File Share Encryption

 View Only

  • 1.  PGP Decryption

    Posted Jan 27, 2015 12:49 PM

    If any machine is not exist on domain.can we decrypt this machine.because when on pgp tray shows the option of decrypt is disable.however i have tried PGP command pgpwde --decrypt --disk 1 --passphrase.It shows operation failed when i run this command on CMD.My understanding level is saying that if we are not exist on Domain it is  impossible to decrypt machine.



  • 2.  RE: PGP Decryption

    Posted Jan 27, 2015 01:59 PM

    If the system is not on a domain, and not managed by a Symantec Encryption Management Server, then any valid user passphrase for the disk should be able to decrypt the drive.

    Are you sure you are trying to decrypt the correct disk?  Usually the boot disk is Disk 0.  Is it an external drive you want to decrypt?

    Run the following to get the correct disk number:
    pgpwde --enum

    You should be able to see all of your encrypted drives and their disk number.



  • 3.  RE: PGP Decryption

    Posted Jan 28, 2015 09:43 AM

    Thanks Mike.

    i have another query.A user is not login by his passphrase on PGP bootguard.he is passing  bootguard by WDRT.now he want to bypass PGP bootguard by his passphrase.so can i decrypt and delete agent.and again installed pgp agent and encrypt again.



  • 4.  RE: PGP Decryption

    Posted Jan 29, 2015 11:18 AM

    If user is added to the disk then he should be able to use the passphrase at bootgaurd. You can enroll the user on the machine or add the user through PGP desktop console.

    Open PGP desktop console--->> Go to drive encryption--->> You will see the option to add "new user passphrase.". You can add the user account here and then you should be able to authenticate at bootgaurd. 

    There is no need to decrypt , uninstall and reinstall.