of your FIRST ethernet device (I read that somewhere). For my Macbook Air it's Wifi but maybe for iMacs or Mac Minis it's LAN? I'll check it on Monday with my Mac mini and let you know, but maybe Tom is right! Thanks!

Works now since 10 days. Only thing I could tink of: Try every MAC address you have. WIFI and ethernet...

Checking all MAC addresses is a good call. Time Machine backups configured like this work on all of my Macs and I'm really happy about this setup. Glad it works for you, Tom!

"...but to make sure my productivity doesn’t suffer I initially installed it on my wife’s personal Mac" I like it!;):)

My wife's Mac wasn't used heavily at that time so I tried it first there. Many people make the mistake of testing new things on their "production" machines and later can't get anything done... Thanks for your comment Michal!

Thanks for that great tutorial. It worked for me with a WD MyBookLive NAS. Unfortunately every Backup initialization is very slow >5min and Disk utility is not responding when time machine mounts the backup image. Have you seen similar behaviour?

Best regards
Daniel

With this technique the first backups were pretty slow but later they went fast. Now every new TM backup takes about 5 minutes total. I use Time Capsule and Wifi connection, and it's really fast here. Let's hope it speeds up on your end, Daniel!

It works this way with LION - No Renaming or otherwise!

First, thanks for a great post. It is much easier and quicker using Disk Utility for the sparcebundle than the terminal.

I had the same problem: Either TM would just create a new sparcebundle on its own, with a _1 name, OR TM would just be trying to access the volume, stalled in some sort of loop.

What works without the renaming fix:
1. Create new Disk Image directly on the TC using Disk Utility.
2. Save As : Computername_MacAdresse(Lan).sparcebundle (field a in guide)
3. Name: 'Time Machine Backups' (field b in guide)

Presto!

Great advice on renaming disk to Time Machine Backups to make sure my technique works. Thanks for posting this, Nruub!

There is another way which will work even if you've already done a full backup.....

1. Do your first backup (or second or third, as long as the sparsebundle file has not already increased to a size greater than the limit you are setting out to achieve.

2. Temporarily switch off time machine (so it doesn't try and backup while you're doing this.

3. A sparsebundle is really a folder which Finder pretends is file (a bit like the programs in your applications folder). The maximum size for a sparsebundle file is stored in an xml file named Info.plist which lives inside the .sparsebundle folder.

4. If your time capsule disk is mounted (double click on it in finder) you can very easily access this from the command line.
a. Open the terminal (In Applications==>Utilities
b. type in
sudo nano /Volumes/time-capsule/tim.sparsebundle/Info.plist
[ yours will have a different volume and sparsebundle name obviously ]

c. If you have a 1TB time capsule the file will look something like this

<?xml version="1.0" encoding="UTF-8"?>

<plist>
<dict>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>band-size</key>
<integer>8388608</integer>
<key>bundle-backingstore-version</key>
<integer>1</integer>
<key>diskimage-bundle-type</key>
<string>com.apple.diskimage.sparsebundle</string>
<key>size</key>
<integer>998057361408</integer>
</dict>
</plist>

d. change the final number (998057361408 in this example) to a smaller number
(409600032768 will make it limited to 400GB)

e. press control-o to save and then control-x to exit
f. copy this file to its bckup counterpart... type in:
sudo cp /Volumes/time-capsule/tim.sparsebundle/Info.plist /Volumes/time-capsule/tim.sparsebundle/Info.bckup
e. close the terminal.

5. Turn on time machine again and relax.

Great advice on manipulating the backup manually, although it's very "geeky" :-) Great to learn where all this info is stored, though. Thanks for your comment, Timbo_phillips! This makes this thread really great and useful for everyone. Thanks for contributing!

Thank you so much Michael,

It works !

I'm so happy this method of secure backing up works for all of you guys on Lion with Time Machine. It's great that this practical yet technical article helped so many of you guys. Have a great day Alexandre and all the other folks reading and sharing this. Peace! :-)

Thank you so much for the info. I never though about adding one more layer of security to time machine backups. I should have done it a long time ago cause I bet it can be used under Leopard and Snow Leopard too.

Yes, I was securing my Time Machine backups already in Snow Leopard and Leopard. Now on Lion it was the first thing I did, too. Glad the info worked for you, Vale!

