I’ve been meaning to look at this, but haven’t had the time until recently. bzr-keychain provides the ability to save your credentials into Mac OS X’s keychain. The trick is getting it in there in the first place.

Step 1: Get bzr-keychain

It’s simple:

cd ~/.bazaar/plugins
bzr branch lp:bzr-keychain keychain

Since this plugin requires a C extension module to access the keychain, you also need to run the following from ~/.bazaar/plugins/keychain:

python build_ext --inplace

Step 2: Mark up authentication.conf

We need to communicate to bzr that we want to look up a password for a server from the keychain. That means adding a section like this to ~/.bazaar/authentication.conf.

scheme = http
host =
password_encoding = keychain

The section header can be anything you want. The import bits are picking the scheme, specifying the host, and setting the password encoding to keychain. The last bit is what tells bzr to lookup the password from Mac’s keychain. Note that my scheme is “http” even though I’m using bzr+http, because the underlying transport is “http”. If you want to know more about the various, look at bzr help authentication.

Step 3: Add your password to your keychain

I won’t go into detail about how you should set up your various keychains. Dave Dribin has a great article on setting up your keychain. If you don’t follow that guide, simply add the password to your login keychain.

Launch the Keychain Access application in Applications/Utilities. Pick the keychain you want to add the item too. For me, I’ve setup a special one called “secure” as in the article above.

Next, you need to create the keychain item. There’s + at the bottom of the right hand pane. Click it to create a new keychain item.

This is where you need to click to add a keychain item.

Name it as follows:

<scheme://host:port> realm

In my case, I named my keychain item:

<> private area

Here’s what the dialog looks like all filled out:

Filled out keychain item dialog.

And here’s my main screen after I’ve added the new item:

Main screen after the new keychain item is added.

Step 4: Try it out

Go ahead and try to pull from the server. Keychain will ask if Bazaar is allowed to access that particular entry. Grant it access and you’re done!

Hope you found this helpful!