Verschlüsselung bei WinXP-Professional
 

Frage an die Fachleute!

Habe folgendes Problem. Nachdem ich nun mit dem Befehl "CACLS" umgehen gelernt habe und Ordner sperren, freigeben usw. kann, interessiert mich wie es in diesem Zusammenhang mit der Verschlüsselung aussieht. Kann ich einen Ordner, den ich verschlüsselt habe später auch wieder entschlüsseln?

Angenommen ich habe einen verschlüsselten Ordner und muß das System neu aufsetzen. Hätte ich dann noch Zugriff auf diesen Ordner? Kann man die Verschlüsselung von einem anderen User aus umgehen?

Wer weiß Rat?

Gruß
Martin

Re: Verschlüsselung bei WinXP-Professional
 

Hätts sonst einen Sinn? :D

Vielleicht hilft: http://www24.brinkster.com/thorsten1...in2000/enc.htm

CipherDisplays or alters the encryption of folders and files on NTFS volumes. Used without parameters, cipher displays the encryption state of the current folder and any files it contains.

Syntax
cipher [{/e | /d}] [/s:Folder] [/a] [/i] [/f] [/q] [/h] [/k] [/u[/n]]
[{PathName [...]] | /r:PathNameWithoutExtension | /w:PathName | /x[:PathName] PathNameWithoutExtension}]

Parameters
/e
Encrypts the specified folders. Folders are marked so that files that are added to the folder later are encrypted too.
/d
Decrypts the specified folders. Folders are marked so that files that are added to the folder later are encrypted too.
/s:Folder
Performs the selected operation in the specified folder and all subfolders.
/a
Performs the operation for files and directories.
/i
Continues performing the specified operation even after errors occur. By default, cipher stops when it encounters an error.
/f
Forces the encryption or decryption of all specified objects. By default, cipher skips files that have been encrypted or decrypted already.
/q
Reports only the most essential information.
/h
Displays files with hidden or system attributes. By default, these files are not encrypted or decrypted.
/k
Creates a new file encryption key for the user running cipher. If you use this option, cipher ignores all of the other options.
/u
Updates the user's file encryption key or recovery agent's key to the current ones in all of the encrypted files on local drives (that is, if the keys have been changed). This option only works with /n.
/n
Prevents keys from being updated. Use this option to find all of the encrypted files on the local drives. This option only works with /u.
PathName
Specifies a pattern, file, or folder.
/r:PathNameWithoutExtension
Generates a new recovery agent certificate and private key, and then writes them to files with the file name specified in PathNameWithoutExtension. If you use this option, cipher ignores all of the other options.
/w:PathName
Removes data on unused portions of a volume. PathName can indicate any directory on the desired volume. If you use this option, cipher ignores all of the other options.
/x[:PathName] PathNameWithoutExtension
Identifies the certificates and private keys used by EFS for the currently logged on user and backs them up to a file. If PathName is provided, the certificate used to encrypt the file specified are backed up. Otherwise, the user's current EFS certificate and keys will be backed up. The certificates and private keys are written to a file name specified by PathNameWithoutExtension and are given the file name extension .pfx. If you use this option, cipher ignores all of the other options.
/?
Displays help at the command prompt.
Remarks
Using /w
/w removes data from portions of the volume it can access and have not been allocated to files or directories. It does not lock the drive, so other programs can obtain space on the drive, which cipher cannot erase. Because this option writes to a large portion of the hard volume, it might take a long time to complete and should only be used when necessary.

Encrypting or decrypting files
To prevent an encrypted file from becoming decrypted when it is modified, it is recommended that you encrypt both the file and the folder in which it resides.

Using read-only files and folders
Cipher cannot encrypt files that are marked as read-only.

Using multiple folder names
You can use multiple folder names and wildcard characters.

Using multiple parameters
You must separate multiple parameters by at least one space.

Examples
To back up the certificate and private key currently used to encrypt and decrypt EFS files to a file named c:\myefsbackup.pfx, type:

cipher /x c:\myefsbackup

To encrypt the MonthlyReports folder and all subfolders, type:

cipher /e /s:monthlyreports

To encrypt only the Marketing.xls file in the May subfolder, type:

cipher /e /a monthlyreports\may\marketing.xls

To determine which files in the May folder are encrypted, type:

cipher monthlyreports\may\*

--------------------------
PS: aus der windowshilfe :D

Nein nicht schon wieder die Windows Hilfe....:motz: ;)

Ein Freund, dem ich in dieser Sache helfe hat zwar die Professional Version, ich aber nur die Home Edition und dort findet man, wenn man nach "cipher" oder "cacls" sucht nichts.

Schwer peinlich.:verwirrt:

@Pioneer: Meine Frage war nicht richtig formuliert. Meinte natürlich damit, dass ich den Ordner verschlüssle, dann muß ich irgendwann mal Windows neu installieren und DANN möchte ich den Ordner wieder entschlüsseln. Ist ja dann nicht mehr der User, der es verschlüsselt hat, bzw. eine andere Installation. Wenn es nur mit dem Usernamen zusammenhängt ist's logisch das es beim gleichen Namen funktioniert, wenn nicht bliebe der Ordner gesperrt. Mir ist sowas nämlich mal passiert.

Dank' euch für die Hilfe! :)

Gruß
Martin

du kanst dir ein zertifikat austellen und mittels dem kannst du es wiederherstellen.
tipp mal cipher /? ein

cipher /r:pfadzumgewünschtenspeicherort