Re: Encrytion Issue


"Richard" <richardbee@xxxxxxxxxxx> wrote in message
news:u0zJTKekHHA.4936@xxxxxxxxxxxxxxxxxxxxxxx
HI Roger

I read somewhere that the machine will use the cert/key the first time we
use to encrypt a file. I remember deleting the old key, then when I

Well, ultimately there is a sense in which "the machine" does
everything, but in this case it is better and more accurate to
thing of the account as having/using the cert/key. If one uses
EFS and does not yet have a cert/key in the active profile,
then one is generated for use.


encrypted another file, another key was issued. Would it be using the
first
key to encrypt, while I am exporting the second key?


You would need to use certmgr.msc to see what EFS cert/keys
exist for that account logged into that machine; and use efsinfo.exe
from the support tools to see what cert was used to encrypt something.



"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote in message
news:OYgzFZdkHHA.4188@xxxxxxxxxxxxxxxxxxxxxxx

"Richard" <richardbee@xxxxxxxxxxx> wrote in message
news:%23DWz6HTkHHA.4112@xxxxxxxxxxxxxxxxxxxxxxx
Hi

I am having some difficulties with efs. I am still working on the issue
(previous thread with title "Encryption").

I am now trying an ecrypted file within the same domain. I encrypted a
file
'encrypttest.txt' on A and copied it to a shared directory. I went to
another computer B, tried to open it, access denied.

Then I exported the cert/key from 'A' to the shared directory and
installed
it to 'B'. Tried to open the file but couldn't open it.

What could I be doing wrong?


What NTFS permissions exist on the file once copied to the share?

Does the share to which this was copied exist as actual storage on
A, on B, or on some other machine?

What was done to the "install" of the cert/key at B? (note: one does
not really "install it to 'B'", as B is a machine - one loads the
cert/key
to an account's private store as profiled at B).






.

Relevant Pages

  • Re: Encrytion Issue
    ... the file server will quietly decrypt and ... encrypt the file again using the server's cert, ... I read somewhere that the machine will use the cert/key the first time ...
    (microsoft.public.win2000.security)
  • Re: Encrytion Issue
    ... I read somewhere that the machine will use the cert/key the first time we ... use to encrypt a file. ... 'encrypttest.txt' on A and copied it to a shared directory. ...
    (microsoft.public.win2000.security)
  • Re: A quick question before I kill myself... (XP EFS)
    ... You can create a new cert/key, but it will be just that, new. ... are you sure it is EFS you used? ... Have you had any indication that a new profile was created ... > I'm rather new at encryption, so I've screwed around a bit trying to make ...
    (microsoft.public.windowsxp.security_admin)