Virtual Appliance configuration

After the Virtual Appliance has been imported, the virtual machine can be “Powered on”. The first time the Virtual Appliance starts, new SSH and SSL/TLS keys will be generated. After starting for the first time, the Virtual Appliance should be configured.


For security reasons, the gateway is not yet configured with an IP address. The IP address can be configured using the console application.

Login to CipherMail from the VM console using the default console login credentials:

The virtual appliance by default uses PAM authentication. You can login with the following default credentials:





After logging into the virtual appliance console for the first time you need to change the password.

After changing the password, the system console tool will be started. The system console tool can be used to configure certain aspects of the gateway which cannot be configured from the WEB GUI.

Only basic settings, like IP address, Timezone etc., can be configured with the console tool. All other settings should be configured from the Admin Web GUI.


After configuring the IP address, you can login via ssh.

Virtual appliance system console

The Virtual Appliance system configuration tool contains the following main menu items: “File”, “Config”, “Backup” and “Other”.

File menu

The File menu contains the following menu items: “Open shell”, “Mount share”, “Unmount share” and “Exit”.

Open shell

The “Open shell” option opens a command line shell. The command line shell can be used to manage the system from the command line.

Mount share

The “Mount share” option can be used to mount to an external SMB share. The external SMB share will be mounted on the “share” sub directory. The external share can for example be used to restore backups using the console configuration tool’s built-in restore functionality.

Virtual appliance share

The “Share” parameter should be set to the name of the external SMB server and the name of the share.



Unmount share

The “Unmount share” option can be used to disconnect the share which was mounted with “Mount share”.


The “Exit” option closes the system configuration tool and logs the user off.

Config menu

The config menu contains the following menu items: “Network”, “IP Filter”, “Timezone”, “Password” and “Configure Keyboard”.


The network configuration can be used to configure the network interface.

Virtual appliance network


At the moment only IPv4 is supported

IP Filter

By default the Admin Web GUI can be accessed from any IP address. The “IP filter” can be used to block access to the WEB Admin GUI from unauthorized IP addresses. A comma separated list of authorised IP addresses can be configured. An IP range can be specified in CIDR format or using a wildcard (*).


The IP filter only blocks access to the administration pages, not to the public portal.


192.168.*, 127.*,


The timezone of the gateway is by default set to UTC. A new timezone can be set using the “Timezone” option.


It’s recommened to reboot the appliance after configuring the timezone to ensure that the gateway is configured with the correct time.


The “Password” option can be used to change the password of the console login, i.e., of the “sa” user.

Configure Keyboard

By default, the console is configured for a standard generic 105-key US keyboard. If a different keyboard layout is used (for example QWERTZ), a new keyboard layout can be selected with the “Configure Keyboard” option.

Backup menu

The backup menu contains the following menu items: “Backup” and “Restore”.


A system backup, i.e., a backup of all the relevant system settings, can be created using the “Backup” option. If a remote share is mounted, the backup can be stored on the remote share.

To create a backup, the backup location and filename should be specified. A backup can optionally be encrypted with a password.


A backup can also be created from the WEB GUI.


The “Restore” option can be used to restore a backup.

Other menu

The other menu contains the following menu items: “Reboot”, “Shutdown”, “Restart” and “Update”.


This will reboot the system.


This will shutdown and power-off the system.


This will restart all the CipherMail services (the Mail Processing Agent, Postfix and the Web Application).


Update will check for system updates (security updates and other updates). It is recommended to reboot the system after packages are updated.