EFS key lost after reboot??

From: Pavel (Pavel_at_discussions.microsoft.com)
Date: 11/23/04

• Next message: Malke: "Re: [OT] list of applications that require Administrative privileges"
• Previous message: Marco: "[OT] list of applications that require Administrative privileges"
• Next in thread: Kelvin Yiu [MS]: "Re: EFS key lost after reboot??"
• Reply: Kelvin Yiu [MS]: "Re: EFS key lost after reboot??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 23 Nov 2004 05:21:03 -0800

I used Encrypted File System on my profile and my documents. Windows were
encrypting my data for about 90 minutes. Everything was OK (files were
encrypted, showing green color in Explorer) until next reboot. Then I was
unable to login, there was a disk activity for few hours, then no activity at
all. With other users I can logon. After I managed to login back with my
account (I deleted encrypted wallpaper) I found that I can't open encrypted
files. In mmc my certificate is there, it says "you have a private key
matching the certificate", but I can't export the key (one dialog later it
says "private key not found"). After this point, until the next reboot, all
requests to encrypt/decrypt files just hang and the requesting application
must be killed.

I found three files in <profile>\Application
Data\Microsoft\Crypto\RSA\S-1-5-21-2052111302-630328440-682003330-1003, two
of them encrypted. I restored the encrypted ones from backup (encrypted ones
kept elsewhere), but nothing changed.

Anyone has an idea how private key can get "half-lost" this way? Any idea
how to recover from this situation?

---

• Next message: Malke: "Re: [OT] list of applications that require Administrative privileges"
• Previous message: Marco: "[OT] list of applications that require Administrative privileges"
• Next in thread: Kelvin Yiu [MS]: "Re: EFS key lost after reboot??"
• Reply: Kelvin Yiu [MS]: "Re: EFS key lost after reboot??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Certificates, Keys, Mobile Users, Intended Usage ... Option that you think about uses self signed EFS certificates. ... Better then exporting user's private key as backup is to setup DRA (Data ... there is no EFS certificate and it will generate a new one. ... Mobile computer users benefit from encrypting sensitive ... (microsoft.public.win2000.security) Re: DRA is Decrypting Files when it shouldnt be!!! ... Have you tried that first exporting/deleting the user's private key ... in a user's EFS file and examine the certificate thumbprint to see exactly ... Created a DRA (ex: Cipher ... > before encrypting the files so that the DRA can decrypt them. ... (microsoft.public.windowsxp.security_admin) Re: recovering a encrypted folder in winxp ... Not unless you backed up the certificate which is the first thing you should ... This is the whole purpose of encrypting something, ... the private key should be stored on a cd and then locked away in a safe. ... folder we can seee the folder but cann't see its content as it is ... (microsoft.public.windowsxp.general) Re: RA doesnt work after encrypting in XP ... >I am setting up a standard procedure for encrypting the data folders on ... > as deleting the RA private key using certmgr.msc. ... This works fine and I am able to decrypt them as ... (microsoft.public.win2000.security) Re: Remote signing of large files ... about 'Remote signing of large files': ... the signing of this message digest. ... [Encrypting with the private key allows anyone ... of the private key, or that the private key has been compromised.] ... (Debian-User)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)