Administer Keychains, keys, certificates and the Security framework.
security [-h] [-i] [-l] [-p prompt] [-q] [-v] [command] [opt ...]
-i Run in interactive mode.
-l Run /usr/bin/leaks -nocontext before exiting.
-p Set the prompt to "prompt" (implies -i).
-q Be less verbose.
-v Be more verbose about what's going on.
security commands are:
help Show all commands, or show usage for a command.
list-keychains Display or manipulate the keychain search list.
list-smartcards Display available smartcards.
default-keychain Display or set the default keychain.
login-keychain Display or set the login keychain.
create-keychain Create keychains and add them to the search list.
delete-keychain Delete keychains and remove them from the search list.
lock-keychain Lock the specified keychain.
unlock-keychain Unlock the specified keychain.
set-keychain-settings Set settings for a keychain.
set-keychain-password Set password for a keychain.
show-keychain-info Show the settings for keychain.
dump-keychain Dump the contents of one or more keychains.
create-keypair Create an asymmetric key pair.
add-generic-password Add a generic password item.
add-internet-password Add an internet password item.
add-certificates Add certificates to a keychain.
find-generic-password Find a generic password item.
delete-generic-password Delete a generic password item.
set-generic-password-partition-list Set the partition list of a generic password item.
find-internet-password Find an internet password item.
delete-internet-password Delete an internet password item.
set-internet-password-partition-list Set the partition list of a internet password item.
find-key Find keys in the keychain
set-key-partition-list Set the partition list of a key.
find-certificate Find a certificate item.
find-identity Find an identity (certificate + private key).
delete-certificate Delete a certificate from a keychain.
delete-identity Delete an identity (certificate + private key) from a keychain.
set-identity-preference Set the preferred identity to use for a service.
get-identity-preference Get the preferred identity to use for a service.
create-db Create a db using the DL.
export Export items from a keychain.
import Import items into a keychain.
export-smartcard Export items from a smartcard.
cms Encode or decode CMS messages.
install-mds Install (or re-install) the MDS database.
add-trusted-cert Add trusted certificate(s).
remove-trusted-cert Remove trusted certificate(s).
dump-trust-settings Display contents of trust settings.
user-trust-settings-enable Display or manipulate user-level trust settings.
trust-settings-export Export trust settings.
trust-settings-import Import trust settings.
verify-cert Verify certificate(s).
authorize Perform authorization operations.
authorizationdb Make changes to the authorization policy database.
execute-with-privileges Execute tool with privileges.
leaks Run /usr/bin/leaks on this process.
error Display a descriptive message for the given error code(s).
create-filevaultmaster-keychain Create a keychain containing a key pair for FileVault recovery use.
smartcards Enable, disable or list disabled smartcard tokens.
translocate-create Create a translocation point for the provided path
translocate-policy-check Check whether a path would be translocated.
translocate-status-check Check whether a path is translocated.
translocate-original-path Find the original path for a translocated path.
requirement-evaluate Evaluate a requirement against a cert chain.
filevault Handles FileVault specific settings and overrides.
$ security list-keychains
"/Users/crypt0rr/Library/Keychains/login.keychain-db"
"/Library/Keychains/System.keychain"