J
Jake
I need some help understanding how to use EFS. Maybe I'm just stupid
but I've not been able to grasp how this works and especially to simply
get it to work as I want.
I've read over and over again that I can encrypt files on one PC and use
them on another one, as long as I "import" the "key".. BTW, I'm lost
on this public/private/key/certificate stuff.. I have read the help
files and numerous other material and the more I read the more confused
I get.
Ultimately I want to encrypt files on my Vista Ultimate laptop and back
them up then have the capability to restore them to another PC (XP Pro
or Vista ULT) and get access to them if necessary. I would like to
protect my data from prying eyes in case the PC is stolen. (BitLocker
isn't an option since my PC has no TPM chip and I'm not willing to
keep up with a thumbdrive just to get into my PC and especially don't
want to depend on myself not losing that thumbrive.)
I'm a home user. I have no Active Directory Domain nor do I want one.
I'm also not at all interested in reading some in-depth multi-chapter
whitepaper that's tailored to the corporate security chief.
What I need are straight-up answers to simple questions that I can't
find ANYWHERE on any Microsoft document that I've been able to locate.
I want to be able to ensure I can open my encrypted files on another PC
in case my laptop is stolen and I need to restore these encrypted files
from a backup to another computer. Yes I am fully aware that Vista's
file backup doesn't even attempt to backup encrypted files so I'm
testing with some backup programs that do. (Thanks alot Microsoft!)
As a test I've tried this:
I create a folder on a thumbdrive and copy a few files to it and then
encrypt the folder and contents. Fine.. works good.
I export my certificate/key/whatever to a file. (Is it a key or a
certificate - I see the terms used interchangably and THAT makes this
whole thing unnecessarily hard to understand)
I go to another PC and import this thing that I've exported.
I pull the thumbdrive from PC1 and insert into PC2 and try to read the
encrypted files.. "Access denied" ..
I try to remove the encryption and get " you will need to provide
administrator permission to change these attributes". I am an
administrator so how do I do this?
I've even created a recovery agent and exported that certificate and
imported it onto PC2.. no luck.
No matter what I try I am unable to open or decrypt any files on PC2
that were encrypted on PC1. This is supposed to be possible from what
I've read yet no one can demonstrate how it works.
What am I doing wrong or what am I missing? Is this even possible?
This really needs to be easier, or rather better documented.
Any help would be much appreciated
Bryan
but I've not been able to grasp how this works and especially to simply
get it to work as I want.
I've read over and over again that I can encrypt files on one PC and use
them on another one, as long as I "import" the "key".. BTW, I'm lost
on this public/private/key/certificate stuff.. I have read the help
files and numerous other material and the more I read the more confused
I get.
Ultimately I want to encrypt files on my Vista Ultimate laptop and back
them up then have the capability to restore them to another PC (XP Pro
or Vista ULT) and get access to them if necessary. I would like to
protect my data from prying eyes in case the PC is stolen. (BitLocker
isn't an option since my PC has no TPM chip and I'm not willing to
keep up with a thumbdrive just to get into my PC and especially don't
want to depend on myself not losing that thumbrive.)
I'm a home user. I have no Active Directory Domain nor do I want one.
I'm also not at all interested in reading some in-depth multi-chapter
whitepaper that's tailored to the corporate security chief.
What I need are straight-up answers to simple questions that I can't
find ANYWHERE on any Microsoft document that I've been able to locate.
I want to be able to ensure I can open my encrypted files on another PC
in case my laptop is stolen and I need to restore these encrypted files
from a backup to another computer. Yes I am fully aware that Vista's
file backup doesn't even attempt to backup encrypted files so I'm
testing with some backup programs that do. (Thanks alot Microsoft!)
As a test I've tried this:
I create a folder on a thumbdrive and copy a few files to it and then
encrypt the folder and contents. Fine.. works good.
I export my certificate/key/whatever to a file. (Is it a key or a
certificate - I see the terms used interchangably and THAT makes this
whole thing unnecessarily hard to understand)
I go to another PC and import this thing that I've exported.
I pull the thumbdrive from PC1 and insert into PC2 and try to read the
encrypted files.. "Access denied" ..
I try to remove the encryption and get " you will need to provide
administrator permission to change these attributes". I am an
administrator so how do I do this?
I've even created a recovery agent and exported that certificate and
imported it onto PC2.. no luck.
No matter what I try I am unable to open or decrypt any files on PC2
that were encrypted on PC1. This is supposed to be possible from what
I've read yet no one can demonstrate how it works.
What am I doing wrong or what am I missing? Is this even possible?
This really needs to be easier, or rather better documented.
Any help would be much appreciated
Bryan