Bug #221684 “Support for the EFS subsystem of NTFS” : Bugs : ntfs-3g package : Ubuntu

Fred (eldmannen+launchpad) on 2010-05-06

tags:

added: efs ntfs

Revision history for this message

phcoder (phcoder) wrote on 2011-05-05:

#1

Just FYI: even if you have 2 windows installations they are not able to see files encrypted under other system. EFS-encrypted data has much higher risk of being lost due to key stored in windows registry. Reading EFS would involve scanning for windows installations and reading their registries until corresponding key is found. Also EFS probably contains a backdoor to allow FBI (and potentially anyone when their key is leaked) to decrypt everyones data.

Revision history for this message

Fred (eldmannen+launchpad) wrote on 2011-05-05:

#2

Then registry key would be stored in Wine too maybe?

Also maybe you have a NTFS partition with EFS without have Windows installed on the disk or on the computer at all.
You can run NTFS without Windows.
You can run EFS without Windows?

Revision history for this message

Szikra Istvan (szir) wrote on 2012-08-22:

#3

I would like this feature!

You need to do a couple of things to access NTFS EFS encrypted files:

Save NTFS EFS key (from windows)
Run this command (or see the links provided below or use Google):
cipher /x efsbackup.pfx

Access NTFS EFS encrypted files under Linux
you can try this:
ntfsdecrypt [options] -k efsbackup.pfx device [file]
(I couldn't make it work :( "Failed to open encrypted file. Aborting.")
But I need something that decrypts files on the fly just like windows. It would be nice if I could for example specify the pfx certificate file as a mount option for ntfs-3g, and it would do the rest.

Under Windows you just have to import the saved certificate.

---

"Just FYI:" you are an idiot :) Please read up before you start posting BS...
You can have 2 windows, you just have to export and import the EFS certificate (with private keys). (Otherwise you cannot even have 2 account that accesses the same encrypted files.)
There is also a Recovery Agent option...
You have an added risk of data loss due to encryption (loss off encryption key, forgetting password), You have to decide if it's too much. But you should always back up data no matter if it's encrypted or not...
You don't have to scan any registry, just have the EFS key exported.
Sure and the FBI is scanning your brainwaves right now...

---

Some info about NTFS, EFS, FEK, certificates...

How EFS Works
http://technet.microsoft.com/en-us/library/cc962103.aspx

Encrypting File System
http://en.wikipedia.org/wiki/Encrypting_File_System
http://technet.microsoft.com/en-us/library/cc700811.aspx
("Planning for and Recovering Encrypted Files"
"Cipher.exe Security Tool for the Encrypting File System")

How secure is NTFS encryption?
http://security.stackexchange.com/questions/8307/how-secure-is-ntfs-encryption

How to backup and restore Windows NTFS EFS certificates
http://mikebeach.org/2011/11/29/how-to-backup-and-restore-windows-ntfs-efs-certificates/
http://netsecurity.about.com/od/quicktips/qt/efs.htm
How to back up the recovery agent Encrypting File System (EFS) private key in Windows
http://support.microsoft.com/kb/241201

I would like this feature!

You need to do a couple of things to access NTFS EFS encrypted files:

Save NTFS EFS key (from windows)
Run this command (or see the links provided below or use Google):
cipher /x efsbackup.pfx

Access NTFS EFS encrypted files under Linux
you can try this:
ntfsdecrypt [options] -k efsbackup.pfx device [file]
(I couldn't make it work :( "Failed to open encrypted file.  Aborting.")
But I need something that decrypts files on the fly just like windows. It would be nice if I could for example specify the pfx certificate file as a mount option for ntfs-3g, and it would do the rest.

Under Windows you just have to import the saved certificate.

---

"Just FYI:" you are an idiot :) Please read up before you start posting BS...
You can have 2 windows, you just have to export and import the EFS certificate (with private keys). (Otherwise you cannot even have 2 account that accesses the same encrypted files.)
There is also a Recovery Agent option...
You have an added risk of data loss due to encryption (loss off encryption key, forgetting password), You have to decide if it's too much. But you should always back up data no matter if it's encrypted or not...
You don't have to scan any registry, just have the EFS key exported.
Sure and the FBI is scanning your brainwaves right now...

---

Some info about NTFS, EFS, FEK, certificates...

How EFS Works 
http://technet.microsoft.com/en-us/library/cc962103.aspx

Encrypting File System
http://en.wikipedia.org/wiki/Encrypting_File_System
http://technet.microsoft.com/en-us/library/cc700811.aspx
("Planning for and Recovering Encrypted Files"
"Cipher.exe Security Tool for the Encrypting File System")

How secure is NTFS encryption?
http://security.stackexchange.com/questions/8307/how-secure-is-ntfs-encryption

How to backup and restore Windows NTFS EFS certificates
http://mikebeach.org/2011/11/29/how-to-backup-and-restore-windows-ntfs-efs-certificates/
http://netsecurity.about.com/od/quicktips/qt/efs.htm	
How to back up the recovery agent Encrypting File System (EFS) private key in Windows
http://support.microsoft.com/kb/241201

Thomas Hotz (thotz-deactivatedaccount) on 2012-11-30

Changed in linux-ntfs (Ubuntu):
status:	New → Confirmed
Changed in ntfs-3g (Ubuntu):
status:	New → Confirmed

Phillip Susi (psusi) on 2013-05-23

no longer affects:	linux-ntfs (Ubuntu)
Changed in ntfs-3g (Ubuntu):
importance:	Undecided → Wishlist
status:	Confirmed → Triaged

Ubuntu
ntfs-3g package

Support for the EFS subsystem of NTFS

Bug Description

Other bug subscribers

Remote bug watches

Ubuntuntfs-3g package

Support for the EFS subsystem of NTFS

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
ntfs-3g package