In this post: viewtopic.php?f=1&t=78137&p=364039#p364039 I reported results of a test involving mounting an encrypted vhd in the host Windows 7 and 10 OSs. As expected the encrypted vhd could not be used and needed formatting. That's not the problem.
The problem is the further test I did to see what happens when the encrypted drive is released then removed from the Virtual Media Manager. When the drive is released from the guest but not removed, the encryption keys remain in the guest .vbox file. So the drive can be reattached and used by the guest without data loss.
If the released drive is removed from the Media Manager, the encryption keys disappear from the .vbox file. The keys are needed to use the drive and are now gone, without warning. If the drive is reattached to the original guest the encryption keys do not come back. The drive is now useless.
There may be a reason why this was programmed, but there are reasons why a person may need to remove the drive from the media manager, such as moving the drive file to a different host drive, perhaps to decrease unexpected bandwidth restrictions of multiple disk files on one host disk, or some other reason. If backups are taken the encryption keys could be saved and re-inserted into the .vbox file after the drive is removed, but manual editing of the XML in the .vbox is not recommended. No warning is given regarding what will happen to the keys when using the "Remove" command.
I believe that when someone starts a command that will result in deletion of the keys from the .vbox, a warning should be given, and the option to export the keys to a separate file should be provided. Then when the disk file is re-used, a place to import the keys from the user's file back into the .vbox should be provided.
Any thoughts before I head to the Bugtracker?
Change to disk encryption scheme
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Change to disk encryption scheme
Last edited by scottgus1 on 14. Jun 2016, 15:02, edited 2 times in total.
-
mpack
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Change to disk encryption scheme
Yes, that is the way it works, and in fact is the way it has to work. Metadata about a drive is either stored in the drive, or in the media registry. If it's stored in the media registry (as is the case for most flags, including immutable and encrypted) then this information is lost if the media is unregistered.
This was discussed quite thoroughly when the feature was new.
viewtopic.php?f=1&t=69503
viewtopic.php?f=1&t=75092
This was discussed quite thoroughly when the feature was new.
viewtopic.php?f=1&t=69503
viewtopic.php?f=1&t=75092
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: Change to disk encryption scheme
Yes. I think that a warning should be given, and an opportunity to preserve the keys should be provided. Especially if there are reasons for moving a disk. (I edited my post above while your were posting, Mpack, what do you think?)
-
mpack
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Change to disk encryption scheme
I've never wanted to use this feature so I'll have to take your word for it that no warning is currently given. If that is the case then certainly I'd agree that a warning is a good idea.
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: Change to disk encryption scheme
Bugtracker enhancement request here: https://www.virtualbox.org/ticket/15507