2
I created a key pair in like this:
security create-keypair -a dsa -s 4096 FooBar
Now I want to access this key from to the command line to actually use it (in .pem format if possible). However, security
doesn't have a find-keypair
option, and I couldn't get any of the other find_...
subcommands to work. Is there a way to do this?
Edit:
For now I found an (inconvenient) workaround:
- First, manually create a "secure note" in keychain access, whose contents is the the private key.
- Use the following abomination:
security find-generic-password -w -s "$SecureNoteName" | xxd -p -r | plutil -extract "NOTE" xml1 -o - - | xmllint --xpath '//string/text()' -
So it seems I first have to fight the keychain to get its contents, and then I have to fight the plist to get the value... Parsing the plist could be simplified with the defaults
command, but I wanted to avoid writing the key to a temp file, and I couldn't get defaults to read from stdin.
try
man security
andman security create-keypair
. (man gives you a lot of info about a command.) – timotree – 2016-12-05T21:06:23.4802Did you read the question? – mkeiser – 2016-12-05T21:10:13.737
I did. You didn't specify whether you'd checked the manpage. – timotree – 2016-12-05T21:16:07.133