1. Compressing Files with compact
The compact command compresses and uncompress files and folders on NTFS drives. The two primary switches you’ll use are /c to compress files and /u
to uncompress them. When files are compressed, Windows Explorer
displays them with blue text. The following table shows some examples
using the compact command.
| compact Command | Description |
|---|
c:\data>compact
Listing c:\Data\
New files added to this directory will
not be compressed.
3617 : 3617 = 1.0 to 1 70-640.rtf
1641 : 1641 = 1.0 to 1 70-642.rtf
2629 : 2629 = 1.0 to 1 70-647.rtf
Of 3 files within 1 directories
0 are compressed and 4 are not compressed.
7887 total bytes of data are stored in
7887 bytes.
The compression ratio is 1.0 to 1.
| If
you enter the command without switches, it shows you the size and
current state of compression for files in the current folder.
The output shows the actual size of the files in
bytes and the compression ratio. A compression ratio of 1.0 to 1
indicates the file is not compressed.
This also shows the uncompressed size and the actual amount of space
taken by the files. Compressed files usually take less space on the disk
than uncompressed files. |
c:\data>compact /c test.txt
| You compress an individual file by using the /c switch and then including the name of the file. |
| If you want to compress all files in the current folder, you can use the /c switch by itself. This also changes the folder attribute to compressed, causing new files added to the folder to be compressed. |
| You can add the /s switch to include subfolders. New files added to any of the folders are compressed. |
| The /u
switch uncompresses files. This example uncompresses all files in the
folder and subfolders. New files added to any of the folders are not
compressed. |
c:\data>compact /c /f test.txt
| You can use the /f
switch to force compression on the file. This is useful if the original
attempt to compress the file is interrupted, leaving the file in a
partially compressed state. |
2. Encrypting Files with cipher
You can encrypt files on NTFS using the cipher
command. These files are encrypted using the Encrypting File System
(EFS) feature of NTFS. The two primary switches you use are /e to encrypt files and /d to decrypt them. When files are encrypted, Windows Explorer displays them with green text.
Note
Files can be compressed or encrypted, however, they cannot be compressed and encrypted.
| cipher Commands | Comments |
|---|
c:\data>cipher
Listing c:\data\study\Server2008\
New files added to this directory
will not be encrypted.
E 70-640.rtf
U 70-642.rtf
U 70-647.rtf
| If you enter cipher without any switches, it shows the current state of the encryption attribute.
Encrypted files are shown with E.
The U attribute indicates the files are not encrypted.
cipher /c provides the same output. |
| The /e
switch used by itself encrypts all the files in the current folder and
changes the folder attribute to Encrypted. New files added to the folder
are encrypted. |
/e file
c:\data>cipher /e 70-642.rtf
| You can add a file name with the /e switch to encrypt only the named file. This doesn’t affect other files or the folder attribute. |
| The /d
switch decrypts encrypted files and folders. This example decrypts all
the files in the current folder as long as the user has appropriate
privileges.
The user must have encrypted the file, been added as an authorized user
for the file, or be a data recovery agent. |
/d file
c:\data>cipher /d 70-642.rtf
| You can unencrypt a single file by specifying the file with the /u switch. |
/u /n
c:\>cipher /u
c:\data>cipher /u /n >
encryptedfileslist.txt
| The /u
switch can be used to locate all encrypted files on all local drives of
a system and update them with the data recovery agent’s certificate if
it has changed.
This switch is useful if the keys have changed, such as when a new data recovery agent is designated.
When used with the /n switch, it lists the files but does not update them. This is useful for creating a list of encrypted files on a system |
| Creates a new file encryption key for the user. |
/w
c:\data>cipher /w:e:
To remove as much data as possible, please close all other applications while
running CIPHER /W.
Writing 0x00
................................................................................
Writing 0xFF
................................................................................
Writing Random Numbers
................................................................................
| Removes data from available unused disk space on a drive.
When files are first encrypted, it’s possible that
remnants of these files are left on the drive. You can remove all
remnants of these files with the /w
switch. The example sanitizes the unused disk space on drive E:. Note
that it first writes all 0s (0x00) to the unused disk space, writes all
1s (0xFF), and then writes random numbers to the drive.
This can also be done on any NTFS drive, even if there aren’t any encrypted files on the drive. |
