Professional Windows Server 1002003 Security A Technical Reference [Electronic resources]

Roberta Bragg

نسخه متنی -صفحه : 415/ 285
نمايش فراداده

cipher

Displays or modifies the encryption state of files and directories on NTFS volumes.

Syntax

cipher [/e | /d] [/s:directory] [/a] [/i] [/f] [/q] [/h] [/k] [/u[/n]]
[pathname [...]]
cipher /r:pathnamewithoutextension
cipher /w:pathname
cipher /x[:pathname] pathnamewithoutextension

Options

None

Lists encryption state of current directory and its files.

pathname [...]

Specifies files or directories to be processed.

/e

Encrypts specified directories.

/d

Decrypts specified directories.

/s:directory

Recursively processes all subdirectories in specified directory (can't be used more than once in a single command).

/a

Processes specified files. (If there is no matching file, the switch is ignored.)

/i

Ignores errors during processing.

/f

Forces encryption/decryption of specified files even if they have already been encrypted/decrypted.

/q

Switches to quick (nonverbose) output.

/h

Shows files with Hidden or System attributes. (These files aren't encrypted or decrypted.)

/k

Creates a new EFS key for the current user (use this switch alone).

/u

Updates all encrypted files with new file encryption key or recovery agent key (use this switch by itself or with /n)

/n

When used with /u, this option finds all encrypted files on local drives.

/r:pathnamewithoutextension

Generates a new recovery agent certificate and private key, which are then written to the specified file (this option must be used by itself).

/w:pathname

Removes data stored on unused portions of a volume (this option must be used by itself).

/x[:pathname] pathnamewithoutextension

Identifies and backs up certificates and private keys used by EFS for currently logged-on user, with the resulting file having a .pfx extension.

Examples

View the encryption state of files and directories in the root of H: drive:

cipher h:\*
Listing h:New files added to this directory will not be encrypted.
U doc1.txt
E doc2.txt
U pub

Encrypt the

pub folder shown earlier:

cipher /e h:\pub
Encrypting directories in h:pub                 [OK]
1 directorie(s) within 1 directorie(s) were encrypted.

New files added to

pub now will be encrypted. To encrypt only the file

doc3.txt in

pub :

cipher /e /a h:\pub\doc3.txt
Encrypting files in h:\pubdoc3.txt            [OK]
1 file(s) [or directorie(s)] within 1 directorie(s) were encrypted.

Notes

  • Wildcards work with files but not directories.

  • You can't encrypt system or compressed files.

See Also

Files and Folders