Re: EFS File Recovery

From: BobS (bobt_at_qqq.com)
Date: 12/24/03 

Date: Wed, 24 Dec 2003 04:50:32 -0500

I have also tried to use my user private key to decrypt these files that are
on non-domain server2003 box without success. I'm sorry I must be missing
something here. How can this be considered a solution to anything when there
are no keys that can ultimatly decrypt the files when all else fails,
including all domain manhines???? I can see myself now explaining to the CEO
how he cannot have his stock investment files because the domain in which
was used to encrypt the files no longer exsists, and although we do have his
data backed up, we cannot decrypt the data because the keys that were used
to encrypt that are no longer any good. LOL!! This cannot be the case is
it????????????

"Brian Komar" <bkomar@komarconsulting.com.nospam> wrote in message
news:MPG.1a50c5b92bddb5a2989682@msnews.microsoft.com...
> In article <#QNk58IyDHA.536@tk2msftngp13.phx.gbl>, Bobs@123.com says...
> >
> > Are you telling me that I cannot encrypt files at home, and then take
them
> > to work encrypted, and decrypt them by installing the recovery agents
> > private key that I brought from home?
> >
> >
> The EFS encryption settings are a property of the computer (applied to
> the computer). Your home computer is not a member of a domain,
> therefore it applies its own recovery agent to any EFS encrypted files
> stored on the system.
>
> You may be able to get away with importing and exporting your user
> private key for use at home, but the EFS Recovery agent private key
> would not work... ever.
>
> Brian

Relevant Pages

  • [OT] Re: Basic question about Public Private Key Pairs
    ... > and private keys allow me to decrypt, but vice versa is not possible (or ... a public key and a corresponding private key. ... You can encrypt something with each key; ...
    (microsoft.public.dotnet.security)
  • Re: Back Doors
    ... >> Design into the system a master key. ... Encrypt that with public key. ... Decrypt random symmetric key with private key. ...
    (sci.crypt)
  • Re: More on learning "Public Key Authentication"
    ... let me say that in public key ... >> encrypt the result with Alice's public key. ... >> is sent to Alice who decrypts the message with her private key (which ... > encrypted with my private key and they can then decrypt it with the ...
    (comp.sys.mac.system)
  • Re: RSACryptoServiceProvider decrypt with public key
    ... key/decrypt with the private key and encrypt with the private key/decrypt ... encrypt data and send it back to Alice. ... only she can decrypt Bob's data. ... see the public key and the encrypted data, but she could not decrypt Bob's ...
    (microsoft.public.dotnet.security)
  • Re: EFS File Recovery
    ... and settings associated with the security boundary. ... > I have also tried to use my user private key to decrypt these files that are> on non-domain server2003 box without success. ... How can this be considered a solution to anything when there> are no keys that can ultimatly decrypt the files when all else fails,> including all domain manhines???? ... > how he cannot have his stock investment files because the domain in which> was used to encrypt the files no longer exsists, and although we do have his> data backed up, we cannot decrypt the data because the keys that were used> to encrypt that are no longer any good. ...
    (microsoft.public.windows.server.security)