1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
<topic xml:lang="en-us" id="diskencryption-encryption">
<title>Encrypting Disk Images</title>
<body>
<p>Encrypting disk images can be done either using <ph conkeyref="vbox-conkeyref-phrases/vbox-mgr"/> or the
<userinput>VBoxManage</userinput>. While <ph conkeyref="vbox-conkeyref-phrases/vbox-mgr"/> is easier to use, it
works on a per VM basis and encrypts all disk images attached to the specific VM. With
<userinput>VBoxManage</userinput> one can encrypt individual images, including all differencing images. To
encrypt an unencrypted medium with <userinput>VBoxManage</userinput>, use: </p>
<pre xml:space="preserve">VBoxManage encryptmedium <varname>uuid</varname>|<varname>filename</varname> \
--newpassword <varname>filename</varname>|- --cipher <varname>cipher-ID</varname> --newpasswordid "<varname>ID</varname>
</pre>
<p>To supply the encryption password point <userinput>VBoxManage</userinput> to the file where the password is
stored or specify <codeph>-</codeph> to let <userinput>VBoxManage</userinput> ask you for the password on the
command line. </p>
<p>The cipher parameter specifies the cipher to use for encryption and can be either
<codeph>AES-XTS128-PLAIN64</codeph> or <codeph>AES-XTS256-PLAIN64</codeph>. The specified password identifier
can be freely chosen by the user and is used for correct identification when supplying multiple passwords during
VM startup. </p>
<p>If the user uses the same password when encrypting multiple images and also the same password identifier, the
user needs to supply the password only once during VM startup. </p>
</body>
</topic>
|