Michael,
I'm experiencing an issue related to permissions on the disk.
On a mac with multiple users the volume for the backup, once mounted, has only privileges for the user that has created the sparseboundle. This affects usage for other users on the same machine: their backup are done by the system, but they can't restore from them.

I've managed to kind of solve the disk permissions issue. I've had to modify permissions for the backup volume itself, adding r+x for the group. This way other users have access to backups via Time Machine. The problem is that the Volume once mounted via Time Machine can't be unmounted.

I can see a lot of complaints before August 31st update. I just want to share that I've used this solution in September and it worked like a charm, with no issues whatsoever. Just follow the instructions step by step and it should be alright. BTW, for readers of my blog I've created my own version of the instruction in Russian: http://alexmak.net/blog/2011/11/30/timecapsule/

So happy this solution of securely backing up macs to time capsule works now for all the folks. That's great. Vale, thanks for solving the problem with permissions. Alex, thanks for putting it up on your blog and crediting me there - that's nice :-)

Hope we don't have to recover our data all that often, though :-)

Hey Michael,
this is a great tutorial and very helpful. I am trying to set it up but I am stucked on the step in which you move the password from your personal keychain to the “system” keychain. I don't get which one I should move coz I see more than one. Hope you have the answer ;) Thanks in advance...
Cheers...
Horacio

Me again! I figured it out ;) It was the password I just created, just realized it ... :P
Thanks anyway for the great tutorial, since I got my TC I wanted to set up the size of the backups...
cheers,
H

Glad this tutorial works for all of you guys. It is really useful to be able to set up the Time Machine backups well. Once set, they just work (like Apple stuff usually does) and they work well for me, too. Horacio, glad you made it work!

Do you know whether this will work with a network attached storage device that is not a Time Capsule?

I think this method should work with any attached storage - Time Capsule, USB, Network... actually Time Capsule IS a network attached storage, so please give it a try and let us know if it worked, "stuck in apple land" :-)

me again... This technique *seems* to have worked using my Synology NAS instead of a Time Capsule. One question though - when I attempt to mount the backup image for my Mac using my wife's computer, I am (appropriately) asked to supply the password, without which I am unable to mount the disk. However, when I log into the NAS's homepage on my LAN, it appears that I am able to browse the directories within the disk image without being asked for a password (I have not tried to actually open any of the files though). Does this mean that the image is not really encrypted?

me again... This technique *seems* to have worked using my Synology NAS instead of a Time Capsule. One question though - when I attempt to mount the backup image for my Mac using my wife's computer, I am (appropriately) asked to supply the password, without which I am unable to mount the disk. However, when I log into the NAS's homepage on my LAN, it appears that I am able to browse the directories within the disk image without being asked for a password (I have not tried to actually open any of the files though). Does this mean that the image is not really encrypted?

Awesome! It worked! I had to reboot the macbook in the process because I fiddled with the disk image and time machine complained that it was in use. After the reboot it worked beautifully. My full-disk encrypted macbook now backs up to an encrypted and limited size Sparse Bundle on my Time Capsule. Thanks man, this is the first blogpost that actually contained a readable step-by-step instructions which worked.
Cheers!
Rolf

Glad this guide of setting up Time Machine secure backups on Lion still works for so many folks here. Thanks for your kind words Rolf! It definitely works for me every single day :-)

Thought I would pop back in to thank you and to add one more tip based on my experience with this. I tried to set up the TM backup using my MBP connected to the network through the Thunderbolt display (which was connected to my LAN via ethernet), and using the MAC address for the display. This does not work - the correct procedure is to connect the ethernet cable directly to the MBP and use the MAC address for the MBP's ethernet adaptor. This only needs to be done for the first backup - after that, it does not matter how the computer is connected to the LAN (wifi, direct ethernet, or ethernet via the Thunderbolt dispay all work fine). I hope this saves someone else from several frustrating hours.... And thank you, Michael, for this guide!

Great update with another valuable comment to this guide. Thanks for your contribution "stuck in the apple land" :-) Your observation makes sense as the value of your computer's Ethernet address is what Time Machine takes under consideration so the display's ethernet address should not work, that's correct. Later it works whatever network you use. Has been my experience as well. Thanks again!

