Loading
search-img

Detlev Eufinger (Flexera Software)

December 19, 2019 at 8:00 AM

How to use the feature “ENCRYPTION and DECRYPTION OF INVENTORY DATA”

 

Background

In the past, we had no way to decrypt or encrypt our inventory files (* .snowpack).

This is useful for customers with specific security requirements.

 

Previous Solution:

By default, our Snow Inventory Agent uses a standard key to encrypt (*.snowpack) files.

This key is hard coded in both Snow Inventory Agent for encryption and Snow Inventory Server for decryption. This standard key is the same for all customers and therefore cannot be given to any customer.

All customers had to contact Snow Support to decrypt their own inventory files.

This was very time consuming,

 

New Solution:

Snow has now created the possibility to create your own encryption keys.

How does it work?

With the tool AESKEYGEN, you can create your own custom crypto keys for a certain agent or group of computers. The tool creates a key that needs to be copied to a folder on the Inventory server as well as to a folder on the computers to be inventoried. The file is named <fingerprint>.cryptkey.

Run aeskeygen.exe <Path> to create your own crypto key

 

crypt2

 

The result is shown

 

crypt3

Use this setting in the configuration file of the Inventory server (snowserver.config) to specify the folder where the crypto keys are located:

 

crypt1

 

To specify the fingerprint of the crypto key to use for Snowpack encryption, use these settings in the configuration file of the agent (snowagent.config), and the folder where it is located.

 

crypt4

 

Deploy your Agent with your created crypto key.

With the tool SNOWPACK-UTIL, you can decrypt your generated (*.snowpack) files

Use it with the following options:

 

crypt5

 

The unpack command will decrypt the file and unpack the content to a sub-folder of the current folder. To unpack the content, use the following syntax:

 

crypt6

 

The pack command will generate a new snowpack file based on the content of a specified folder and encrypt it with the fingerprint of your custom key.

 

To generate a file, use the following syntax:

crypt7

 

Note1:

  • Both tools can be ordered from Snow Support

Note2:

  • The encryption level is AES128 bit

Note3:

  • You cannot handle inv files with the tools.

Note4:

  • The snowpack-util cannot decrypt the default encryption key

Note5:

  • The standard snow encryption and decryption always works.

 

 

 

  • 1 comment
  • 375 views

  • Community Manager (Flexera Software)

    Thanks you, Detlev! This is very detailed and useful Cheers! Ester Memoli

+1.800.374.4353
CONTACT SALES SUPPORT HUB FLEXERA REVENERA
© 2026 Flexera. All rights reserved.
Privacy policy Terms and conditions Revenera Community Help
Loading
Feed Detail