Practicing EFS security and certificate

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Dear all,

I am preparaing the 70-270 exam of WIndows XP and Administration, and in MS press book
training kit I used for there are some unclear point on EFS and certificate.

First of all is based on file ecryption which used public and private key concept. it is advise on the book to keep
in a safe place the private and plublic key in case it is lost or damage.

For that it is advise to store them on a flash card or CD or Network, then when decryption is needed we insert the flash card with key' s on it and when finished we remove the flash card.

How can I practice those thinks ?

1- Where both key are stored ?
2- How to store them in the flash card and remove them from the system ?
3 - How to tell the decryption process that keys location are on the flash and not on hard disk anymore when decryption is require ?

Thanks for helping me answering those question I am fighting for days now to make it work in that way.

Regards
Serge
 
Start MMC (Start/Run: MMC [ENTER]), File, Add/Remove
Snap-in,Add,Certificates,Add,My user account, etc...
Right click on Certificates and select Find Certificates, locate the
certificate used for EFS, right click on it and select All Tasks, and select
Export. Use the option to back up the private key. Copy the backup file
onto a Flash card, CD or whatever media. To import the certificate simply,
double click on it.

If you don't have a EFS configured, go to the local security policy (in
admin tools), locate the right settings and request a new certificate. You
will need to either link to a Certificate Authority (if you have one) or
create a request file and then obtain a certificate from a root authority
(ie Verisign).
 
What you are describing below is the backup/data reconvery scenario.
Normally your EFS key and certificate are managed like all your other keys
and certificates by CryptoAPI+DPAPI. EFS currently is not supported with
smartcards.

http://www.msdn.microsoft.com/libra...ecure/html/WinNETSrvr-EncryptedFileSystem.asp
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx

--
Shreeniwas Kelkar [MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.


Serge calderara said:
Dear all,

I am preparaing the 70-270 exam of WIndows XP and Administration, and in MS press book
training kit I used for there are some unclear point on EFS and certificate.

First of all is based on file ecryption which used public and private key
Click to expand...
concept. it is advise on the book to keep
in a safe place the private and plublic key in case it is lost or damage.

For that it is advise to store them on a flash card or CD or Network, then
Click to expand...
when decryption is needed we insert the flash card with key' s on it and
when finished we remove the flash card.
How can I practice those thinks ?

1- Where both key are stored ?
2- How to store them in the flash card and remove them from the system ?
3 - How to tell the decryption process that keys location are on the flash
Click to expand...
and not on hard disk anymore when decryption is require ?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Re: How to decrypt files without the EFS Certificate 4
New EFS tool available - EFS Certificate Configuration Updater 14
Questions & Results on a Trivial EFS Experiment 6
EFS and private and public key handling ??? 1
EFS Trouble - External Drive 2
EFS Data Recovery 1
Help with EFS 1
Unable to recover EFS file using recovery agent 5

Back
Top