virtualbox.org

End user forums for VirtualBox
https://forums.virtualbox.org/

Encryption Help (EFS vs. VB) for Android guest on personal laptop.

https://forums.virtualbox.org/viewtopic.php?t=98495

Page 1 of 1

Encryption Help (EFS vs. VB) for Android guest on personal laptop.

Posted: 5. Jun 2020, 09:14
by Spere
Looking to encrypt personal use virtual android machine hosted on personal daily use laptop.

Goal: Protect data in case of physical theft with minimal decrease in performance and usage.

Fundamental System is setup and working properly.
My skill level: Overall intermediate - minimal in regards to VB/VM encryption.

Options - 2 possible, 2 disqualified:
  • Disqualified:
    • Bitlocker of host drive -- disqualified due to other critical constraints
    • Android encryption from within Android (Setting > Security & Location > Encryption and Credentials) --- attempted multiple times without success
    Possibles:
    • Turn on disk encryption for machine (VB > Settings > General > Disk Encryption)
    • Use Windows EFS to encrypt machine (.vbox & .vdi) file.
Open to other options as well - these are the ones I know of.

System Setup:
  • Host: Microsoft Windows [Version 10.0.19041.264]
    Processor: Intel(R) Core(TM) i7-7820HK CPU @ 2.90GHz, 2901 Mhz, 4 Core(s), 8 Logical Processor(s)
    Installed Physical Memory (RAM): 32.0 GB
    Guest: Android 9.0 (android-x86_64-9.0-r2.iso)
    VirtualBox: 6.1.8.137981
    Storage: SSD
Question: Given the above, what do you suggest?

--- Thanks!

Re: Encryption Help (EFS vs. VB) for Android guest on personal laptop.

Posted: 6. Jun 2020, 15:23
by scottgus1
The only suggestion, or rather recommendation, is be sure you back up the unencrypted guest before you encrypt, so you can get back to where you started if you have a problem.

Keep the disk file inside the guest folder next to the .vbox file. If it is not now, and you need help moving it, please let us know.

Virtualbox encryption handles the disk file only, not the other files of the guest. Also, after encrypting, be sure to back up a fresh copy of the .vbox file. That file contains the encryption key that mirrors your password to allow the guest disk to be used. The password alone cannot decrypt the disk, you need both the password and the .vbox file.

Don't remove encrypted disks from the guest, or under certain circumstances the guest .vbox file might have the encryption key removed, resulting in inability to decrypt the disk.

It may also be good to not use snapshots on an encrypted guest.

Finally, take regular backups of the whole guest folder including .vbox file and guest disk.

Re: Encryption Help (EFS vs. VB) for Android guest on personal laptop.

Posted: 8. Jun 2020, 12:16
by Spere
Thank you! -- Will come back as questions arise.
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited