Skip to content

Instantly share code, notes, and snippets.

@niklaskeerl

niklaskeerl/backup_home.md

Last active July 4, 2021 09:42
Show Gist options
  • Save niklaskeerl/598f1762861df23770f441a964640f05 to your computer and use it in GitHub Desktop.
Save niklaskeerl/598f1762861df23770f441a964640f05 to your computer and use it in GitHub Desktop.
Download ZIP
Backup home directory
Raw
backup_home.md

Backup your home directory

Setup

Credits to https://lobotuerto.com/blog/how-to-setup-full-disk-encryption-on-a-secondary-hdd-in-linux/ .

  1. Identify your device name. This is usually easy by comparing the sizes of the drives. Usually, the system device name is sda. So, external devices names start with sdb.
lsblk

In my case, the device name usually is sdd. So, I will use it from now on. If yours is different, just change the value in the next step accordingly.

  1. Securely erase all data from the hard drive. This step is optional.
sudo dd if=/dev/zero of=/dev/sdd bs=1M status=progress conv=fdatasync
  1. Create the GPT Partition table
sudo fdisk /dev/sdd
g
w
sudo fdisk /dev/sdd
n
# Press Enter to accept all default values
w
  1. Encrypt the device

Get yourself a secure password for your disk encryption. You will be asked to write it down two times.

sudo cryptsetup -v -y luksFormat /dev/sdd1
YES
passphrase
passphrase
  1. Create a new ext4 filesystem
sudo cryptsetup luksOpen /dev/sdd1 encrypteddrive
passphrase
sudo mkfs.ext4 /dev/mapper/encrypteddrive

Now, you are good to go. You can mount the new partition now.

sudo chmod 777 /mnt/
sudo mount /dev/mapper/encrypteddrive /mnt/

After that, you can unmount and secure your data.

sudo umount /dev/mapper/encrypteddrive
sudo cryptsetup luksClose /dev/mapper/encrypteddrive
udisksctl power-off -b /dev/sdd

  1. Install grsync

  2. Configure grsync

Basic Options

Source: /home/

Destination: /mnt

Ticked options: preserve time, preserve permissions, preserve owner, preserve owner, preserve group, delete on destination, do not leave filesystem, verbose, show transfer progress, skip newer

Advanced Options

Ticked options: always checksum, copy symlinks as symlinks, copy hardlinks as hardlinks, protect remote args

Extra Options

nothing selected

Using the encrypted drive to do backups with grsync

Find the device name using lsblk. In my case, I am using sdd. Now, you can open the luks partition and mount it.

sudo cryptsetup luksOpen /dev/sdd1 encrypteddrive
passphrase
sudo mount /dev/mapper/encrypteddrive /mnt/

Start grsync like any other GUI application and click on the "play" button to make a full run.

Once you are done, close grsync and then you can unmount and close the partition.

sudo umount /dev/mapper/encrypteddrive
sudo cryptsetup luksClose /dev/mapper/encrypteddrive
udisksctl power-off -b /dev/sdd

Restoring the data

  1. Make sure to have a working linux distribution and boot it.

  2. Install grsync

  3. Find the device name, open the luks partition and mount the drive

lsblk
sudo cryptsetup luksOpen /dev/sdd1 encrypteddrive
passphrase
sudo mount /dev/mapper/encrypteddrive /mnt/
  1. Configure grsync like shown before with the following changes

Source: /mnt

Destination: /home/

You can disable the "skip newer" option

  1. Click the "play" button to make a full run

  2. Once you are done, close grsync and then you can unmount and close the partition.

sudo umount /dev/mapper/encrypteddrive
sudo cryptsetup luksClose /dev/mapper/encrypteddrive
udisksctl power-off -b /dev/sdd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment