-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMHS.sh
72 lines (64 loc) · 2.65 KB
/
MHS.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/zsh
######################################################################
# Author : k1nd0ne #
# #
# Creation Date : 01/05/2020 #
# #
# Description : This script can be used on MacOSX 10.13 and above. #
# #
######################################################################
# This script is based on the drduh macOS-Security-and-Privacy-Guide
# I've decided to keep some tips of this hardening for my Own Mac
# You are responsible if your Mac is not working proprely after thoses actions
# Script Execute well on MacOs Catalina
# The script will guide throught and inform you of what actions are made in details
echo -e "
███ ███ ██ ██ ███████
████ ████ ██ ██ ██
██ ████ ██ ███████ ███████
██ ██ ██ ██ ██ ██
██ ██ ██ ██ ███████
-MacOs Hardening Script-
Author : k1nd0ne
"
#You can comment actions you don't want to take in the script routine function bellow :
#Just comment the function refering to the action you don't want to take.
script_routine () {
fileVault
EvictFileVault
EndScriptTips
}
fileVault () {
echo -n "Activating fileVault disk encryption..."
sudo fdesetup enable
echo "done"
}
EvictFileVault(){
echo -n "Enforcing system hibernation and evicting FileVault keys from memory instead of traditional sleep to memory..."
sudo pmset -a destroyfvkeyonstandby 1
sudo pmset -a hibernatemode 25
echo "done"
echo -n "Setting up new power management policies..."
sudo pmset -a powernap 0
sudo pmset -a standby 0
sudo pmset -a standbydelay 0
sudo pmset -a autopoweroff 0
echo "done"
}
EndScriptTips (){
echo "Execution finished."
echo "Please Reboot your machine."
}
#Displaying warning messages
echo "WARNING : This script will install/disable certain MacOs functionalities."
echo "If you didn't review the script I recommend going throught it first."
echo " "
while true; do
read -p "I have read the script and agree to go (Y/n): " yn
case $yn in
[Yy]* ) script_routine; break;;
[Nn]* ) exit;;
* ) echo "Please answer yes or no.";;
esac
done