security password management

   find-generic-password [-h] [-a account] [-s service] [-options...] [-g] [-keychain...]
            Find a generic password item.

   delete-generic-password [-h] [-a account] [-s service] [-options...] [-keychain...]
            Delete a generic password item.

            -a account      Match account string
            -c creator      Match creator (four-character code)
            -C type         Match type (four-character code)
            -D kind         Match kind string
            -G value        Match value string (generic attribute)
            -j comment      Match comment string
            -l label        Match label string
            -s service      Match service string
            -g              Display the password for the item found

   delete-internet-password [-h] [-a account] [-s server] [options...] [keychain...]
            Delete an internet password item.

   find-internet-password [-h] [-a account] [-s server] [options...] [-g] [keychain...]
            Find an internet password item.

            -a account      Match account string
            -c creator      Match creator (four-character code)
            -C type         Match type (four-character code)
            -d securityDomain
                            Match securityDomain string
            -D kind         Match kind string
            -j comment      Match comment string
            -l label        Match label string
            -p path         Match path string
            -P port         Match port number
            -r protocol     Match protocol (four-character code)
            -s server       Match server string
            -t authenticationType
                            Match authenticationType (four-character code)
            -g              Display the password for the item found

Examples

Add to keychain:

$ security add-generic-password -a $USER -s 'PASS64' -w this_is_the_secret

Read from the keychain:

$ security find-generic-password -a "$USER" -w -s 'PASS64'
this_is_the_secret

Save the password to an environment variable 'P64', Be aware that it is possible to view the environment using ps -E, which could expose the password:

$ export $(echo "P64"="$(security find-generic-password -a "$USER" -w -s 'PASS64')")

Delete from the keychain:

$ security delete-generic-password -a "$USER" -s 'PASS64'

“The man who looks for security, even in the mind, is like a man who would chop off his limbs in order to have artificial ones which will give him no pain or trouble” ~ Henry Miller (The Rosy Crucifixion I )

Related macOS commands

security - Administer Keychains, keys, certificates and the Security framework.


 
Copyright © 1999-2024 SS64.com
Some rights reserved