pathname
Defines the location of a
file to encrypt or query. The pathname includes the drive, path, and
filename. The pathname can include multiple files or directories;
separate each file or directory with a space. You may also use wildcard
characters with a pathname.
directory
Defines an
absolute or relative directory path. The directory can contain a drive
when you use an absolute path. You can't specify a filename as part of
the directory argument.
filename
Defines a filename
without a file extension. You can't include a drive or path as part of
the filename. The filename can't contain wildcard characters.
efsfile
Defines an Encrypting File System (EFS) path that can include a drive, path, and filename.
/A
Performs tasks
on files as well as directories. The file and its associated parent
directory receive any changes you make to the file alone. The reason you
want to change the parent directory is that an encrypted file can
become decrypted when you modify it in a directory that you haven't
encrypted. Microsoft recommends that you encrypt both the file and its
parent directory. You also use this command line switch to encrypt just
the file. For example, if you want to encrypt a file named NewFile.TXT, you'd type Cipher /A /E /F NewFile.TXT at the command prompt and press Enter.
/ADDUSER
Adds a user as
someone who can access an encrypted file. You must provide a credential
for the user to use when accessing the file. Cipher makes it possible to
use a certificate hash or a certificate file. When using a certificate
file, Cipher accesses the certificate hash in the file and records it.
/B
Aborts the encryption when encountering an error. By default, Cipher attempts to continue the encryption.
/C
Displays information about the encrypted file.
/CERTFILE:
filenameSpecifies the name of file that contains a hash for the user.
/CERTHASH:
hashProvides the actual hash used to define security access for the user.
/D
Decrypts the
specified directories or files. When working with a directory, the
directory is marked so the system won't encrypt files added to it
afterward. You must include the /A command line switch to work with files.
/E
Encrypts the
specified directories or files. When working with a directory, the
directory is marked so that the system automatically encrypts any files
added to it afterward. You must include the /A command line switch to work with files.
/F
Forces the
encryption operation on all specified objects, even those that the
system has already encrypted. Normally, the system skips any files that
are already encrypted. You may have to use this switch when working with
files in some instances.
/H
Forces the system to
work with files (encrypt, decrypt, or query) that have the hidden or
system attributes. Normally, the system skips files with these
attributes.
/I
Forces
Cipher to continue performing tasks even after it experiences an error.
Normally, Cipher stops performing tasks when it encounters an error.
Using this command line switch allows a batch file to continue
processing files, even when some of the files failed to react as
anticipated. You should redirect the output to a log file when using
this option to track the errors and take any required remedial action
when the task completes.
/K
Defines a new
encryption key for the user running Cipher. You can't use any other
command line switches with this command line switch. The system displays
a message that includes the new key when you use this option. Save this
thumbprint to a file so that you can use it to open files encrypted on
one machine on another machine.
/N
Prevents the system from updating keys used to encrypt files. Use this command line switch with the /U
switch to locate all encrypted files on a local drive without actually
performing any updates. Use redirection to place the list of encrypted
files in a text file for later use.
/Q
Reports only essential information, such as errors, rather than general information including success messages.
/R
Generates an EFS
recovery agent key and certificate. Cipher writes them to a PFX file
(which contains the certificate and private key) and a CER file (that
contains only the certificate). An administrator can use these files to
add the certificate to another machine or as a means of recovering
encrypted files on the current machine.
/REKEY
Updates the
specified files to use the current configured EFS key. This option uses
the key associated with the current user account. The user must have the
required access using the old key and also have a new current key. You
use this option to update files before discarding an old key.
/REMOVEUSER
Removes a user from
the list of users who can share a common encrypted file. You must supply
the actual security hash value for the user. In addition, you must
supply the Secure Hashing Algorithm 1 (SHA1) hash value for the
certificate.
/S
Performs the requested tasks in the current directory and all subdirectories.
/Smartcard
Writes the
recovery key and certificate to a smart card, rather than writing the
information to a file. You use this option with the /R
command line switch. This option requires that you install special
hardware on your system, including a device for writing to smart cards.
/U
Touches all of
the encrypted files on local drives. This action updates the user's
encryption key or recovers the agent's key to the current keys, using
any of the techniques described in this section (such as using the /K
command line switch), if you've changed them. This command line switch
fails with encrypted files that don't belong to the current user.
However, it does list all of the encrypted files even if they belong to
another user. Use this command line switch with the /N switch if you want to list the encrypted files without changing them.
/W
Removes
(wipes) data from the available unused disk space on the entire volume.
You must use this option alone. You can specify any directory on the
local hard drive. When working with a mount point, the Cipher utility
removes the data from the remote drive. Use this option with care since
it wipes out all data from deleted files, making recovery with most
recovery tools impossible.
/X
Creates a backup of
the current EFS certificate and keys into the specified file. If you
supply the EFSFile input, the utility only backs up the current user's
certificate. Otherwise, the utility backs up both the EFS certificate
and any required keys.
/Y
Displays your current EFS certificate thumbnail on the local PC.
