Need help with Windows XP EFS
Last response: in Windows XP
Hi,
I just reinstalled my computer, and after that I found that the floppydisk with my certificate on it was broken. So now I have a disk with encrypted files.
I did backup my profile, so I should have everything to decrypt the files.
I have:
*- The certificate & public key, which was in Application Data\Microsoft\SystemCertificates\My\Certificates\C394FA2E4079CCA0E2F57FA19C33F04F41163AEB
*- The private key, which was in Application Data\Microsoft\Crypto\RSA\S-1-5-21-776561741-1500820517-839522115-1003\b4e9627bb7799e0576dc354ad84a2c40_874aecbf-f9fe-4877-8ff3-a7c85536bac2
*- The SID of the user that encrypted the files (S-1-5-21-776561741-1500820517-839522115-1003)
*- A bunch of keys in Application Data\Microsoft\SystemCertificates\My\Keys, which should include the master key with which the private key is encrypted.
*- And at last, the password of the user the files were encrypted with.
If I copy the certificate in a new profile the certificate seems to be working, however if I try to export it it compains about a missing private key. Even when the private key is also copied to the right location.
I'm guessing that is because in XP the private key is encrypted with the master key which is obviously different on this new install so it can't read the private key.
I was hoping someone here knows a bit more about the master key, especially where it's stored exactly and possibly how to replace my current master key with the backed up one so that the private key can be read and I can decrypt some files!
Any other suggestions welcome and thanks in advance.
I just reinstalled my computer, and after that I found that the floppydisk with my certificate on it was broken. So now I have a disk with encrypted files.
I did backup my profile, so I should have everything to decrypt the files.
I have:
*- The certificate & public key, which was in Application Data\Microsoft\SystemCertificates\My\Certificates\C394FA2E4079CCA0E2F57FA19C33F04F41163AEB
*- The private key, which was in Application Data\Microsoft\Crypto\RSA\S-1-5-21-776561741-1500820517-839522115-1003\b4e9627bb7799e0576dc354ad84a2c40_874aecbf-f9fe-4877-8ff3-a7c85536bac2
*- The SID of the user that encrypted the files (S-1-5-21-776561741-1500820517-839522115-1003)
*- A bunch of keys in Application Data\Microsoft\SystemCertificates\My\Keys, which should include the master key with which the private key is encrypted.
*- And at last, the password of the user the files were encrypted with.
If I copy the certificate in a new profile the certificate seems to be working, however if I try to export it it compains about a missing private key. Even when the private key is also copied to the right location.
I'm guessing that is because in XP the private key is encrypted with the master key which is obviously different on this new install so it can't read the private key.
I was hoping someone here knows a bit more about the master key, especially where it's stored exactly and possibly how to replace my current master key with the backed up one so that the private key can be read and I can decrypt some files!
Any other suggestions welcome and thanks in advance.
More about : windows efs
Quote:
I did backup my profile, so I should have everything to decrypt the files.Nope. Every time you reinstall your system, OS assigns new and <b>unique</b> SID (Security Identifier) to your computer even when you backup your old profile to it. Without your original <b>recovery agent certificate</b> and its <b>personal encryption certificate (with its associated private key</b>) which you exported to save in floppy disk, you cannot decrypt the files.
:smile: Good or Bad have no meaning at all, depends on what your point of view is.
Related ressources:
- Forumtroubleshooting shared EFS on Windows XP
- ForumEncrypting File System - EFS in Win XP
- ForumEncrypting File System - EFS in Win XP
- ForumEFS Certificate location
- ForumEFS and Certificate Services
- ForumEFS activation
- ForumEFS On Drive Works With >1 Computer?
- ForumEncrypting Remote Files with EFS
- ForumEFS Issue
- ForumWinXp EFS decryption problem
- ForumEFS Key Restoration from backup file
- Forumefs
- Forumbaffled by efs
- ForumWeirdness when disable EFS via Group Policy
- ForumEFS
- ForumEFS
- ForumRecover Default EFS Security Certificate From Old Drive???
- ForumEnable efs windows xp
- ForumHELP!!! Please with Windows XP
- ForumWindows XP Right Click Problem
- More resources
Read discussions in other Windows XP categories
!
