Monday, April 16, 2007

Syncing a Keychain from One Mac to Another

As a companion piece to our Entourage Encryption Setup guide, this document will explain how to take the keychain you created (or any keychain) and have a copy of it installed on another Mac.

You have two options. The first is easier, the second is more secure (and is cheaper).

.Mac Sync. Transfer over the internet using .Mac (easier but not as safe, and expensive if you don't already use .Mac, although there are 60-day trials of .Mac available).

  1. Edit your keychain settings in the Keychain Access program so that it syncs the keychain up with your .Mac account.

  2. Sync all your Macs up with .Mac, and you will have all your public/private keys on all your systems.

  3. Turn off the sync feature for this keychain once you've finished syncing up all your Macs.
... or ...

Sneakernet. Transfer by hand using a burned CD or USB key.
  1. Make a copy of the .keychain file in your ~/Library/Keychains folder (the ~ represents your home directory, usually your name). If you followed our Entourage Encryption guide, this file will be named "Encrypted Email.keychain."

  2. Burn this copy to CD, and safely transport it to the Mac you want to sync it to.

  3. Securely erase the COPY (not the original) .keychain file once you've finished burning it to CD, using the "Secure Empty Trash" from the Finder menu. (You may also try to skip the entire copy/erase step by burning the .keychain file directly from your Keychains folder, although we received CD Burn errors when we tried this method.)

  4. Copy the .keychain file into the ~/Library/Keychains folder on the destination computer.

  5. Open the Keychain Access program on the new computer.

  6. Select the Edit menu, and then Keychain List.

  7. Press the + button at the bottom/left side of the window.

  8. Locate the .keychain file you copied over, and select it.

  9. The keychain is now installed into your Mac.

  10. Destroy the CD you used to copy the keychain.
Your data is only as safe and secure as your keychain file... be careful with it!

If you notice any mistakes, please let us know by commenting on this article.

No comments: