This command is used to create a DEK encrypted medium or image. See Encrypting Disk Images.
The syntax is as follows:
VBoxManage encryptmedium <uuid|filename>
[--newpassword <file|->]
[--oldpassword <file|->]
[--cipher <cipher id>]
[--newpasswordid <password id>]Use
<uuid|filename>to supply the UUID or absolute path of the medium or image to be encrypted.Use
--newpassword <file|->to supply a new encryption password. Either specify the absolute pathname of a password file on the host operating system, or-to prompt you for the password on the command line. Always use the--newpasswordidoption with this option.Use
--oldpassword <file|->to supply any old encryption password. Either specify the absolute pathname of a password file on the host operating system, or-to prompt you for the old password on the command line.Use this option to gain access to an encrypted medium or image to either change its password using
--newpasswordor change its encryption using--cipher.Use
--cipher <cipher>to specify the cipher to use for encryption. This can be eitherAES-XTS128-PLAIN64orAES-XTS256-PLAIN64.Use this option to change any existing encryption on the medium or image, or to set up new encryption on it for the first time.
Use
--newpasswordid <password id>to supply the new password identifier. This can be chosen by the user, and is used for correct identification when supplying multiple passwords during VM startup.If the user uses the same password when encrypting multiple images and also the same password identifier, the user needs to supply the password only once during VM startup.