Monthly Archives: August 2006

Reset system keychain password

I have spent considerable amount of time (over YM) the past two weekends trying to help me dad get his Windows desktop to connect to the WiFi network I have running back home. The process has been a lot of pain and he’s still unable to connect, but this post is not to whine about what’s wrong with this Windows world. As you would expect, amongst other things, I needed to tell him the SSID and WEP key for the network and of course Keychain spoilt as we are, I didn’t remember either. No big deal, I just went into the Network Preferences and told him the SSID of the Wireless Network I have setup Airport to join in the “Home” location.

Now there’s the password as well, but to see it I’ll need to use Keychain, our trusted password keeper. I run Keychain and can see all the passwords except the one I need – Murphy’s law? Not quite, because I can’t see any of the Airport passwords. Well, that’s strange. I look around at various websites but nothing tells me where our trusted Airport passwords might be. I spot the “Show Keychains” button (it’s right there, duh!) and click on it and viola, a drawer pulls out and tells me I am looking at the “login” keychain and there’s another keychain called “system”. As you would expect, the Airport passwords are in the other keychain. So far so good, although the existence of another keychain could have been more “visible”. Anyways, the “Show Keychains” button was “right there” so I would let this one go.

I selected my network and tried to “Show password” but it just wouldn’t accept my login password (and yes I have administrator privileges). This while the user keychain quite happily accepted my password. I looked this problem up and found that the reason was that I had changed my login password since installation. Aha, so what this means is that while the user keychain password (automatically) changes when you change your login password, the same doesn’t hold true for the system keychain. I presume the system keychain would unlock with my old login password – if only I could remember it!

I tried to “Repair” the keychain using the “Synchronize login keychain password” option but apparently that’s only for your “user” keychains. I tried the booting from Install DVD and resetting the user password routine but no cigar. I was getting really irritated at this point and had me dad (there’s me trying to write Scouse again) hanging by the chat window for the best part of 30 minutes waiting for the password. That was when the command line geek in me finally decided to show up.

The basic idea is to “fool” Keychain into thinking your system keychain is your user keychain. If you are comfortable with the command line you can probably take it from there (do not forget to backup before you attempt anything) but if you’re not I’ll hold your hand until you are done. So here we go, here’s how to reset your system keychain password (works in Panther, no reason it shouldn’t in Tiger):

1) Quit Keychain Access
Just in case, quit Keychain Access if it is running.

2) Fire up Terminal
Available typically in Application/ Utilities

3) Backup your keychains
$ cp ~/Library/Keychains/login.keychain ~
$ cp /Library/Keychains/system.keychain ~

4) Replace login.keychain with system.keychain
$ cp /Library/Keychains/system.keychain ~/Library/Keychains/login.keychain

5) Run Keychain Access and verify that the login keychain is actually your “system” keychain (i.e. both keychains are same). Now goto Keychain First Aid in the Window menu and verify that “Synchronize login keychain password” option is selected. Just to be sure do a “verify” and you’ll be informed that the password needs to be changed. Go ahead and do the actual repair.

6) Quit Keychain Access

7) Copy the system keychain to it’s original place and restore the user keychain
$ sudo cp ~/Library/Keychains/login.keychain /Library/Keychains/system.keychain
$ cp ~/login.keychain ~/Library/Keychains/login.keychain

8) Fire open Keychain Access and you should be able to unlock the System keychain with your login password.

There – you are good to go!

Just in case something goes wrong, you can go back to your old keychains:
$ sudo cp ~/system.keychain /Library/Keychains/system.keychain
$ cp ~/login.keychain ~/Library/Keychains/login.keychain

Well, atleast something good came out of the Windows pain (in the form of this post). Not really because we would have needed the password even if the process was easier, but let’s pretend otherwise.

So where does that leave our keychains as far as security is concerned. Does that mean if you somehow manage to lay your hands on someone else’s keychain, you just reset it’s password and gain access to all the information inside it? Or is there some “system specific” information that is stored as part of the keychain that this synchronize login keychain password option looks into as well to ensure that you are not resetting someone else’s keychain?

