The cipher command is used for encryption in the Vista system.

Cipher [/E |/d |/C]

[/S: Directory] [/B] [/h] [pathname [...]

Cipher/K

Cipher/R: filename [/smartcard]

Cipher/U [/n]

Cipher/W: Directory

Cipher/X [: efsfile] [filename]

Cipher/y

Cipher/adduser [/certhash: Hash |/certfile: Filename]

[/S: Directory] [/B] [/h] [pathname [...]

Cipher/removeuser/certhash: Hash

[/S: Directory] [/B] [/h] [pathname [...]

Cipher/rekey [pathname [...]

/B. If an error occurs, it is aborted. By default, cipher continues to run even if an error occurs.

/C displays information about the encrypted file.

/D. decrypt the specified file or directory.

/E encrypts the specified file or directory. The directory will be marked, so that the files subsequently added will be encrypted. If the parent directory is not encrypted, the encrypted file will be decrypted when it is modified. We recommend that you encrypt the file and the parent directory.

/H displays files with hidden or system properties. These files are ignored by default.

/K create a new certificate and key to use EFS. If this option is selected, all other options are ignored.

/N this option can only be used with/U. This prevents key updates. This option is used to find all encrypted files on the local disk.

/R generates an EFS recovery proxy key and certificate, and then writes them to A. pfx file (including the certificate and private key) and A. Cer file (only including the certificate ). The administrator can add. Cer content to the EFS recovery policy, create a recovery proxy for the user, and import. pfx to restore individual files.

If a SmartCard is specified, then the recovery key and certificate are written to the smart card to generate the CER file (including only the certificate) without generating the pfx file.

/S executes the specified operation in the given directory and all subdirectories.

/U tries to include all encrypted files on the local disk. If the user's file encryption key or recovery proxy key changes, this will update it to the current key. Except/N, this option cannot be used with other options.

/W deletes data from all unused disk spaces on the entire volume. If this option is selected, other options are ignored. The specified directory can be anywhere on the local volume. If it is a mount point or a directory pointing to another volume, the data on this volume will be deleted.

/X backs up the EFS certificate and key into the file name. If an EFS file is provided, the current user's certificate used to encrypt the file is backed up. Otherwise, the current EFS certificate and key are backed up.

/Y displays the current EFS certificate thumbnail on the local PC.

/Adduser: Add a user to the specified encrypted file. If certhash is provided, the password searches for certificates with the sha1 hash. If certfile is provided, the password extracts the certificate from the file.

/Rekey: update the specified encrypted file to use the configured EFS current key.

/Removeuser: deletes a user from a specified file. Certhash must be the sha1 hash of the certificate to be deleted.

Directory directory.

Filename: The name of a file without an extension.

Pathname specifies a mode, file, or directory.

The file path encrypted by efsfile.

When no parameter is required, cipher displays the encryption status of the current directory and the files it contains. You can use several directory names and wildcards. There must be spaces between multiple parameters.

ArticleCopyright from http://vista.zol.com.cn owned by original author