iCloud Keychain (Apple Passwords) Support for Linux A new open-source tool called iCloud Keychain for Linux lets users access their Apple passwords on Linux machines without a Mac. The project, built with AI assistance, downloads passwords into an encrypted local store and provides a browser extension for autofill, though it remains untested with Advanced Data Protection enabled. Use your iCloud Keychain passwords on Linux - no Mac required. Sign in with your Apple ID and icp registers this computer as one of your Apple devices, then downloads your passwords into a private, encrypted store on your machine. A browser extension fills them in for you, just like the Passwords app on a Mac or iPhone. Your Hide My Email addresses show up too. Note:Most of this project was written with AI assistance and reviewed by a human . It works with my own Apple account, but that's no guarantee it will work with yours. Your passwords never leave your computer, and nothing is ever changed in your Apple account - icp only reads. This is also untestedwith Advanced Data Protection enabled. Any help with this will be appreciated - let me know if you have any issues with ADP enabled also lmk if it works . Please don't spam escrow attempts An anisette server running on your machine. Apple's sign-in needs a small piece of data that only Apple's own software can produce; the anisette server provides it locally. Start one with Docker or Podman - it keeps running in the background: docker run -d --restart=always -p 6969:6969 dadoum/anisette-v3-server:latest You only have to do this once. If you run it somewhere other than the default http://localhost:6969 , set ICP ANISETTE URL to its address. You will also need this repo. Clone it / download it as you wish. From the project folder: python3 -m venv .venv && .venv/bin/pip install -e . source .venv/bin/activate icp login This will walk you through the login: enter your Apple ID, password, and the 2FA code Apple sends to your other devices. icp then asks for a device passcode or iCloud Security Code so it can join your keychain. - You're only asked for your password and 2FA code once . icp should stay signed in for a year after this. - The passcode step is important and can't be undone : entering the wrong passcode too many times about 10 will permanently lock your keychain recovery. One correct entry is perfectly safe. - Your 2FA code and passcode are used immediately and never saved . Your password is kept encrypted on your computer in your login keyring so icp can stay signed in without asking you again - it never leaves your machine. Your access tokens and passwords are stored the same way. icp show Opens a full-screen list - start typing to filter, Enter to reveal a password, Esc to quit. Add a word to search directly, or --plain for plain text: icp show github The extension/ folder works in Chromium based browsers and Firefox. - Open your browser's extensions page e.g. chrome://extensions , helium://extensions and turn on Developer mode . - Click Load unpacked and choose the extension/ folder. Copy the Extension ID it shows. - Connect the extension to icp by running: host/install.sh