How to Determine if a Mac Is Using FileVault from the Command Line

Nov 25, 2013 - 3 Comments

Check FileVault status from the command line in OS X FileVault is a security feature that offers full disk encryption for Macs. Identifying Macs that are using FileVault is fairly easy in person for machines that have a logged in user account, all you have to do is check System Preferences to see if has been enabled or not. But what if you the Mac is either not logged into a user account, or what if you need to identify Filevault usage remotely? Both of these situations can call for using the command line to figure out the status of disk encryption.

From the command line (either remotely, or locally) enter the following command string:

sudo fdesetup status

There are only two possible responses to that command query, and the results are impossible to misidentify because you’ll either see:

FileVault is On.

Indicating FileVault encryption is enabled on that specific Mac, or you’ll see:

FileVault is Off.

Which of course tells you the Mac is not using the full disk encryption.

This command line trick can be helpful when trying to identify a Mac using FileVault encryption when logged in remotely through SSH, Screen Sharing with VNC, or when booting into the command line through Single User Mode. A quick note about the latter situation; modern Macs with FileVault enabled will not allow a user to enter into Single User Mode without entering an administrator password beforehand, thus if the login screen pops up much earlier in the OS X boot process then you can also determine that the Mac has FileVault turned on.

Now that a Mac has been determined to be using Filevault or not, the next obvious question would be whether or not you can turn on FileVault through the command line as well. The answer to that is yes, and you’d need to be using the same fdesetup command. We’ll cover that more thoroughly in another article, but for those interested now you can turn to the fdesetup man page for more immediate information.

.

Related articles:

Posted by: Paul Horowitz in Command Line, Mac OS, Tips & Tricks

3 Comments

» Comments RSS Feed

  1. no-1 says:

    This doesn’t work on OS X 10.6.x…

  2. The sudo command is not necessary, actually.

    I’m running fdesetup status from Terminal (checking that’s my user using whoami) and it works OK.

    I also opened Terminal from a non-administrative account and fdesetup status gives me the status anyway.

    Don’t encourage using sudo for things that do not require it. If you type wrong something, it could be very dangerous, OSXDaily.

  3. TangerineFloyd says:

    Thank you very much for this tip!

    Do you know if there is a way to do the same for a Firmware Password? I searched a bit online, but I didn’t find anything.
    I deal with a lot of not tech-savvy customers over the phone, and it has happened more than a few times that I have to prove to them that someone has set a Firmware Password or FileVault (or sometimes just determine what is going on, as they don’t always describe correctly what their screen shows).

Leave a Reply

 

Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks

News

iPhone / iPad

Mac

Troubleshooting

Shop on Amazon to help support this site