Replacing a lost Tech’s encryption key or forgotten Pass Phrase

The 2048 bit key the protects all Technician credentials is protected by a pass phrase. There are a few situation where a tech could lose access to the credentials.

  1. They forget the passphrase
  2. They lose the computer (or it gets destroyed, or stolen) and they get a new computer.

To recover from these situations…if they backed up the encryption keys follow these steps.

  1. Delete c:\users\{user}\RuffianSoftware\*.pp
  2. Open TechClient
  3. Enter a new PassPhrase in the wizard and confirm it
  4. Select Import and choose the saved keys file.
  5. Step through the rest of the Wizard.
  6. As soon as they refresh all the credential information will show up again.

If the tech did not backup the encryption keys follow these steps. Be aware that doing this will lose all the passwords the tech has stored in TechIdManger. That encryption key is the only way to access the stored passwords. Replacing the keys with these steps will get access to all the Managed accounts on all the domains.

  1. Have a manager go into the management console and on the “techs” sections change the tech’s status to “keychange”
  2. On the Tech’s computer
    1. Delete (or rename) c:\users\{user}\RuffianSoftware
    2. Open TechClient
    3. Go through the Wizard
      1. Put in the correct “Client Guid”
      2. Put in the same “Name”, “First name”, “Last Name”, that they were using previously
      3. New keys will be generated.
  3. Have a manager go into the management console and on the “techs” sections change the tech’s status to “active”
  4. The previous accounts will be enabled and new passwords created for this user over the course of the next hour.

 

If you have any questions or need any assistance, let us know. We are glad to help.

1 thought on “Replacing a lost Tech’s encryption key or forgotten Pass Phrase”

Comments are closed.