script doesn't check for remote users

[akhepcat]

For additional security, it may be worthwhile to make sure that there are no remote users connected to your Mac while rescuing the filevault.

Adding the fragment below should provide that additional protection

REMOTE_USERS=$(who | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | wc -l)
if [ ${REMOTE_USERS} -gt 0 ]
then
    echo "Can't proceed, remote ssh users may be able to intercept secure information"
    exit 1
fi

[akhepcat]

Just mentioning that it looks like JAMF, by default, enables sshd.

So having this check allows the local users some level of validation that he's not being (remotely) shoulder-surfed.

[homebysix]

Thanks!