security command in MacOS
The security command in MacOS allows users to interact with various security services, including managing keychain items, certificates, keys, and more. This command is essential for tasks such as changing keychain settings, manipulating certificates, and configuring the Keychain Access app. By using the security command in MacOS, users can efficiently handle user authentication, permissions, and security-related operations.
security Syntax:
security [options] [command] [parameters]MacOS security Options:
| Option | Description |
|---|---|
| -h | Show help message |
| -v | Verbose mode |
| -h | Perform hash |
| -c | Verify certificate |
| -p | Show private key |
| -r | Rollover keychain |
security Parameters:
| Parameter | Description |
|---|---|
| keychainName | Name of the keychain to use |
| itemLabel | Label of the item to operate on |
| command | Specific security command |
How to use security command:
Display Available Keychains
security list-keychainsLists all available keychains on the system.
Show Keychain Information
security show-keychain-info login.keychainDisplays detailed information about a specific keychain file (e.g., login.keychain).
View Keychain Items
security find-internet-password -gs www.example.comSearches and displays internet passwords stored for a specific website (e.g., www.example.com).
Add a New Keychain Item
security add-generic-password -a user -s "Service" -w "Password"Adds a new generic password item to the keychain with the specified username, service name, and password.
Remove a Keychain Item
security delete-generic-password -s "Service"Deletes a generic password item from the keychain based on the specified service name.
Change Keychain Password
security set-key-partition-list -S apple-tool:,apple: -k newpassword login.keychainChanges the password for a specific keychain file (e.g., login.keychain) to “newpassword”.
Export Keychain Items
security export -k login.keychain -t identities -o private.pemExports specific keychain items (identities) from a keychain file (e.g., login.keychain) to a private key file (e.g., private.pem).
Import Keychain Items
security import private.pem -k login.keychainImports keychain items (e.g., from a private key file named private.pem) into an existing keychain file (e.g., login.keychain).
How do I use security in MacOS?
To use the security command in MacOS, execute the following command:
security --option <value>How do I check the validity of a keychain in MacOS?
To check the validity of a keychain in MacOS using the security command, you can run:
security verify-keychain -k keychain_pathHow do I list the keychains in MacOS using security?
To list the keychains in MacOS using the security command, you can use the following command:
security list-keychainsHow can I find out the default keychain in MacOS with security?
To find out the default keychain in MacOS using the security command, you can run:
security default-keychainHow do I view the contents of a specific keychain with security in MacOS?
To view the contents of a specific keychain in MacOS using the security command, you can use:
security dump-keychain keychain_pathHow can I add a keychain in MacOS using security?
You can add a keychain in MacOS using the security command by running:
security list-keychains -s new_keychain_pathHow do I delete a specific keychain in MacOS with security?
To delete a specific keychain in MacOS using the security command, you can execute:
security delete-keychain keychain_pathHow do I manage trust settings for certificates in MacOS using security?
To manage trust settings for certificates in MacOS with the security command, use:
security set-trust-settings -d certificate_pathHow can I find the identity preference for a key in MacOS with security?
To find the identity preference for a key in MacOS using security, you can enter:
security find-identity -vp key_nameApplications of the security command
- Managing Keychains
- Checking Code Signatures
- Verifying System Integrity Protection (SIP)
- Generating Secure Tokens
- Managing certificates and keys
- Checking and managing X.509 certificate trust settings