Categories
Uncategorized

System Keychain

This morning I was trying to add a new machine to my wireless network. Unfortunately, I’d forgotten the password… To the Keychain Access batcave!

Unfortunately, the “Airport network password” is stored in the system keychain, instead of my login keychain. Whilst I can unlock the system keychain, when I ask it to show me the password for my wireless network, it prompts for a password. Not my password, as it happens. Oh no. System keychain is protected by a 48 random bytes stored in /var/db/SystemKey. It’s created by the systemkeychain utility the first time your mac is booted. More to the point, there’s absolutely no way I can type those bytes.

So, let’s be cunning I thought. I dropped down to the command line and ran:

  % sudo cat /var/db/SystekMey | pbcopy

Then went back to keychain access only to discover that you can’t paste passwords in OS X.

A bit more googling turned up the security command. In particular, the dump-keychain command. Finally, running this spat out the password I was after:

  % security dump-keychain -d ~/Library/Keychains/login.keychain

At this point, I found out that it was the password for my old wireless network, which I’d just stopped using. A closer inspection of my login keychain revealed another “AirPort network password” which just happened to be for the new network. Ah well, at least it surrendered itself willingly.

From googling, it appears that many other people have been unable to recover stuff in their system keychain. So this is good stuff to know.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s