How to decrypt a host or caller file to send to support, use with Symantec Packager or use on additional machines


Article ID: 181034


Updated On:


Symantec Products




Security has been increased starting with PCA Box 12.5 SP5 (and PCA Solution 12.6.7) and the Host/Caller/Remote files are now encrypted to ensure that they can only be used by one Host computer.

Before sending Host or Caller files to support or If Host/Caller files are being prepared on a Master PCA machine then the Host/Caller files will need to be decrypted first before they can be copied to other computers.

Once the target computer starts the unencrypted Host file it will immediately encrypt the Host file and Caller files to 'bind' these files to that particular machine.

The awfilemanager command line tool is included in the pcAnywhere installation but a GUI version is availabe for download.  The command line steps are noted below if a script were needing to be creeated or if the use of the command prompt is more convienent when working with the new encrypted CHF, BHF, and CIF files.   

Note: It should be noted that saved passwords will be removed from remote items when they are decrypted. 

Command line tool.

Note: The following list of items must be taken into consideration when decrypting pcAnywhere files.

  • The files must be decrypted from the machine they were created/encrypted on. This is because all of these files are encrypted with local machine keys – hence you cannot transport an encrypted file to another machine and then decrypt them
  • Due to Windows file system permissions issues and possibly pcA registry requirements, you should decrypt files from their default location.
  • Do not include trailing backslashes with folder names'
  • Do not include path when specifying file names
  • The CMD prompt must be launched as Administrator
  • Saved Passwords in remote items will be cleared

The following example is from a Windows 7 machine modify the location of your host folders appropriately to reflect your default host folder.

  1. Open an administrative command prompt
  2. Navigate to the appropriate location 
    • C:\ProgramFiles (x86)\Symantec\pcAnywhere
    • C:\Program Files\Symantec\pcAnywhere
  3. Run the following command modifying to point to your default host folder to decrypt the "New Host.BHF" file modify as needed
    • awFileMgr.exe /DecryptBeHost “C:\ProgramData\Symantec\pcAnywhere\Hosts” “New Host.BHF” “C:\TempHost”
  4. Run the following command modifying to point to your default host folder to decrypt the "AD.New Caller.CIF" file modify as needed and repeat as often as needed for each caller.
    • awFileMgr.exe /DecryptCaller “C:\ProgramData\Symantec\pcAnywhere\Hosts” “AD.New Caller.CIF” “C:\TempHost”
      The Decrypted files will be located in the c:\TempHost\Export folder based on the above commands.   Once these files are decrypted they are ready to send to support or use with Symantec Packager.

GUI tool.

Download and extract the file included in the zip file is the new awFileMgrGUI.exe and the awFileMgrUI.doc with instructions on using the tool. 





pcAConfiguration.pdf get_app get_app