Command line options

The Terminal application allows you to enter commands and command line options. The following command line options are available:

Command name Definition Additional parameters (optional)
sgfsadmin

Lists available commands including short help hints.

--help
sgfsadmin --version

Displays version and copyright information of the installed product.

 
sgfsadmin --status

Returns system status information such as version, server and certificate information.

 
sgfsadmin --list-user-details

Returns information on the user currently logged on.

--all displays information for all users (sudo required)

--xml returns output in xml format.

sgfsadmin --list-keys

Lists existing GUIDS and names of all keys in the keystore.

--all displays information for all users (sudo required)

--xml returns output in xml format

sgfsadmin --list-policies

Displays policy-specific information. Key GUIDs are resolved to key names if possible. Bold print indicates a personal key.

--all displays information for all users (sudo required)

--xml returns output in xml format

--raw displays raw policies, i.e. policies as set on the SafeGuard Management Center server side

sgfsadmin --enforce-policies

Applies the encryption policy.

--all applies the policy to all directories where policies apply

"directoryname" applies the policy to the directory specified.

sgfsadmin --file-status "filename1" ["filename2"..."filenameN"]

Returns encryption information for a file or a list of files. Wildcards are accepted.

--xml returns output in xml format

sgfsadmin --import-config "/path/to/target/file"
Imports the specified configuration zip file. The command needs administrative rights (sudo).
Note:

Use the drag and drop functionality to drag a complete path from, for example, the Finder into the Terminal application.

 
sgfsadmin --enable-server-verify

Turns on SSL server verification for communication with the SafeGuard Enterprise server. After installation, the SSL server verification is activated. The command needs administrative rights (sudo).

 
sgfsadmin --disable-server-verify Turns off server verification for communication with the SafeGuard Enterprise server. The command needs administrative rights (sudo).
Note:

We do not recommend this option as it may create a security vulnerability.

 
sgfsadmin --update-machine-info [--domain "domain"]

Updates the currently stored machine information which is used to register this client on the SafeGuard Enterprise server. The command needs administrative rights (sudo).

Note:

Use this command only after changing the domain or workgroup the computer belongs to. If the computer is a member of multiple domains or workgroups and you execute this command, this might result in a change of the domain registration and removal of personal keys and/or FileVault 2 users.

--domain "domain"

The domain the client should use to register on the SafeGuard Enterprise server. This parameter is only required if the machine is a member of multiple domains. The computer must be joined to this domain, otherwise the command will fail.

sgfsadmin --dump-unprivileged-applications [path] Collects application paths that are not authorized to access encrypted files. You can use the information to add applications to the applications list. You can restrict the results to a specific path.
Note: This function is only relevant for Synchronized Encryption.
 
sgfsadmin --synchronize Starts synchronizing database information from the SafeGuard Enterprise backend such as policies, keys, and certificates.