Cipher /X question

J

jeff.belcher

Hi all,

I'm trying to automate the backup of a user's EFS cert using cipher /X
but for some reason piping in the password via stdin won't work, I
just end up with a .PFX file without password protection. If I don't
specify the path to the .PFX file on the command-line, causing cipher
to prompt me for the location of the .PFX then it will take that path
via stdin no problem, it just won't read the password from stdin.

Can anybody suggest why writing to stdin wouldn't work here, or point
me in the right direction?

Thanks

Jeff
 
G

Guest

Jeff, this is entirely by design that CIPHER /X doesn't accept stdin input.
The reasoning provided when this was first introduced (AFAIK) was to prevent
malware or a "bad actor" from secretly getting a copy of your private key
without your knowledge. All they'd have to do is run a nice little script
(kinda like yours, only with malicious intent) that would stuff their private
key & certificate in some hidden location, to be downloaded/emailed later.

Whether it's a reasonable threat to mitigate vs. the functionality they
eliminate is debatable; whether it fits your use case is obvious. Sorry to
be the bearer of bad news.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ClickOnce Signing 2
General help with XP, EFS, and Domain 1
Questions & Results on a Trivial EFS Experiment 6
Problem restoring EFS key 1
Difficulty restoring PFX certificate 0
launching a commandline program from a c# app 1
EFS encrypt files: Changed PW now can't access... :-( 4
Code Signing 1

Top