[Solved] Encryption password for guest OS no longer working
[Solved] Encryption password for guest OS no longer working
Hi,
I had encrypted several guest OSes with the same disk encryption settings in virtualbox 6.0.4:
Disk encryption cipher: AES-XTS256-PLAIN264 (Settings --> Disk Encryption --> Enable Disk Encryption)
I used the same password for all VMs
Everything had been working fine for several days, but today I cannot start ANY of the VMs, here's the error message I get:
"Encryption password for ID = [VM name] is invalid."
Also, the fact that the issue is present across all my VMs is mindboggling.
The host is running macOS Mojave.
I have tried typing in the password as well as copy-pasting it, so I don't think it's a keyboard issue. I am also 100% sure that it is typed correctly (I have checked multiple sources).
I would highly appreciate if you have any ideas that are worth trying. Unfortunately, I have valuable information inside these VMs that is not backed up, and now that the encryption password is not working I am worried that I lost my data.
I had encrypted several guest OSes with the same disk encryption settings in virtualbox 6.0.4:
Disk encryption cipher: AES-XTS256-PLAIN264 (Settings --> Disk Encryption --> Enable Disk Encryption)
I used the same password for all VMs
Everything had been working fine for several days, but today I cannot start ANY of the VMs, here's the error message I get:
"Encryption password for ID = [VM name] is invalid."
Also, the fact that the issue is present across all my VMs is mindboggling.
The host is running macOS Mojave.
I have tried typing in the password as well as copy-pasting it, so I don't think it's a keyboard issue. I am also 100% sure that it is typed correctly (I have checked multiple sources).
I would highly appreciate if you have any ideas that are worth trying. Unfortunately, I have valuable information inside these VMs that is not backed up, and now that the encryption password is not working I am worried that I lost my data.
Last edited by socratis on 7. Mar 2019, 20:55, edited 1 time in total.
Reason: Marked as [Solved].
Reason: Marked as [Solved].
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Encryption password for guest OS no longer working
Pick a VM, any VM that has a problem and post its VBOX file.
Right-click on the VM in the VirtualBox Manager. Select "Show in Finder". ZIP the selected ".vbox" file and attach it to your response.
Right-click on the VM in the VirtualBox Manager. Select "Show in Finder". ZIP the selected ".vbox" file and attach it to your response.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Re: Encryption password for guest OS no longer working
Thanks so much for the quick reply. I really appreciate it.
I am attaching the vbox file.
Please let me know if there's any other info I can give you.
I am attaching the vbox file.
Please let me know if there's any other info I can give you.
- Attachments
-
- VBOX.vbox.zip
- (2.09 KiB) Downloaded 49 times
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Encryption password for guest OS no longer working
Please post the file "/Users/<you>/Library/VirtualBox/VirtualBox.xml" and the "VirtualBox.xml-prev" next to it. ZIP them and attach them to your reply...
This VM does NOT contain an encrypted VDI. In fact things don't look to good to be honest with you... The whole <MediaRegistry> section is missing! Example of a section like that, with an encrypted medium:
This VM does NOT contain an encrypted VDI. In fact things don't look to good to be honest with you... The whole <MediaRegistry> section is missing! Example of a section like that, with an encrypted medium:
If this is what I think it is, then:<MediaRegistry> <HardDisks> <HardDisk uuid="{992e63e4-85b9-4018-8812-2df7ef337b57}" location="FreeDOS 1.2 Clone.vdi" format="VDI" type="Normal"> <Property name="CRYPT/KeyId" value="FreeDOS 1.2 Clone"/> <Property name="CRYPT/KeyStore" value="U0NORQABQUVTLVhUUzI1Ni1QTEFJTjY0AAAAAAAAAAAAAAAAAABQQktERjItU0hB MjU2AAAAAAAAAAAAAAAAAAAAAAAAAEAAAADikV3FgL9VJdN8+VmKIsrNQcacaYLe Lhom8iF6BIlvwCAAAACRqZyzjqwGKW/cyOFlF4jZQsGZ3w19r5FD539Zr1/RxSBO AACF1XUPNmHy+u5mMJxEMZhOETtQZV+OLLF/Ris2g4wsteAiAgBAAAAAgkOchi9D OsL7UbXcUPw9d+bszpN04bVUAaWxCaGF2oVx/JqQ+x5wr9G7jrQZChTSUSKzOrHa nD2ZkNWpEyq9nQ=="/> </HardDisk> </HardDisks> </MediaRegistry>
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Re: Encryption password for guest OS no longer working
Oh that doesn't sound good
I am attaching a ZIP file with the XML files. Hope there's something that can be done.
Thanks again for the follow-up.
I am attaching a ZIP file with the XML files. Hope there's something that can be done.
Thanks again for the follow-up.
