SYSTEMKEYCHAIN(8) BSD System Manager's Manual SYSTEMKEYCHAIN(8)
NAME
systemkeychain -- creates system keychains and allows keychains to unlock keychains
SYNOPSIS
systemkeychain [-fv] [-k filename] [-C] [password]
systemkeychain [-fvc] [-k filename] [-s] [file ...]
systemkeychain [-v] [-k filename] [-t]
DESCRIPTION
The systemkeychain can be used to create a system keychain, make it possible for a keychain to unlock
another keychain, or test unlocking a keychain.
The options are as follows:
-C Create a keychain and establish it in the system as the primary system keychain whose unlocking
is automatically handled by the system. The new keychain is empty. If the optional password
argument is given, the keychain can be also be unlocked with that; otherwise, the keychain has
no password and can only be unlocked by the system.
-s Extract the master secret from source keychain(s) and install them in a destination keychain to
allow unlocking.
-t Test unlocking the system keychain.
-k systemKeychain
Use a keychain other than the default as the destination system keychain.
-c Create the target keychain if necessary.
-f Force creation of a system keychain or overwriting of an existing key for keychain unlocking
keychain operations.
-v Turn on verbose mode.
By default, systemkeychain works with the keychain file stored at /Library/Keychains/System.keychain .
Use of the -k option can specify a different target file.
Use of the -s option allows keychains to be setup to unlock other keychains. Chains of keychain
unlocks can be setup in this manner to make a series of keychains unlock while only needing to manually
unlock the first one. This functionality can be verified with the -t (test unlock) option.
FILES
/Library/Keychains/System.keychain
DIAGNOSTICS
The systemkeychain utility exits 0 on success, and >0 if an error occurs.
HISTORY
The systemkeychain command appeared in Mac OS 10.2.0 .
BSD March 14, 2006 BSD
|