I am using 10.7.2 with a 3TB 4th Gen Time capsule running Firmware 7.6. I tried these instructions including one of the comments that talks about Nruub on Oct. 29th that talks about 'no renaming'. In both cases Time Machine still ignores my MACHINENAME_MAC.sparsebundle bundle and creates a MACHINENAME.sparsebundle file for backups.

One other interesting note. I tried renaming one of these TM created spare bundles to Foo as a backup as suggested in some of the comments and it continued using the renamed bundle.

Hey Mike, this post is great but I have one question:

Let's say I were to make a limited and encrypted time capsule backup in the way you described. Would there be any problem if I were to do a clean install of my Mac and try to restore from this backup? Would the encryption confuse it in any way?

Hey Michael,

just wanted to say thanks :)
I just tried your suggestions and it seems to have worked great as Time Machine saw the disk image and it is currently using it for the first backup - I have reformatted and reset it to factory defaults before doing this.

On a side note, do you know if / how much the encryption affects the backup speed?

Thanks!
Vito

I don't see any impact on the backup speed for secure backups. It's there, but it's not really visible. The convenience and security is amazing though.

To Michael:
I cannot see the Time Machine drive in disk utilities, or how do I connect using USB (I would prefer network actually)?

To timbo.phillips
I got very far using your method, but not quite there. After your step f (copying the file, this is what I'm getting in the terminal:

usage: cp [-R [-H | -L | -P]] [-fi | -n] [-apvX] source_file target_file
cp [-R [-H | -L | -P]] [-fi | -n] [-apvX] source_file ... target_directory

When I turn the time machine back on , I'm getting an error saying the disk is already in use. Am I missing something?

Thanks. D

Hi again Michael,

I upgraded my MB with SSD drive and this method did not work anymore. Turns out that most probably in some point update the Lion's Time Machine started using the ethernet's MAC-address instead of WiFi, at least on this type of machine. Luckily someone pointed out this possibility earlier in the discussion above, surely I would not have guessed this myself.

Also I'd like to point out that my wife's iBook, running latest version of venerable Leopard , is backing up to the same Time Capsule also using this very method. So it seems to be backwards compatible.

ok guys, this is what is missing in this tutorial
forget the: "find out the address of your main ethernet card"
instead do the following:
step 1: run a backup to your time capsule.
step 2: as the backup tmp file is created (you will find the file in your time capsule HD).
right click it and go to "show package content" in it you will find the following
files:
com.apple.TimeMachine.MachineID.bckup
com.apple.TimeMachine.MachineID.plist
Info.bckup
copy them (cmd +C)
step 3: stop the backup (click on the time machine icon and then choose "stop back up"
from the drop down menu. + go into your time capsule and erase the tmp.
step 4: now go over the same stages as mentioned by mr liwinski . in stage 2: section a
"save as:" use your mac name (no ethernet or wifi add ons).
after the file is created. go to your time capsule HD, find the new image file, right
click it and go to "show package content". paste into it the 3 files copied in step
2.
step 5: now run your backup again. it should ask you if its ok to use the image file you created.

It's incredible how this small article became a go-to guide on setting up secure Time Capsule backups :-) Ben, thanks for your great comment, it's very geeky but if it works, that's really cool. Tomi, glad this method also works for your wife's iBook. Cool!

Re step 2. Time Capsule doesn't appear in the Disk Utility window. How do I get it to appear?

What does appear is "iMac-Dave.sparsebundle " and within that "Time Machine Backups"

Hi everybody.
I had the same problem: each time TM created new sparcebundle.
Issue was resolved by changing mac-address and name to "Time machine backups"
Which one is really useful I don't know but at the end it works.
Thank you.

Hello, I followed step by step this procedure but now if I want to delete or to rename the backup of an other MAC, I can ... I test for the moment with 2 MacBook Pro, when I map my network hard disk I can see the Time Machine.sparsebundle of the other MAC. I tried to change the name, I can, and I'm sure I can delete it.
If I want to use this procedure for 60 Mac, do you have a solution to protect the time machine image?

How does one know if this process actually limits the size of the .sparsebundle? When I examine the info.plist for two bundles (one made previously for my iMac and one just made for my Laptop) the size for both is still at 2,998,445,457,408 (3TB). I used the original process to create the laptop bundle.

Shouldn't one be able to look somewhere and see the limit for the Laptop's TM bundle?

