- May 12, 2016 at 2:31 am #38981
I am following the book "PowerShell In Depth" and in Credentials topic I found this Line
"When PowerShell performs that encryption, it does so using a locally
stored encryption key. Move the script and password file to another machine and it
won't work, because the local encryption key will be different"
But when I tried to import the encrypted Password from another server but using the same file(Which was stored on my roaming profile) I can still decrypt the Password.
So is the encryption key user dependent?May 12, 2016 at 3:04 am #38983
When using a encryption key it will work between machines. If you don't specify an encryption key it will not work between machines
Let me know if that helps, I can go into more detail if you want 🙂
Cheers.May 12, 2016 at 3:31 am #38987
Thank You Alex.I did not use -Key parameter but still was able to reproduce the Password in plain text that was in encrypted text format(Output of ConvertFrom-SecureString) between machines on same domain.
However the file was stored in my Roaming Profile.May 12, 2016 at 3:50 am #38989
Hmm that is interesting.
I wonder if it thinks its the same machines because its stored in your roaming profile.
Would be one to test (I don't have a roaming profile setup here). Let me see if I can test by putting it in a share.May 12, 2016 at 3:53 am #38991
The encryption keys are stored in your user profile, so roaming profiles should be fine cross-machine. There's also an AD feature called Credential Roaming which can make this work without needing to use roaming profiles.May 12, 2016 at 3:55 am #38992
Thank you Dave, that is interesting. Something to keep a note of 🙂May 12, 2016 at 4:00 am #38993
Thank You Dave It makes sense to me know.
Thank You Alex
You must be logged in to reply to this topic.