I'm testing DETech to decrypt drives encrypted with McAfee Drive Encryption, as part of the process loginto ePO and downloading the XML Recovery File for that specific computer is required.
I'd like to create a USB stick or CD that could be used to decrypt all the PCs in the company, but haven't seen the option to download multiple XML files at once or a sort of 'master' XML file valid for all PCs. Is there a way to do this, either being able to download multiple XML files for all the computers, or any other method that allows creating a bootable disk to decrypt everything?
As far as I know there are two methods:
- using python (can be downloaded via ePO Software Manager) and then e.g. use this script:
# To invoke this script pass the servername, the port, the username to run the script as, and
# the name of the file containing the systems as command line arguments:
# C:\>python _exportMachineKeys.py yourservername 8443 yourusername systems.txt
# Verify correct number of arguments are given
if(len(sys.argv) != 5):
print 'Usage: python _exportMachineKeys.py <servername> <port> <username> <filename>'
filename = sys.argv
# Prompt for the password
print 'Enter password: '
pwd = sys.stdin.readline().strip()
mc = mcafee.client(server,port,user,pwd)
f = open(filename, 'r')
for line in f:
computerName = line.rstrip('\n')
print 'Exporting Machine Key for system: ' + str(computerName)
result = mc.eeadmin.exportMachineKey(machineName='%s' % computerName, oldKeys="True")
print str(computerName) + '.xml written to disk'
I recommend not to use such a tool, since the USB stick you're creating will contain all decryption keys of the systems in your environment. Anyone who finds the key can decrypt all your systems!