Cipher Command In Windows Server 2008
In this article I am going to explain about cipher command in windows server 2008.
Introduction
Cipher command is Windows server 2008 command line tool. Cipher command is used to encrypt or decrypt the directories and files on NTFS partition. It simply used to display or change the encryption status of files and directories. The basic syntax to apply cipher command is given below.
Syntax
cipher [/e | /d | /c] [/s:<Directory>] [/b] [/h] [PathName [...]]
cipher /k
cipher /r:<FileName> [/smartcard]
cipher /u [/n]
cipher /w:<Directory>
cipher /x[:efsfile] [FileName]
cipher /y
cipher /adduser [/certhash:<Hash> | /certfile:<FileName>] [/s:Directory] [/b] [/h] [PathName [...]]
cipher /removeuser /certhash:<Hash> [/s:<Directory>] [/b] [/h] [<PathName> [...]]
cipher /rekey [PathName [...]]
|
Parameters of Cipher command
| Parameter |
Description |
| /e |
It encrypts the specified folder and files. New files added will be encrypted. |
| /d |
Decrypts the specified folders and files. |
| /c |
Display information on the encrypted file. |
| /s:<Directory> |
It does the specified operation on all subdirectories in the given directory. |
| /b |
Aborts if an error is encountered. |
| /h |
Displays files with hidden or system attributes. By default, these files are not encrypted or decrypted. |
| /k |
Creates a new certificate and key for use with Encrypting File System ( EFS) files. All the other parameters are ignored if this option is used. |
| /r:<FileName> [/smartcard] |
Generates a a recovery agent key and related certificate and then writes them to .pfx file( which contains private key and certificate) and CER files ( which include only certificate). If smart card is given then it writes recovery key and certificate to smartcard and pxc file will not be generated. |
| /u [/n] |
If used without /n it compares the user's file encryption key and the recovery agent's key to the current ones and update them when they are changed. If used with /n, it prevents keys from being updated. |
| /w:<Directory> |
Cleans data from available unused disk space on the entire volume. If /w parameter is given than all other parameters will be ignored. |
| /x[:efsfile] [<FileName>] |
It is used for backing up EFS certificate and keys to the specified file name. If :efsfile is used with /x then users certificate that was used for encryption is backed up otherwise users current certificate and keys will be backed up. |
| /y |
Displays your current EFS certificate thumbnail on the local computer. |
| /adduser [/certhash:<Hash> | /certfile:<FileName>] |
Add user to specified encrypted file. If certhash is
given, cipher will search for a certificate with this SHA1
hash. If certfile is provided, cipher will extract the
certificate from the file. |
| /removeuser /certhash:<Hash> |
Removes a user from specified encrypted file. |
| /rekey |
Update given encrypted file to use current EFS key. |
Ask Your Question
Got a programming related question? You may want to post your question here
Programming Answers here