1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
|
<?xml version="1.0" encoding="UTF-8"?>
<!--
manpage, user manual, usage: VBoxManage encryptvm
-->
<!--
Copyright (C) 2006-2024 Oracle and/or its affiliates.
This file is part of VirtualBox base platform packages, as
available from https://www.virtualbox.org.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation, in version 3 of the
License.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, see <https://www.gnu.org/licenses>.
SPDX-License-Identifier: GPL-3.0-only
-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"[
<!ENTITY % all.entities SYSTEM "all-entities.ent">
%all.entities;
]>
<refentry id="vboxmanage-encryptvm" lang="en">
<refentryinfo>
<pubdate>$Date: 2024-09-16 16:03:52 +0200 (Mon, 16 Sep 2024) $</pubdate>
<title>VBoxManage encryptvm</title>
</refentryinfo>
<refmeta>
<refentrytitle>VBoxManage-encryptvm</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv>
<refname>VBoxManage-encryptvm</refname>
<refpurpose>change encryption and passwords of the VM</refpurpose>
<refclass>&product-name;</refclass>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis id="synopsis-vboxmanage-encryptvm-setencryption">
<!-- The 'id' is mandatory and must start with 'synopsis-'. -->
<command>VBoxManage encryptvm</command>
<group choice="req">
<arg choice="plain"><replaceable>uuid</replaceable></arg>
<arg choice="plain"><replaceable>vmname</replaceable></arg>
</group>
<arg choice="plain">setencryption</arg>
<arg choice="plain">--old-password <replaceable>file</replaceable></arg>
<arg choice="plain">--cipher <replaceable>cipher-identifier</replaceable></arg>
<arg choice="plain">--new-password <replaceable>file</replaceable></arg>
<arg choice="plain">--new-password-id <replaceable>password-identifier</replaceable></arg>
<arg choice="plain">--force</arg>
</cmdsynopsis>
<cmdsynopsis id="synopsis-vboxmanage-encryptvm-checkpassword">
<command>VBoxManage encryptvm</command>
<group choice="req">
<arg choice="plain"><replaceable>uuid</replaceable></arg>
<arg choice="plain"><replaceable>vmname</replaceable></arg>
</group>
<arg choice="plain">checkpassword</arg>
<arg choice="req"><replaceable>file</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis id="synopsis-vboxmanage-encryptvm-addpassword">
<command>VBoxManage encryptvm</command>
<group choice="req">
<arg choice="plain"><replaceable>uuid</replaceable></arg>
<arg choice="plain"><replaceable>vmname</replaceable></arg>
</group>
<arg choice="plain">addpassword</arg>
<arg choice="plain">--password <replaceable>file</replaceable></arg>
<arg choice="plain">--password-id <replaceable>password-identifier</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis id="synopsis-vboxmanage-encryptvm-removepassword">
<command>VBoxManage encryptvm</command>
<group choice="req">
<arg choice="plain"><replaceable>uuid</replaceable></arg>
<arg choice="plain"><replaceable>vmname</replaceable></arg>
</group>
<arg choice="plain">removepassword</arg>
<arg choice="req"><replaceable>password-identifier</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id="vboxmanage-encryptvm-description">
<title>Description</title>
<para>
The <command>VBoxManage encryptvm</command> command enables you to
change the encryption or add and remove user passwords for the
virtual machine (VM). The following sections describe the subcommands
that you can use:
</para>
<refsect2 id="vboxmanage-encryptvm-setencryption">
<title>Set encryption of the Virtual Machine</title>
<remark role="help-copy-synopsis"/>
<para>
The <command>VBoxManage encryptvm
<replaceable>vmname</replaceable> setencryption</command> command
changes encryption of a VM.
</para>
<para>
Use the <option>--old-password</option> to supply old encryption
password. Either specify the absolute pathname of a password file
on the host operating system, or <literal>-</literal> to prompt
you for the old password.
</para>
<para>
Use the <option>--cipher</option> option to specify the
new cipher for encryption of the VM. Only <literal>AES-128</literal>
and <literal>AES-256</literal> are supported. Appropriate mode
GCM, CTR or XTS will be selected by VM depending on encrypting
component.
</para>
<para>
Use the <option>--new-password</option> option to specify the
new password for encryption of the VM. Either specify the absolute
pathname of a password file on the host operating system, or
<literal>-</literal> to prompt you for the new password.
</para>
<para>
Use the <option>--new-password-id</option> option to specify the
new id for the password for encryption of the VM.
</para>
<para>
Use the <option>--force</option> option to make the system
to reencrypt the VM instead of simple changing the password.
</para>
</refsect2>
<refsect2 id="vboxmanage-encryptvm-checkpassword">
<title>Check the supplied password is correct</title>
<remark role="help-copy-synopsis"/>
<para>
The <command>VBoxManage encryptvm
<replaceable>vmname</replaceable> checkpassword</command> command
checks the correctness of the supplied password.
</para>
<para>
The password can be supplied from file. Specify the absolute
pathname of a password file on the host operating system. Also,
you can specify <literal>-</literal> to prompt you for the password.
</para>
</refsect2>
<refsect2 id="vboxmanage-encryptvm-addpassword">
<title>Add password for decrypting the Virtual Machine</title>
<remark role="help-copy-synopsis"/>
<para>
The <command>VBoxManage encryptvm
<replaceable>vmname</replaceable> addpassword</command> command
adds a password for decrypting the VM.
</para>
<para>
Use the <option>--password</option> to supply the encryption
password. Either specify the absolute pathname of a password file
on the host operating system, or <literal>-</literal> to prompt
you for the password.
</para>
<para>
Use the <option>--password-id</option> option to specify the
id the password is supplied for.
</para>
</refsect2>
<refsect2 id="vboxmanage-encryptvm-removepassword">
<title>Remove password used for decrypting the Virtual Machine</title>
<remark role="help-copy-synopsis"/>
<para>
The <command>VBoxManage encryptvm
<replaceable>vmname</replaceable> removepassword</command> command
removes a password used for decrypting the VM.
</para>
<para>
Specify the password identifier for removing. The password becomes
unknown and the VM can not be decrypted.
</para>
</refsect2>
</refsect1>
<refsect1 id="vboxmanage-encryptvm-examples">
<title>Examples</title>
<remark role="help-scope" condition="GLOBAL" />
<para>
The following command encrypts the <filename>ol7</filename> VM using
AES-256 giving password via command prompt:
</para>
<screen>$ VBoxManage encryptvm ol7 setencryption --cipher=AES-256 --new-password - --new-password-id vmid</screen>
</refsect1>
<refsect1 id="vboxmanage-encryptvm-see-also">
<title>See Also</title>
<para>
<xref linkend="vboxmanage-createvm" />,
</para>
</refsect1>
</refentry>
|
