26 lines
1.8 KiB
XML
26 lines
1.8 KiB
XML
<?xml version='1.0' encoding='UTF-8'?>
|
|
<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
|
|
<topic xml:lang="en-us" id="diskencryption-encryption">
|
|
<title>Encrypting Disk Images</title>
|
|
|
|
<body>
|
|
<p>Encrypting disk images can be done either using <ph conkeyref="vbox-conkeyref-phrases/vbox-mgr"/> or the
|
|
<userinput>VBoxManage</userinput>. While <ph conkeyref="vbox-conkeyref-phrases/vbox-mgr"/> is easier to use, it
|
|
works on a per VM basis and encrypts all disk images attached to the specific VM. With
|
|
<userinput>VBoxManage</userinput> one can encrypt individual images, including all differencing images. To
|
|
encrypt an unencrypted medium with <userinput>VBoxManage</userinput>, use: </p>
|
|
<pre xml:space="preserve">VBoxManage encryptmedium <varname>uuid</varname>|<varname>filename</varname> \
|
|
--newpassword <varname>filename</varname>|- --cipher <varname>cipher-ID</varname> --newpasswordid "<varname>ID</varname>
|
|
</pre>
|
|
<p>To supply the encryption password point <userinput>VBoxManage</userinput> to the file where the password is
|
|
stored or specify <codeph>-</codeph> to let <userinput>VBoxManage</userinput> ask you for the password on the
|
|
command line. </p>
|
|
<p>The cipher parameter specifies the cipher to use for encryption and can be either
|
|
<codeph>AES-XTS128-PLAIN64</codeph> or <codeph>AES-XTS256-PLAIN64</codeph>. The specified password identifier
|
|
can be freely chosen by the user and is used for correct identification when supplying multiple passwords during
|
|
VM startup. </p>
|
|
<p>If the user uses the same password when encrypting multiple images and also the same password identifier, the
|
|
user needs to supply the password only once during VM startup. </p>
|
|
</body>
|
|
|
|
</topic>
|