Keychains: iCloud, Login, Local Items. Keeping control of what goes where…
Hi everyone,
I wanted to test iCloud keychain with OS X and iOS, but I’m not quite sure how to retain control of what goes where. After enabling iCloud Keychain on the Mac the new Local Items keychain, which can be seen in Keychain Access, changed to iCloud and it did import lots of entries, supposedly from ~/Library/Keychains/login.keychain. It did not import everything and I have yet to figure out on what it bases its importing. I wanted to start fresh so I deactivated iCloud Keychain on all devices and let it delete the data on the devices while doing so.
Problem is that my login.keychain now did miss a lot of entries which seem to have been moved to the now emtpy iCloud Keychain (which got of course renamed to Local Items after deactivation). So I went back to an older state of my login.keychain from my backup. With iCloud Keychain still deactivated Mail.app for example now insists that it does not have the passwords for my mail accounts. Even thought they are there and correct in my login keychain. When I enter the passwords in Mail’s password prompt window they always go to Local Items instead of Login.
I tried to move the mail account entries to the Login keychain which seems to work fine, but once I do so Mail refuses to see them and insists on letting me enter the passwords again in order to save them to Local Items. 😐 I would like to use iCloud keychain to share a few website logins between my Mac and my iPhone, but I want to keep most of my logins exclusively local on the Mac. Any ideas how to accomplish that?
Other logins that are only in the Login Keychain do still work fine, for example online banking logins in Safari or FTP logins in Transmit. So as a first step I would like to have Mail.app play nice as well.
Any help, light-shedding or direction-pointing greatly appreciated!
Björn