Re: File xfer Security
- From: "Alun Jones" <alun@xxxxxxxxxxxxx>
- Date: Thu, 13 Dec 2007 14:42:25 -0800
"Jim Bilgin" <Jim.Bilgin@xxxxxx> wrote in message
How can I securely transfer files using a recordable CD from one XP to the
The XP Pro's native file encryption works only in the same HD. The moment
the file is copied to any other media it disables its security feature.
Is there any Microsoft product or a Freeware software that does not expire
nor has a number of files limitation for this purpose?
If you want just to use Microsoft free tools, you can do this. Here's a
1. Encrypt the file.
2. Use NTBackup to create a backup of the file, including the encrypted
state, into a .bkf file.
3. Burn the .bkf file onto CD, and send it to its destination.
4. Use NTBackup to restore the file.
5. Decrypt or access the file.
Extra care is required in step 1 - the file needs to be encrypted using a
key that you will have in place in step 5.
If you've got your key in both boxes, either because you've exported and
imported it, or you're logged on as the same user and you have your EFS key
stored in your roaming profile, then there's nothing to worry about.
If the keys aren't quite that friendly (let's say you're taking a file to
another domain), you'll have to make sure that you encrypt the file with the
Not too hard:
1. export the certificate from the recipient - open certmgr.msc, right-click
on the EFS certificate, and click "export". Export to a CER format, and
don't, don't, don't export the private key. It's private.
2. Send the CER format to the user who's going to encrypt the file.
3. The user who is going to encrypt (or has encrypted) the file imports the
CER file into his "Other People" certificate store in certmgr.msc.
4. Right-click the file you've encrypted, select Properties -> Advanced ->
Details, and then "Add User..."
5. Select the certificate of the recipient.
Now you can do the NTBackup step.
I haven't yet figured out how to do this in Vista, because NTBackup isn't
there, there's no command-line backup tool, and indeed, there's no tool for
backing up an individual file or folder.