VMware Workstation

 View Only
  • 1.  Guest encryption in Vmware Workstation

    Posted Jun 30, 2025 10:22 AM

    Hi all, 

    I am not too sure if I am missing something or that's the way it is. Let me just quickly explain. I encrypted the Ubuntu VM and then shut it down. Powered it on back again to see how and if the encryption would work. The only password I was asked was the one I created when I installed Ubuntu, nothing else. I thought I was going to be asked for an another password right at the beginning, before the Ubuntu password screen appears. Is this OK, I mean it works that way?

    Thanks in advance.



  • 2.  RE: Guest encryption in Vmware Workstation

    Posted Jun 30, 2025 10:44 AM

    You didn't miss anything. That's the way it works. Workstation's virtual machine encryption is transparent to the VM.

    There are two modes for VM encryption

    • Partial encryption only encrypts certain configuration files in the VM that support a virtual TPM device. - The virtual disks are not encrypted. 
    • Full encryption encrypts all of the files that make up the virtual machine. That includes the virtual disks.

    In either case, the guest operating system sees what it thinks is an unencrypted disk. The password you give to Workstation is the only one needed to unlock VMware's encryption. There is no linkage between encrypting a virtual machine and full disk encryption that may or may not be configured by the VM's guest operating system.

    This also means that it is possible to configure guest operating system full disk encryption (e.g. LUKS for Linux or Bitlocker for Windows) and Workstation's encryption. That's' the case where you'd need 2 passwords to unlock a VM - one for Workstation and one in the VM) Also consider that if you chose full encryption from Workstation and configured full disk encryption in the VM's operating system you would be performing double encryption - with double the performance penalty. 



    ------------------------------
    - Paul (technogeezer)
    vExpert 2025
    ------------------------------



  • 3.  RE: Guest encryption in Vmware Workstation

    Posted Jul 14, 2025 03:41 PM

    Thank you for the reply. I think I know why it only asks for one password at the start and not two. Prior to the encrypting the VM, I put a tick in the box next to what it reads "remember the password on this machine in credential manager". I then removed the tick and re-encrypted the VM and now I am being asked two passwords: one for the VM as soon as VMware Workstation starts and one for the Ubuntu OS.  

    I'm not sure, though, if encrypting the virtual machine will make the SSD wear out more quickly as in the case of veracrypt vs ssd. Secondly, how strong is VMware workstation encryption? I mean, does it utilise any of those encryption algrorithms, like AES?