- Attachments
-
- VirtualBoxXML.zip
- (3.89 KiB) Downloaded 55 times
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Encryption password for guest OS no longer working
OK, it *is* the thing I was afraid of, a really rare bug. So "rare" and not-reproducible that I haven't filed a ticket for it, and I haven't heard of anyone reporting this except myself. I've been bitten a couple of times by that, but since I'm messing all the time with different versions, always testing the latest test builds, I thought it might have something to do with that aspect...
Here's what's going on... There is a section in each .VBOX file that holds the registered media, an example of which I showed you in my last post.
For some really weird reason, and under some really funky, unknown conditions, that same section can be found in the global settings file, VirtualBox.xml, but missing from the .vbox file!
VirtualBox will honor both locations. And that's part of the problem, because everything seems "normal", everything is working, snapshots, reverting, the whole thing. The only way to find out (and that's how I found out) was to copy the VM and try to register it on another host. The VM is not functioning, since the <MediaRegistry> section is missing from the VM config, and it's in the per-host config. Not supposed to be like that!
And this is exactly what's happening in your case; the <MediaRegistry> section is missing from your .vbox, but it's in the VirtualBox.xml. Now, in theory, this "move" should work and you should be prompted for your password. But obviously you're not.
Can you tell me exactly what happend? How did you end up like that? Did you move/create/change anything? Or it started happening just all of a sudden? I need each and every detail, no matter how insignificant you might think it is; we're trying to solve a mystery here...
Here's what's going on... There is a section in each .VBOX file that holds the registered media, an example of which I showed you in my last post.
For some really weird reason, and under some really funky, unknown conditions, that same section can be found in the global settings file, VirtualBox.xml, but missing from the .vbox file!
VirtualBox will honor both locations. And that's part of the problem, because everything seems "normal", everything is working, snapshots, reverting, the whole thing. The only way to find out (and that's how I found out) was to copy the VM and try to register it on another host. The VM is not functioning, since the <MediaRegistry> section is missing from the VM config, and it's in the per-host config. Not supposed to be like that!
And this is exactly what's happening in your case; the <MediaRegistry> section is missing from your .vbox, but it's in the VirtualBox.xml. Now, in theory, this "move" should work and you should be prompted for your password. But obviously you're not.
Can you tell me exactly what happend? How did you end up like that? Did you move/create/change anything? Or it started happening just all of a sudden? I need each and every detail, no matter how insignificant you might think it is; we're trying to solve a mystery here...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Re: Encryption password for guest OS no longer working
At T=0 I started both VMs, everything was running as usual. I did not do any changes to the guest OSes (I did not touch anything beyond the home directory and certainly nothing that requires sudo).
At T0+~3h I shut down both guest OSes, the way I usually do, which is from within the guest OS.
At T0+~3.25h I thought I should try to change the settings to optimize performance (for some reason the VMs have been very slow since I first installed them, but I was never able to figure out why). For the two VMs, I reduced the number of processors from 2 to 1. I also reduced the base memory in both, but I don't remember by how much. I did not try to start the VMs after changing these settings and I put my host OS to sleep.
At T0+~9h I tried to start the VMs but the encryption password no longer worked. After it became clear that it wasn't just a case of a typing error, here's what I tried:
- Restored the processor and memory settings to the best of my recollection
- I thought it might be an issue with VirtualBox and not the images themselves since I thought it's unlikely that both became corrupted at the same time. So I installed VirtualBox 5.2 along with the appropriate extension pack but that didn't work either
- I reinstalled VirtualBox 6.0.4 with the appropriate extension but the problem persisted
That's about everything I can remember, but let me know if you have any specific questions or if any logs can be helpful.
My understanding of all of this is rather naive, but is it worth trying to manually copy the <MediaRegistry> part from the VirtualBox.xml to the .vbox?
Again, thanks so much. I really appreciate all your help.
At T0+~3h I shut down both guest OSes, the way I usually do, which is from within the guest OS.
At T0+~3.25h I thought I should try to change the settings to optimize performance (for some reason the VMs have been very slow since I first installed them, but I was never able to figure out why). For the two VMs, I reduced the number of processors from 2 to 1. I also reduced the base memory in both, but I don't remember by how much. I did not try to start the VMs after changing these settings and I put my host OS to sleep.
At T0+~9h I tried to start the VMs but the encryption password no longer worked. After it became clear that it wasn't just a case of a typing error, here's what I tried:
- Restored the processor and memory settings to the best of my recollection
- I thought it might be an issue with VirtualBox and not the images themselves since I thought it's unlikely that both became corrupted at the same time. So I installed VirtualBox 5.2 along with the appropriate extension pack but that didn't work either
- I reinstalled VirtualBox 6.0.4 with the appropriate extension but the problem persisted
That's about everything I can remember, but let me know if you have any specific questions or if any logs can be helpful.
My understanding of all of this is rather naive, but is it worth trying to manually copy the <MediaRegistry> part from the VirtualBox.xml to the .vbox?
