Using The Cipher Utility In Vista Part I

The Cipher utility is included with Microsoft’s most recent NT-based operating systems. It allows you to do the same tasks-encrypt and decrypt- that you can do through the Graphical User Interface, but also allows you to do much more. IT consultants can take advantage of the Cipher tool’s power to gather encryption information and more quickly perform encryption tasks.

Benefits of the command line encryption tool

What’s the need for a command line encryption tool if it’s so easy to encrypt and decrypt files using the GUI (other than the fact that some of us just like the character-based interface)? While encryption and decryption are easy attributes to set through each file or folder’s property sheet, other encryption-related tasks are difficult (or impossible) to accomplish through the GUI.

For example, what if a user wants to create a new file encryption key? You might think you could generate a new key pair by requesting a new EFS certificate by invoking the Certificate Request Wizard via the Certificates MMC (if you’re in an Active Directory domain) or via the certification authority’s Web page. But what we’re concerned with here is the file encryption key that is generated by EFS and then wrapped with the user’s public key during the encryption process. The Cipher tool allows you to create a new encryption key by simply typing cipher /k.

Using Cipher to gather encryption information

You can use the Cipher command without any switches to quickly ascertain which files and folders in a given directory are encrypted. All you have to do is switch to the desired drive or directory from the command prompt and type cipher.

Each file or folder is listed with either a U or E in front of the file or folder name. U indicates the file is unencrypted and E indicates that it is encrypted. None of the file’s other attributes (Hidden, Read Only, System, Compressed) are indicated.

You can also see which files are encrypted at a glance in Windows Explorer, if the option to show encrypted or compressed NTFS files in color is enabled (this is accomplished via the Folder Options window’s View tab by checking the appropriate check box). The GUI method uses green text to mark encrypted files and blue text to mark compressed ones.

After you encrypt a directory, you are no longer able to switch to the directory and use the Cipher command to view the encryption status of files within the directory. Instead, to see which files within a specified folder are encrypted, use the syntax cipher *. To see the encryption status of the files in the directory named encrypted, you’d type the following command:

Cipher encrypted*

This returns the list of files in the directory with the U or E status attribute for each.