Data Centers

How to encrypt VirtualBox VMs

If you want to add an extra layer of protection onto your virtual machines and you're using VirtualBox, encrypting those VMs is very simple. Here's how.

Image: Jack Wallen

Do you have VirtualBox-powered virtual machines (VMs) that you'd like to protect with a layer of encryption? Maybe said VMs are being used for proprietary development in your data center or possibly for security testing.

There are a number of reasons why you might want to lock that information away from prying eyes. When that's the case, what do you do? Fortunately, with VirtualBox 5.x, encryption is built in and readily available. See how easy it is to use this technology, so you can keep your VMs locked up tight.

SEE: Encryption Policy (Tech Pro Research)

What you need

This process requires VirtualBox to be installed. You want to make sure you're running at least version 5.0, but preferably the latest iteration (as of this writing, 5.1.14). You will also need to have your VM created and able to run. With that in place, let's encrypt a VM.

Encrypting your VM

Before you attempt the encryption, the VM must be powered down—you cannot encrypt a VM that is in a saved state. If the VM in question is in a saved or a running state, start it and then power it down through the host operating system's standard shutdown procedure. Once the VM is no longer either running or paused, select it from the left navigation and click the Settings button from the main toolbar.

In the resulting window, click the Encryption tab and then click the checkbox for Enable Encryption (Figure A).

Figure A

Figure A

Encrypting a VirtualBox VM is a couple of clicks away.

The next step is to select your cipher from the Encryption Cipher drop-down; you can select from either AES-XTS256-PLAIN64 or AES-XTS128-PLAIN64 (the former being stronger encryption). Then, enter and confirm the password for the encryption, and click OK.

VirtualBox will set out to encrypt the VM. Depending upon the size of the VM, this can take a while (this is full-disk encryption, after all), so either sit back and watch the progress bar as it slowly makes its way from 0-100, or go do something else and come back in a few minutes.

When the encryption completes, your host is ready to go. When you go to power up that VM, you will be prompted for the encryption passphrase (Figure B). Upon successfully authenticating the passphrase, the VM will boot, and you're ready to work.

Figure B

Figure B

The password prompt for an encrypted host.

To encrypt or not to encrypt

You may not currently have a reason to encrypt a VM, but you never know what the future holds—there may come a time when you need to take a few extra steps to protect the VMs in your data center. When that time comes, you'll be glad you know how to encrypt VirtualBox VMs.

Also see

About Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.

Editor's Picks

Free Newsletters, In your Inbox