File Share Encryption

 View Only

  • 1.  Symantec Whole Disk Encryption - Admin Passphrase

    Posted Jan 29, 2013 12:00 PM

    I'm running Symantec Whole Disk Encryption 10.3 on a Linux machine.

    I setup a user with password recovery questions.

    According to documentation (10.2) I can run the comment recovery-change-passphrase with an answers file to change the passphrase

    pgpwde --recovery-change-passphrase --user "Alice Cameron" --disk 0 --new-passphrase 'Bilbo%Baggins$Underhill' --answers-file
"C:\pgpwde\answers.txt"

    But when I run it I get

    No passphrase specified
No admin-passphrase specified
No authentication credentials found. Valid credentials for this operation are: 
  User passphrase, 
  admin passphrase, 
  recovery token

"operation change user self recovery user's passphrase failed: Error code -12000: pad parameters"

     

    So the questions are

    1. Shouldn't it work with just the answers file?

    2. I noticed that I can specify an admin passphrase when I add the user which's passphrase I now want to recover.
        The recovery than works with that admin passphrase. But how can I change this admin passphrase?

     



  • 2.  RE: Symantec Whole Disk Encryption - Admin Passphrase
    Best Answer

    Posted Jan 30, 2013 05:47 AM

    The admin passphrase is the passphrase of an existing PGP WDE user, so in your scenario that is the current user.

    In an unmanaged scenario the done thing would be to add an administrator to all encrypted disks so there's always admin access should it be required