Unfortunately I do not have access to another OS X install, so I can’t test that. I’ll see if I can have someone send me a “junk” keychain from their system and try to repair that. Or you can test the same at home if you have multiple OS X installs or download this keychain I created with nothing but a note inside and see if you can get it to synch with your login password. Please share your results.

Edit: Rest in peace (no puns intended), your keychains are safe. Thanks to AHM who wrote in to confirm he couldn’t reset the junk.keychain from my system.

Captain Mono

So I came back an hour ago after watching 5 minutes of the second Pirates of Caribbean, whatever it is called – Dead Man’s Chest? Yeah, whatever. I had been wanting to see it for a long time and considering that tomorrow will most likely be the last day it’s going to be in theatres here, I finally decided to go and watch it at this theatre near my hotel. So I quickly finished dinner – which wasn’t too bad btw, which is a rarity these days – and reached the theatre. Only the second time in my life was I planning to watch a movie “alone” – what’s the big deal with doing that anyways? I mean if you really want to watch the movie you shouldn’t really care who you’re with, right? I’m in for watching movies alone after being sceptical for the best part of my life. Anyways, I digress.

I reached the theatre, bought the ticket and entered the hall, you know the usual drill. At this point I would like to state for the record, my complete distaste for multiplexes with halls that are only slightly bigger than your living room (unless you live in Mumbai or New York of course, in which case any place is bigger than your living room). I mean this hall had only 52 seats (yes, I had time to count as I was waiting for the movie to begin) – 52 seats? Give me the single screen theatres over multiplexes any day. Call me old fashioned, but I like my movie screens big and the halls bigger. Call me old fashioned, but I’m not sure what I’m gaining with multiplexes – I pay more to watch the movie on a smaller screen with worse audio. And yes, being close to the screen is suddenly a good thing?!! WTF!

Talking about crappy audio brings us back to today’s movie. The previews start and there’s this constant hiss in the audio – never mind, I thought, it must be just the previews. Not the first time the stuff leading up to the movie is in stereo and the movie that follows is in Dolby or DSS or whatever the latest buzzword is. But of course this audio wasn’t even in stereo because the sound was coming from only one direction – right in front of me (where the screen is) – and I could just about make out what they were saying. Wait a minute, is this MONO? No way, I thought to myself. That’s not possible. Ah, the previews are over, the movie begins, surely everything will be fine now. There’s the production house banner – OMG the hiss is still there! The movie starts and yes, it’s still there. I can just about make out what the actors are saying over that annoying hiss and I start to realize that the four speakers on the left and right walls are just for show – I wonder if they are just empty enclosures – not the best publicity for Bose I tell you.

I somehow sit through the first scene and just as Jack Sparrow, correction “Captain” Jack Sparrow, is about to make his first appearance on screen (or so I think, because I never made it that far) I decide enough is enough, I don’t need to put up with this. By the way talking about sadda Johnny Deep Singh an Edward “Scissorpaws” reference on Frasier as I type this – some coincidence, eh? I walk out of the hall and happen to catch the “projectionist” just as I am moving out. What the hell is the matter with the audio I ask him, what’s with that noise? He replies with the M word. “No problem, the audio is mono”. AARGH!!! How can you even utter those words with a straight face?!!!! He added we have a digital print (with great audio I presume) but this screen has only mono audio. That would explain all the noise because to make an audio signal distributed over 5 channels audible with only one, you would have to make it exceptionally loud, bringing in all the noise. Well, that is putting it in simple terms – which is the best I can do.

Anyways, atleast the guy was understanding when I said mono sound is unacceptable to me and he took me straight to the manager/ owner who gave me a refund, no further questions asked. I didn’t expect them to be this “co-operative” to be honest, which is why I even considered sitting through the movie – but 23 seconds after the thought entered my head, I realized I just couldn’t do it – refund or no refund. I don’t know how the other half-a-dozen people watching the movie could put up with that crap! This multiplex has 3 screens, so I naturally asked if the other two had mono sound as well. Thankfully, the answer was no. Ah, great. So I pay 25% more than the guys in the other theaters (because English movie tickets are more expensive than Hindi movies which were playing on the other two screens – go figure) and I’m the one who gets mono audio! Ain’t life grand?

Take my advice, if you are in Muscat and you see a movie playing at Al Nasr screen number 3, don’t bother.