This command is used to create a DEK encrypted medium/image. See Section 9.31.2, “Encrypting disk images”" for details.
The syntax is as follows:
VBoxManage encryptmedium <uuid|filename> [--newpassword <file|->] [--oldpassword <file|->] [--cipher <cipher id>] [--newpasswordid <password id>]
-
use
<uuid|filename>
to supply the uuid or absolute path of the medium/image to be encrypted. -
Use
--newpassword <file|->
to supply a new encryption password; either specify the absolute pathname of a password file on the host operating system, or-
to prompt you for the password on the command line. Always use the--newpasswordid
option with this option. -
use
--oldpassword <file|->
to supply any old encryption password; either specify the absolute pathname of a password file on the host operating system, or-
to prompt you for the old password on the command line.Use this option to gain access to an encrypted medium/image to change its password using
--newpassword
and/or change its encryption using--cipher
. -
Use
--cipher <cipher>
to specify the cipher to use for encryption; this can be eitherAES-XTS128-PLAIN64
orAES-AXTS256-PLAIN64
.Use this option to change any existing encryption on the medium/image, or setup new encryption on it for the 1st time.
-
Use
--newpasswordid <password id>
to supply the new password identifier. This can be freely chosen by the user, and is used for correct identification when supplying multiple passwords during VM startup.If the user uses the same password when encrypting multiple images and also the same password identifier, the user needs to supply the password only once during VM startup.