Security(1) Keychain-Dump

Question

Level 1

0 points

Security(1) Keychain-Dump

Pretty much I want to dump my keychain without any GUI interaction, and I know my password. I kinda know the right commands but they don't work right even after countless hours reading man pages.

Welcome, toXic, ~/Desktop : security authorize -C toXic dump-keychain -d
Password:
YES (0) { 2: "-d" , "dump-keychain" }

That's where I'm at right now, doesn't quiet help by dumping anything but it looks like I'm doing something right. If someone could shine some light on this I would be eternally grateful.

Thanks,

Andrew

Imac Intel, Mac OS X (10.6.2)

Posted on Dec 13, 2009 7:12 PM

Reply

Answer 1

Dec 13, 2009 7:35 PM in response to Andrew Free

security dump-keychain -d

Reply

Answer 2

Andrew Free Author

Level 1

0 points

Dec 13, 2009 7:43 PM in response to doug pennington

Then GUI popup windows come up like http://pwnmypic.com/images/63396113690600331482.png and http://pwnmypic.com/images/43789048692411249653.png .

I need to do it all via the command line.

Reply

Answer 3

Dec 13, 2009 9:12 PM in response to Andrew Free

I can't see how to omit the pop ups. Where did you get -C from?

Reply

Answer 4

Andrew Free Author

Level 1

0 points

Dec 13, 2009 9:59 PM in response to doug pennington

Look at the man pages for security authorize. It will tell you -C stands for login with given username. lowercase c uses the user your already logged in as.

Reply

Answer 5

red_menace

Level 6

17,066 points

Dec 13, 2009 10:41 PM in response to Andrew Free

Which one are you using? I don't see that option for Snow Leopard's version.

Reply

Answer 6

Andrew Free Author

Level 1

0 points

Dec 13, 2009 10:49 PM in response to red_menace

Yea its not in the man pages, but it says it...

Welcome, toXic, ~/Desktop : security authorize
Usage: authorize [<options>] <right(s)...>
-u Allow user interaction.
-c Use login name and prompt for password.
-C login Use given login name and prompt for password.
-x Do NOT share -c/-C explicit credentials
-p Allow returning partial rights.
-d Destroy acquired rights.
-P Pre-authorize rights only.
-l Operate authorizations in least privileged mode.
-i Internalize authref passed on stdin.
-e Externalize authref to stdout.
-w Wait until stdout is closed (to allow reading authref from pipe).
Extend rights flag is passed per default.
Perform authorization operations.
Welcome, toXic, ~/Desktop :

Reply

Answer 7

Dec 14, 2009 10:16 AM in response to Andrew Free

Do it without -d and it won't pop up on you. security dump-keychain Just won't show data: passwordishere
Now then, you stated you want to, and then you need to do this without GUI. Which one? And did any of your 3 or 4 other posts on the net give you an answer yet? Man pages indeed.

Reply

Answer 8

Andrew Free Author

Level 1

0 points

Dec 14, 2009 10:39 AM in response to doug pennington

Doing it without the -d is pointless. I need the keychains decrypted. No, no one else where knows the answer. Not on other sites, irc, or newsgroups. This was basically my last resort.

Reply