How to decrypt EFS-protected restored files?
From: *Vanguard* (no-email_at_reply-to-newsgroup.invalid)
Date: 05/08/04
- Next message: newstome_at_comcast.net: "Re: Windows vulnerability vs Linux vulnerability [Re: Would a firewall prevent Sasser worm?]"
- Previous message: Leach: "Re: Windows vulnerability vs Linux vulnerability [Re: Would a firewall prevent Sasser worm?]"
- Next in thread: karen: "Re: How to decrypt EFS-protected restored files?"
- Reply: karen: "Re: How to decrypt EFS-protected restored files?"
- Maybe reply: karen: "Re: How to decrypt EFS-protected restored files?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 7 May 2004 20:25:43 -0500
I had a directory configured to use EFS (so anything put under it got
encrypted). I export my EFS certificate to a floppy. My system crashed and
a disk image wouldn't work (because of changes in the hardware). However, I
could still use the ImageExplorer that comes with DriveImage to peruse the
contents of the image files to extract files out of them. So I've tried the
following:
- Extracted the files from disk image. Cannot view them because of the EFS
protection. Imported the EFS certificate used when the files got encrypted.
It was imported under the Personal store for certificates. Could not open
the files.
- Deleted the EFS certificate and re-imported it but this time left the
option selected to have Windows XP automatically determine under which
certificate store to place the certificate. It imported it to the Trusted
People certificate store. Still couldn't access the encrypted files.
- Figuring that EFS had not yet been implemented on my new install and that
maybe the imported EFS certificate would not get exercised until EFS was
used, I right-clicked on a folder and had it encrypted. Then I copied the
files to under this directory figuring that the certificate might also have
to be imported before moving the files into an EFS-protected directory.
Still cannot access the file contents.
I've read several KB articles and the included help but it really never
describes the steps in restoring EFS-protected files, the order of importing
the EFS certificate (before or after the files have been restored to the new
instance of Windows), or if importing the EFS certificate after restoring
the files (or before) would allow access to them (or if I also need to
actually implement EFS to have it utilize the imported certificate). I see
mention of how use EFS, export certificates, manage them, import them, and
some vague inferences in using them against encrypted files but no real
instructions. After a few hours, I've exhausted what I could come up for a
procedure to decrypt these files. Any ideas?
-- ____________________________________________________________ *** Post replies to newsgroup. Share with others. *** Email: domain = ".com" and append "=NEWS=" to Subject. ____________________________________________________________ -- ____________________________________________________________ *** Post replies to newsgroup. Share with others. *** Email: domain = ".com" and append "=NEWS=" to Subject. ____________________________________________________________
- Next message: newstome_at_comcast.net: "Re: Windows vulnerability vs Linux vulnerability [Re: Would a firewall prevent Sasser worm?]"
- Previous message: Leach: "Re: Windows vulnerability vs Linux vulnerability [Re: Would a firewall prevent Sasser worm?]"
- Next in thread: karen: "Re: How to decrypt EFS-protected restored files?"
- Reply: karen: "Re: How to decrypt EFS-protected restored files?"
- Maybe reply: karen: "Re: How to decrypt EFS-protected restored files?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
