This morning I was trying to add a new machine to my wireless network. Unfortunately, I’d forgotten the password… To the Keychain Access batcave!
Unfortunately, the “Airport network password” is stored in the system keychain, instead of my login keychain. Whilst I can unlock the system keychain, when I ask it to show me the password for my wireless network, it prompts for a password. Not my password, as it happens. Oh no. System keychain is protected by a 48 random bytes stored in
/var/db/SystemKey. It’s created by the
systemkeychain utility the first time your mac is booted. More to the point, there’s absolutely no way I can type those bytes.
So, let’s be cunning I thought. I dropped down to the command line and ran:
% sudo cat /var/db/SystekMey | pbcopy
Then went back to keychain access only to discover that you can’t paste passwords in OS X.
A bit more googling turned up the security command. In particular, the
dump-keychain command. Finally, running this spat out the password I was after:
% security dump-keychain -d ~/Library/Keychains/login.keychain
At this point, I found out that it was the password for my old wireless network, which I’d just stopped using. A closer inspection of my login keychain revealed another “AirPort network password” which just happened to be for the new network. Ah well, at least it surrendered itself willingly.