In OS X 10.7 you can also use the command line utility 'tmutil' See http://basilsalad.com/how-to/create-time-machine-backup-network-drive-lion/ for details.

Basically:
- Create an (encrypted) disk image
- Move it to the location where you want it
- Mount it
- sudo tmutil setdestination /Volumes/{mounted-disk-image}
- Backup now

Hello Michael, i've used this method and worked perfectly! The thing is that i moved over the past weekend and had to create a new wifi. I've used the same time capsule that i had, and now i'm trying to do a backup of the same MacBook Pro i did before. The thing is that TimeCapsule can't find my sparsebundle! Any thoughts?

I just bought a new 3TB Time Capsule to backup my MacBook Air running Mountain Lion and couldn't get the above to work, so I googled around and found the following simple approach to work reliably instead.

1) Set up a new time machine backup from scratch using the Time Machine UI. Click the encryption check box for an encrypted backup.

2) Initiate your first time capsule backup.

3) Wait until the backup has started and left the initialization phase so that you can see how many MBs that have been backuped.

4) Stop the backup (using the time machine ui) and turn Time Machine off.

4) You should now have the "machine_name.sparsebundle" file in your /Volumes/Data directory.

5) Open a terminal and type (for a 500GB max size):
"hdiutil resize -size 500g /Volumes/Data/machine_name.sparsebundle"

6) Then do:
"chflags uchg /Volumes/Data/machine_name.sparsebundle/Info.*"

7) Turn Time Machine on and restart the backup!

Step (5) limits the size of the bundle to 500GB and will take a few minutes to finish. Step (6) is really important as apparently time machine tries to reset the size to the maximum each time when restarting and by changing the permissions of the Info.plist file you will stop it from updating the size.

The good MAC address to use is the one you get in Terminal using the command : ifconfig en0 | grep ether .

Not the one you suggest to pick in Wi-fi address you suggest to pick from system preference. It's not the same and just don't work if you pick this one.

Is it possible for you to update the instructions?

Thanks

if time machine keeps "looking for disk..." and ends up not finding it, it may be because disk utility is still open and using the sparsebundle. i had to unmount the volume in disk utility, eject the sparsebundle, eject my time capsule disk, close disk utility and then reconnect the tc disk before time machine could find the sparsebundle. works for me. thanks for the post ^^

Good Morning Michael,

First thank you for this post, very clear and interesting, I am going to try to bring you back my two cents.

I was more than happy when I got my Time Capsule but quickly disappointed when I started to use it with Time Machine. Selecting the maximum size of a backup storage was not possible!! Why a so logical parameter could not be set?? Good news is that I am not alone to be struggled with!!

I have recently upgraded my two Machines, one Imac and one MacBook pro to Mountain Lion.

I have these two machines + my son’s MB saved on my Time Capsule this is the reason why I first selected the method described by timbo_phillips (October 2011) to try to preserve previous backups.

I did a first test with my MB, the backup went well but at the end it prompted saying that the checking was not correct and that a new full backup was required :-(.

So by the way I removed the old sparsebundle file and started with your method creating a 300G image file. I checked the info.plist file and it was set to 307200032768 which looked good to me.

I started then Time machine, called for a new backup and here is the bad thing: TM updates the info.plist file to the full Time Capsule size!!
This is tracked in the system logs: Resizing backup disk image from 307.2 GB to 2 TB

I restarted everything using another method described here (similar to your method),
http://www.youtube.com/watch?v=Nq7mSizqUSI&feature=watch_response
And I got the same issue.

Finally I did it one more time following your method but in addition I did what Stefan was suggesting on August the 13th but I only set the info.plist file to locked (this lock can be displayed in the properties of the file)

From the terminal: chflags uchg /Volumes/Data/machine_name.sparsebundle/Info.plist

Started again a new backup and here the mounted image is set to a capacity of 307 G and info.plist did not change.
This time logs are showing up a message from TM: Could not resize backup disk image (DIHLResizeImage returned 35) which is great for me

I did a first backup, and at the end info.plist was not modified, I could access to the backup from Time Machine and capacity of the mounted image is still 307Go.

Now I keep my fingers crossed waiting to reach the 300G of backup!!
Cheers

One of the greatest tutorials I've ever used. My timecapsule says thanks. Hahahaha.