An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#37297 - 11/19/15 07:06 AM Keychain
pbGuy Offline

Registered: 08/04/09
Loc: Portland, Oregon
I've been reviewing my Keychain recently via Keychain Access. (I do not use iCloud Keychain as I use 1PW.)

While I'm not having any noticeable issues with my Keychain, I do see a variety of multiple items - particularly in the Keys section where there are Public & Private keys, particularly for iMessage Signing & Encryption Keys (which seemingly should now be Messages) where the Kind & Usage details are the same.

In the Passwords category, there also a number having the same Name albeit their Account & Where details are slightly different.

1. Short of deleting my complete Keychain to start over, where can one find detail about what might be redundant (say, from prior Keychains as OS X updates have been done over time) and therefore, safely deleted to do a clean up.

2. Also when I run Keychain First Aid (Verify) and the Keychain is unlocked, I'm getting the following in the First Aid window and then, the Keychain locks upon completion of the Verify:

Verification started
Checking keychain configuration for "name" (user ID=501)
Home directory is /Users/"name"
Checked login keychain
Checked settings for ~/Library/Keychains/login.keychain
Keychain can't be unlocked automatically. Please attempt to unlock ~/Library/Keychains/login.keychain from Keychain Access.

Checked default keychain
Checked contents of ~/Library/Keychains/login.keychain
No problems found
Verification completed

This behavior doesn't seem correct. ...Is something happening which further indicates there are some gremlins in my Keychain?
MBP15 i7 (2017) - 1TB PCIe-SSD - 10.15.6, iPhone X & iPadPro 11 WiFi, Watch4

#37298 - 11/19/15 07:53 AM Re: Keychain [Re: pbGuy]
Virtual1 Offline

Registered: 08/04/09
Loc: Iowa
keychains with a name of "login" are usually ones that have been migrated from several versions of os x back, when "login" was the default keychain name. Now they default to your username. it may simply be throwing an error due to the name difference, and not really represent an actual problem

it's always been a little dicey to muck with a keychain, and now with the keychain daemon that caches those things, I am really loathe to mess with them unless necessary. (strange and sometimes maddening errors can result) So while you could change the name of the keychain, you would be playing with fire. I would recommend you let sleeping dogs lie.
I work for the Department of Redundancy Department


Moderator:  alternaut, dkmarsh, joemikeb