Feb 18, 2015

Getting OS X keychain password from terminal

Sometimes I have to run curl queries in the terminal for hosts that have password protection. If I do not remember a [usually random] password or forget that the site is protected, I get a 401 response:

Atlas:~/Projects/**** [development] $ curl  -I 'http://host.example.com/'
HTTP/1.1 401 Authorization Required
Date: Wed, 18 Feb 2015 09:41:18 GMT
Server: Apache
WWW-Authenticate: Basic realm="Preview"
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

Than I have to go to my keychain to look up the password. Thanks to Alfred, it is easy to invoke the keychain but it means switching applications and entering the password for the keychain. I looked for the way to do this from terminal.

Here is the command:

security find-internet-password -w -s host.example.com

It is quite long, so I made a script file named ~/bin/kcpass to simplify this:

if [ "$1" == "" ] ; then
        echo "Usage: kcpass url"
        security find-internet-password -w -s "$1"

Don't forget to chmod +x ~/bin/kcpass!

Now I can just call to get the password:

kcpass host.example.com

Note that a full host name is needed. Probably it is possible to set up completion but it is easy to copy/paste the full host name from the previous curl command, so not worth time time doing autocomplete.

No comments:

Post a Comment