Again, thanks so much. I really appreciate all your help.
Re: Encryption password for guest OS no longer working
The media registry transfer to VirtualBox.xml shouldn't happen (and while I know a reason in which this can happen you definitely didn't mention the magic words "cloning" or "importing" so far), but as such shouldn't be harmful. All the vital information is still there (and the KeyStore stuff isn't lost, which is the most important thing as this is where the password encrypted key for the data on disk lives). The only catch is that it wouldn't move with the VM as intended when copying the directory to a different system.
Re: Encryption password for guest OS no longer working
Please also attach the VBox.log and <VM name>.vbox and <VM name>.vbox-prev files for the affected VM. I wasn't able to reproduce your issue here by moving the medium to the global registry. Encrypted disks still work here.
Re: Encryption password for guest OS no longer working
Thank you so much for your help.
I am very glad to hear that the vital information is still there. Any suggestions on how I can proceed to access my VM again?
I am attaching a zip file containing the VBox.log and <VM name>.vbox and <VM name>.vbox-prev files.
Klaus: just to clarify, I did not do any "cloning" or "importing". After the password stopped working, I did try to install VirtualBox 5.2 instead of the 6.0 I had been using, but since the VM directories were the same I did not have to import anything. Anyway, that didn't work and I again replaced 5.2 with 6.0.
I am very glad to hear that the vital information is still there. Any suggestions on how I can proceed to access my VM again?
I am attaching a zip file containing the VBox.log and <VM name>.vbox and <VM name>.vbox-prev files.
Klaus: just to clarify, I did not do any "cloning" or "importing". After the password stopped working, I did try to install VirtualBox 5.2 instead of the 6.0 I had been using, but since the VM directories were the same I did not have to import anything. Anyway, that didn't work and I again replaced 5.2 with 6.0.
- Attachments
-
- VBox_files.zip
- (99.05 KiB) Downloaded 60 times
Re: Encryption password for guest OS no longer working
Hi again,
Sorry for the persistence, but any thoughts on how I can access my vm again?
Thanks a lot.
Sorry for the persistence, but any thoughts on how I can access my vm again?
Thanks a lot.
-
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Encryption password for guest OS no longer working
The attachment contains manually edited "VirtualBox.xml" and "Whonix-Gateway.XFCE.vbox". You should back up your existing copies of these files and overwrite them with these - report the results.
I notice that two encrypted hard disks are registered (incorrectly) in VirtualBox.xml, only one of those was used by the VM, so presumably there's another VM with the same problem which will need a similar fix (I did not bother to read the above discussion, so perhaps you already said).
I notice that two encrypted hard disks are registered (incorrectly) in VirtualBox.xml, only one of those was used by the VM, so presumably there's another VM with the same problem which will need a similar fix (I did not bother to read the above discussion, so perhaps you already said).
- Attachments
-
- Whonix-Gateway-XFCE.vbox.zip
- (3.51 KiB) Downloaded 82 times
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Encryption password for guest OS no longer working
First of all, sorry for the late reply, but things have been kind of crazy... Just look at how many tabs I have open on the to-answer-tab-list! That's not the whole list of tabs, plus the red topics are the ones I haven't read yet!
Now, I'm not sure if this will fix your problem or not. I'm leaning towards not, but you never know. As 'aeichner' said, this should not affect the availability of the encryption part.
But, these are pre-made VMs that you downloaded from someplace else. I know because I have them as well. There can't be too many things that you have there that you wouldn't mind losing, are there?
What 'mpack' sent your way is the <MediaRegistry> section that's moved from the global "VirtualBox.xml" to the specific "Whonix-Gateway-XFCE.vbox". It's the same exact information, which is what it's supposed to be if things are right. That doesn't mean they're 100% wrong, they're just being read from the wrong place.t6535 wrote:but any thoughts on how I can access my vm again?
Now, I'm not sure if this will fix your problem or not. I'm leaning towards not, but you never know. As 'aeichner' said, this should not affect the availability of the encryption part.
But, these are pre-made VMs that you downloaded from someplace else. I know because I have them as well. There can't be too many things that you have there that you wouldn't mind losing, are there?
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Re: Encryption password for guest OS no longer working
It worked, thank you all so much!!
I did the same for the other VM, worked as well.
I'm backing everything up from now on
I did the same for the other VM, worked as well.
I'm backing everything up from now on
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Encryption password for guest OS no longer working
And I tried what "aeichner" tried as well, successfully. And then you come back with:aeichner wrote:I wasn't able to reproduce your issue here by moving the medium to the global registry. Encrypted disks still work here.
The big question is why it was failing before!!!t6535 wrote:It worked ... I did the same for the other VM, worked as well.
/me scratches head...
Is there anything missing from your original description?
BTW, I'm really glad that the whole thing worked, marking as [Solved].
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.