KeyChain Security command line tool works with find-internet-passwords but not find-generic-passwords

macos command-line keychain
16,441

Solution 1

Generic passwords are identified by their Service and Account attributes. For example, to search for a password for account "bar" of the "foo" service, use

security find-generic-password -a foo -s bar -g

The -g option displays the value of the password at the end of the output.

The combination of service and account is guaranteed to uniquely identify a particular password. Other queries (comment, label, etc.) are possible, but they may match multiple passwords. find-generic-password displays only the first single matching item, which limits its usefulness for such queries.

Solution 2

A more accurate and up to date answer would be to use -w instead of -g if you only need password. I've seen people using -g and parsing output using awk/perl to get the password field, which is not needed (anymore). All you need to do is:

security find-generic-password -a foo -s bar -w

You may use find-internet-password instead of find-generic-password command depending on where your password is stored in keychain.

Share:
16,441
Travis
Author by

Travis

Updated on June 21, 2022

Comments

  • Travis
    Travis almost 2 years

    Looking into using the command line tool for KeyChain. I am able to do a lot of the things through security; listing my multiple keychains, dumping them and setting defaults. Reading through tutorials and other postings I expect to find my passwords with

    security find-generic-password test

    But I get

    security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain.

    This won't work in my default keychain or login.keychain. However, I am able to find my passwords listed as 'internet' with find-internet-password command. Can anyone explain why or what I am doing wrong? Sites I've been reading is the man page and http://blog.macromates.com/2006/keychain-access-from-shell/,

  • robenkleene
    robenkleene about 5 years
    What is the "Service" attribute? I don't see that label anywhere in the Keychain Access app on macOS Mojave 10.14.4. The metadata I see are "Name", "Kind", "Account", "Where", and "Comments". (I tried the obvious guess here, "Name", but that does not work.)
  • Karoy Lorentey
    Karoy Lorentey about 5 years
    Keychain Access uses the "Where" label for the Service attribute.
  • Adrian Maire
    Adrian Maire about 4 years
    Isn't -s the service and -a the account? Seems they are inverted in the example.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to delete a keychain reference from command line
Keychain password for macOS Flutter app on VM
How to stop "keychain access" permission dialog on MacOS when debugging Flutter app on Visual Studio Code?
Update GitHub authentication to use token on macOS (rather than password)?
Install Command Line Developer Tools: can't install the software because it is not currently available from the software update server
How to copy files from Mac OS to Windows which are in same network using command line?
Increase memory for jMeter on command line
How to export certificate from Mac OS X to get pair of .cert and .key files ?
Path, /usr/bin/ and /usr/local/bin/
OS X: creating or extracting preview(.jpg,.png) of .eps file