Re: How to Copy EFS(encrypted) Files....



Hi,

If you have EFS protected file and you decide to copy it the file will first
be decrypted (you actually have to have the private keys to decrypt the file
if you want to copy it). Once the file is decrypted in memory it will be
copied in "clear text" over the network. What happens now depends on the
setting on the server. If the server is NTFS formatted and has EFS attribute
set on the destination folder the file will be re-encrypted.

As Paul pointed out you can use WebDAV and copy EFS encrypted file over the
network in encrypted state.

--
Mike
Microsoft MVP - Windows Security

"Amjad Zogby" <azoghbi@xxxxxxxxx> wrote in message
news:ON4UxSe%23FHA.3676@xxxxxxxxxxxxxxxxxxxxxxx
> kea wrote:
>> Hmmm, WebDAV, how do I specify copying with that protocol?
>> What I am looking for...
>> I want to copy files from one workstation to another directly without
>> having the files decrypted.
>> I have tried this wil robocopy command line and the 1.63gb took an hour
>> over a crossover cable and data was not encrypted on the other machine.
>> So most of the time was the original machine decrypting and then copying
>> or something like that.
>>
>> But Again, I need to crossover cable or peer-to-peer and maintain the
>> encryption. I have the mechansim to migrate the cert.
>>
>> Thanks for the info.
> Hello
> I hope i'm not out of the subject, but why don't you set an IPSec policy
> between the two machines, this will ensure your file is encrypted in
> transit. Also, if the remote machine is EFS capable (NTFS), the file
> should be left encrypted when copied.


.



Relevant Pages

  • Re: EFS Recover Agents Unable to decrypt files
    ... Permissions were checked to make sure that the EFS RA had full ... The EFS RA imported it's EFS RA certificate from storage in a secure ... I tried to decrypt the file after only importing the ... a special recovery key is created with the encryption process. ...
    (microsoft.public.win2000.file_system)
  • Re: Recover encrypted file?
    ... If it can decrypt, it will tell you that it only decrypts ... Since your computer's and users' SIDs changed your EFS private key will no ... want to buy the full version for $99 to try and recover your files. ... > that encryption keys must be backed up separately from a normal backup (which ...
    (microsoft.public.windowsxp.security_admin)
  • Re: WINXP Pro File Excryption Not Working
    ... When reading bytes from the file in order to encode them for sending as an email attachment, the encryption key was used to decrypt those bytes. ... the profile is stored locally on that machine. ... But it's how EFS works. ...
    (microsoft.public.security)
  • Re: RE:file encryption
    ... The private keys that are used to decrypt EFS files are stored in the user ... profile and local administrator profile and available to export ... not have backup copies of your EFS encryption keys or user profiles at a time ...
    (microsoft.public.win2000.security)
  • Re: Please Help-Win 2K encrypted file on Win XP cant open
    ... I believe that XP Home does not support EFS encryption. ... drive back into your W2K computer where they were encrypted and decrypt them before ... > Windows 2K Pro, my new computer Win XP Home. ...
    (microsoft.public.win2000.security)