|
From: Anton A. <ai...@ca...> - 2007-09-17 14:40:10
|
Hi Matthew, On 17 Sep 2007, at 15:20, Matthew A. Postiff wrote: > I rebuilt from a fresh cvs checkout just now: > > % ntfsdecrypt --version > > ntfsdecrypt v2.0.0 (libntfs 10:0:0) - Decrypt files and print on the > standard output. > > % ./ntfsdecrypt -k /home/...pfx /dev/sda1 "dir/file" > Enter the password with which the private key was encrypted: ********* > There are no entries in the DRF array. > Failed to obtain file encryption key. Aborting. > > I was sort of afraid this might be the outcome, but I'm not sure > what to do at this point. The files on /dev/sda1 were copied from > Windows XP as encrypted backup files. Sorry I do not understand what you mean. Could you explain what this copying involved? > Later my original drive has crashed, but I had saved off the PFX > file and had my password stored safely away. So I don't have access > to the original profile on that machine with its SID or whatever. > Is it the case I might not have backed up certain key files (i.e. > the one containing the FEK)? If so, am I hosed or is there still hope? The FEK is inside the MFT record of the encrypted file... Two things to try: 1) Apply attached patch to you CVS checkout of ntfsdecrypt.c, recompile and try again. |
