Category filter

Script to check encryption status on Mac

Verifying and enabling FileVault encryption on workplace macOS devices is crucial to keep sensitive devices from being compromised. However, it is a lengthy process to manage FileVault on the system from the System Preferences manually. A more efficient solution is needed to manage FileVault on multiple devices. You can run the following script with the Mac Terminal app to check the FileVault encryption status on macOS devices.

Device admins can remotely run scripts on Macs managed with Hexnode using the Execute Custom Script action.

Scripting Language – Bash

File extension – .sh


The Sample Scripts provided below are adapted from third-party Open-Source sites.

Check encryption status

The fdesetup command can be used to obtain the current status and modify the settings of macOS FileVault.

Sample output:

FileVault is On.

FileVault master keychain appears to be installed.


  • It is recommended to manually validate the script execution on a system before executing the action in bulk.
  • Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.

  • Sample Script Repository