decrypt help...

[kevin]

sorry if this has been asked (repeatedly?), but running into a problem
decrypting some files and i'm seeking help.

the details: i'm running xp pro 32-bit edition on a compaq athlon64. i
installed the customer preview version of xp pro 64bit, but in doing so, i
changed my user name and deleted the old user-name account. the problem, of
course, is that i had encrypted some files with that old user account. i've
created a recovery agent since, and have located (i think) the old
certificate and key in the recycler folder. i've tried importing the
certificate (with the system telling me it has imported it, and showing it
as available to the user-named account i had deleted). but i still can't
access the files.

the question: how do i use the "old" certificate and key combo to
unlock/decrypt the files, since i've already deleted the old user account? i
had thought i could just import the cert/key into my current admin-privilege
account and, voila, open the files. no such luck. i still get the "access
denied" error message.

thanks for any help, and, again, sorry if this has been posted to death.

kevin

 

[Richard Urban]

No, you have it backwards. You create the recovery agent "before" you have
problems working with encrypted files - not after you experience trouble.
And loading/reloading an operating system will likely cause problems. I am
afraid that those files are no longer viable or usable. There is NO backdoor
to the files.

--
Regards,

Richard Urban

aka Crusty (-: Old B@stard

If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!

 

[kevin]

richard:

i've been told (and read) that i did this backwards, and if i could go back
and do it over, i would. but i've also been told (and read) that as long as
i have access to the certificate/key, then i still have the ability to
decrypt the files. i thought i had deleted the certificate/key combo
completely, but, as noted, was able to recover it from the recycler folder
and import it to my current user account. what i'm trying to find now is
how -- if at all -- to use that certificate/key combo to open the files.
that is, knowing the user-account name under which that cert/key was used to
encrypt the files, can i recreate that account, import the cert/key and then
open the files? or, can i somehow add my current user-account to the list of
people with access to that cert/key?

in other words, i'm trying to figure out the steps to decrypting files when
the cert/key combo has been saved but the user account scrapped. it would
seem, from what i've read, that i should be able to decrypt the files as
long as i still have access to the cert/key combo, which i do.

thanks,
kevin

aka "cranky" (hey, i've got a teething toddler at home who just learned to
say "no". what can i say?)

 

[Star Fleet Admiral Q]

If you've imported the cert key and it is still not working, then evidently
it is the incorrect cert key, as the method works provided the correct cert
key is used. Your issue may lie in that the OS was changed from 32-bit to
64-bit on the files in which are encrypted and on the cert key itself.

--

Star Fleet Admiral Q @ your Service!

http://www.google.com
Google is your "Friend"

 

[Ron Bogart]

In

richard:

i've been told (and read) that i did this backwards, and if i could
go back and do it over, i would. but i've also been told (and read)
that as long as i have access to the certificate/key, then i still
have the ability to decrypt the files. i thought i had deleted the
certificate/key combo completely, but, as noted, was able to recover
it from the recycler folder and import it to my current user account.
what i'm trying to find now is how -- if at all -- to use that
certificate/key combo to open the files. that is, knowing the
user-account name under which that cert/key was used to encrypt the
files, can i recreate that account, import the cert/key and then open
the files? or, can i somehow add my current user-account to the list
of people with access to that cert/key?
in other words, i'm trying to figure out the steps to decrypting
files when the cert/key combo has been saved but the user account
scrapped. it would seem, from what i've read, that i should be able
to decrypt the files as long as i still have access to the cert/key
combo, which i do.
thanks,
kevin

aka "cranky" (hey, i've got a teething toddler at home who just
learned to say "no". what can i say?)

The 'cert' ties in with user and system as well as the files. It is such a
slippery slope that most stay as far away from encryption as possible. From
the sounds of it - you have been given the opportunity to learn this the
hard way. Do you perhaps have a good system backup/image where you can
restore the previous version and regain control of your files?

--
Ron Bogart {} ô¿ô¬
Associate Expert
Expert Zone -
Lovin life on Mercer Island 8^)
"Life is what happens while we are making other plans."
In memory of a true friend, MVP Alex Nichol (1935-2005)

 

[kevin]

honestly, ron, i don't know at this point. i have an old backup of the
files, copied to cd before i encrypted them (what a brilliant idea the
latter has turned out to be -- argh!). i think those older versions are what
i'll have to default to. i'm running into brick wall after brick wall re
decryption, even though i'm almost certain the cert/key combo i've recovered
is the correct version for the files. in fact, it has to be; they are the
only files i've ever encrypted on this machine.

i've tried re-establishing a user account with the same name as when i
encrypted the files, then importing the cert/key combo into that account
(with full admin privileges). that doesn't work any better than importing
the cert/key combo into my current user account (with a different name) or
even a direct admin account approach. that said, is there a private or
public key (or some other security block) set up unique to each account,
such that even though i've recovered the cert/key combo from my previous
account i still can't use it for anything?

man, these bricks are hard.

 

[Kerry Brown]

honestly, ron, i don't know at this point. i have an old backup of the
files, copied to cd before i encrypted them (what a brilliant idea the
latter has turned out to be -- argh!). i think those older versions are
what i'll have to default to. i'm running into brick wall after brick wall
re decryption, even though i'm almost certain the cert/key combo i've
recovered is the correct version for the files. in fact, it has to be;
they are the only files i've ever encrypted on this machine.

i've tried re-establishing a user account with the same name as when i
encrypted the files, then importing the cert/key combo into that account
(with full admin privileges). that doesn't work any better than importing
the cert/key combo into my current user account (with a different name) or
even a direct admin account approach. that said, is there a private or
public key (or some other security block) set up unique to each account,
such that even though i've recovered the cert/key combo from my previous
account i still can't use it for anything?

man, these bricks are hard.

You would need a backup of the user profile and machine system state as well
as the files. I had a similar problem. The only way I was able to unencrypt
the files was to image the system, restore from a previous image, unencrypt
the files, copy to CD, then restore the newest image. Did you image or
backup the system before installing the 64bit preview? If not the only
solution is to use your ols unencrypted version of the files.

Kerry

 

[kevin]

kerry:

thanks. i'm certain i don't have an image or backup of the system prior to
the 64-bit preview install. foolishly, i jumped right into the deep end of
the pool -- didn't even partition the hard drive for a dual boot. anyway,
sounds from what you've posted that i just need to get out of the pool. will
do. thankfully, i didn't encrypt a lot of files, and those that i did
encrypt can be restored from the earlier dates and worked from there. hey,
i'm a writer -- if nothing else, this gives me an excuse to edit myself.

again, thanks for help (to all),
kevin