Is there a way to see which groups/users have access to an RSA key container?

Question

I used aspnet_regiis to create an RSA key container (machine container).

I want to secure it and I know I can use the -pa and -pr commands to specify access. But is there a way to see which accounts/groups have access to it?

My concern is I created a container that is basically an open book that anyone can access on this machine and get the private key.

score 7 · Accepted Answer · answered Nov 20 '12 at 14:33

7

Machine Keys are stored in: %ProgramData%\Microsoft\Crypto\RSA\MachineKeys

They have normal file permissions, you can view as you'd like. Be careful changing permissions, they're easy to screw up.

answered Nov 20 '12 at 14:33

Chris S

77,337
11
120
212

1

You are my hero, the wind beneath my wings. Not sure why this eluded me -- I was aware of this storage location but for some reason I was thinking these key containers were "magic". Thank you! – kingdango Nov 20 '12 at 17:05
1

The files in this folder have hex-formatted names, so how do I find a key container with specific name? Any idea? – Alek Davis Aug 09 '18 at 17:46

Is there a way to see which groups/users have access to an RSA key container?

1 Answers1