How to use the command fdesetup (with examples)
- Osx
- December 25, 2023
The fdesetup command is used for setting and retrieving FileVault related information on a macOS system. FileVault is a disk encryption program available in Mac OS X 10.3 and later. It uses the user’s login password as the encryption passphrase. This command provides various options to manage FileVault settings and retrieve information about its status and enabled users.
Use case 1: List current FileVault enabled users
Code:
sudo fdesetup list
Motivation:
- You want to view the list of users who have FileVault enabled on the system.
Explanation:
sudo
: Run the command with superuser (administrative) privileges.fdesetup list
: Executes the fdesetup command with the “list” argument, which lists the current FileVault enabled users on the system.
Example output:
user1
user2
Use case 2: Get current FileVault status
Code:
fdesetup status
Motivation:
- You need to check the current status (enabled or disabled) of FileVault on the system.
Explanation:
fdesetup status
: Runs the fdesetup command with the “status” argument, which retrieves the current FileVault status.
Example output:
FileVault is On.
Use case 3: Add FileVault enabled user
Code:
sudo fdesetup add -usertoadd user1
Motivation:
- You want to add a new user and enable FileVault for that user.
Explanation:
sudo
: Run the command with superuser (administrative) privileges.fdesetup add
: Executes the fdesetup command with the “add” argument, which adds a new FileVault enabled user.-usertoadd user1
: Specifies the username of the user to add and enable FileVault for.
Example output:
<No output is displayed if the command is successful>
Use case 4: Enable FileVault
Code:
sudo fdesetup enable
Motivation:
- You need to enable FileVault on the system to encrypt the disk and protect user data.
Explanation:
sudo
: Run the command with superuser (administrative) privileges.fdesetup enable
: Executes the fdesetup command with the “enable” argument, which enables FileVault.
Example output:
<No output is displayed if the command is successful>
Use case 5: Disable FileVault
Code:
sudo fdesetup disable
Motivation:
- You want to disable FileVault on the system and remove the disk encryption.
Explanation:
sudo
: Run the command with superuser (administrative) privileges.fdesetup disable
: Executes the fdesetup command with the “disable” argument, which disables FileVault and removes the disk encryption.
Example output:
<No output is displayed if the command is successful>
Conclusion:
The fdesetup command provides a convenient way to manage FileVault related information on a macOS system. By using different arguments, you can retrieve the status of FileVault, list enabled users, add new enabled users, enable or disable FileVault, and more. This command is essential for administration and security purposes to ensure the protection of user data on macOS.