Note: This process is only for our Ubuntu VM Appliance.
VT Docs (on-premise) is available with the option of encrypting all data at rest. This setup keeps all VisibleThread data on an encrypted disk volume using AES (aes-xts-plain64:sha256
) with 512-bit keys.
Decrypting the disk
When the system boots up, an IT admin must have access to the terminal to provide the password to decrypt the disk :
Changing the encryption password
Once the disk has been decrypted, the IT admin can login and change the encryption password :
sudo cryptsetup luksChangeKey /dev/mapper/visiblethreadserver-db