osx - How can I export / import a single keychain item via the command line in OS X?

01
2014-06
  • cwd

    OS X has a command line tool called security that is made for working with keychains. The man page has examples of how to export all items of a specific type / all items for a specific keychain - but I don't understand how to export / import a single item.

    What I would really like to do is update the password on a single IPSec XAuth Password item but I think maybe exporting, possibly deleting, then importing would be the closest thing to what I want.

    I haven't had any luck finding examples or related questions for this task, and I've not used the security tool other than to list available keychains.

    • Answers
  • Lauri Ranta

    You can use find-generic-password or find-internet-password:

    security find-generic-password -l 'keychain item name'
security find-internet-password -s accounts.google.com

    -l mathes a label and -s matches a server string. Add -w to only print the password.


    • Related Question

    mac - Add Secure notes to Keychain via Applescript
  • TomA

    I have switched from Windows to Mac and one of the things I need to set up properly is password management. Previously on Windows I was using a small TrueCrypt file containing text files with usernames and passwords.

    I need to write an Applescript that takes those text files and imports them as Secure notes into Mac's Keychain Access app.

    I know that there are some Applescript commands related to Keychain, but I haven't found a way to add Secure notes.


    • Related Answers
  • David Metcalfe

    The Apple Developer area has some documentation referencing Keychain Services, which include a reference to Change the attributes and data in a keychain item (ex. notes) but I'm unable to find any calls for AppleScript outside of generating new login keys.

  • Dori

    Given that you're new to the Mac, I'll suggest something that would solve your issue in an entirely different (and more Mac-like) way.

    Your text files are usernames and passwords, right? So, they don't actually need to be notes; they could instead be stored as username & passwords, whether inside your Keychain or not.

    If that's the case, I recommend skipping Keychain Access and instead going for 1Password. If you can get your current text files into a single CSV file, here's the instructions on how to import them.