Hexdump -s 8 -n 24 -e '1/1 "%.2x"' /path/to/SystemKey & echoĮxplained: Skip the first 8 bytes from the beginning of the file, continue 24 bytes after that, and use the format string to dump the data out on one line (it's a C-style printf string, if you're curious). The proper command to get the right hex key is: Even better, we need 24 bytes out of the middle of the file - after the magic number that indicates a key file, but before the checksum bytes. We can't use SystemKey as is - it contains random bytes that can't be entered into a password dialog or command line. Step 1: Recovering the encryption key for the source keychain The SystemKey file from the source machine.This file is located in either /System/Library/Keychains or /Library/Keychains.
The System.keychain file from the source machine.
One new Mac or Linux machine (called the Target machine from here on) One dead Mac with a readable filesystem (called the Source machine from here on).