When backing up, our work files should be in dvd sized folders. This allows us to create an image and burn to dvd. We should use the linux disk dump tool, to duplicate entire sdcards.
We get the benefits of optical backups where data can last a lifetime. We also get the benefit of sdcards, fast and easy.
This blog will show you how to;-
- create full disk encryption via cryptsetup
- disk dump via dd tool
- create an image and burn to dvd
Creating a Cryptsetup SDCard
Identify your sdcard by checking current devices against newly inserted
devices. Check the current system devices; –
>ls /dev/sd*
/dev/sdaInsert your sdcard that you want encrypted. Check system devices again; –
>ls /dev/sd*
/dev/sda /dev/sdbYour device label for your sdcard is sdb. Now encrypt it with sane defaults; –
>cryptsetup --use-random --type=luks2 --key-size=512 --cipher=twofish-xts-essiv:sha256 --pbkdf=argon2id --label="Jumper" luksFormat /dev/sdb
>syncNow create a file partition for this newly created crypt volume; –
>cryptsetup luksOpen /dev/sdb sdb_crypt
>mkfs -t ext4 -L “Jumper” /dev/mapper/sdb_crypt
>sync
>e2fsck -fy /dev/mapper/sdb_crypt
>cryptsetup luksClose /dev/mapper/sdb_cryptBacking up a Cryptsetup SDCard
When backing up to sdcard we must check which is your device kernel label.
We do this by first listing device kernel labels below; –
>ls /dev/sd*
/dev/sdaNow plug in your sdcard and check the system devices; –
>ls /dev/sd*
/dev/sda /dev/sdbSince sdb suddenly appeared after you plugged in your sdcard, this is now
your device label. With /dev/sdb as our master sdcard we can disk dump to
multiple sdcards.
Now plug in another sdcard to backup the master; –
>ls /dev/sd*
/dev/sda /dev/sdb /dev/sdcSince sdc suddenly appeared, your destination backup sdcard device is
/dev/sdc. We can now disk dump to sdc to create our first copy; –
sudo dd if=/dev/sdb of=/dev/sdc bs=2G status=progressWe read the above command as, disk dump the input file in device sdb to output file in device sdc, with a block size of half the current memory 2G. Show the status when disk dumping.
We now know how to create multiple sdcard copies in linux.
Backing up to DVD
To manually backup to DVD, we need to generate an iso from a folder, then burn to optical.
This is how to generate an iso image from any folder. It uses dvdisaster to add error correction codes so that data recovery is possible; –
>genisoimage -allow-limited-size -udf -iso-level 4 -J -joliet-long -volid dvd-my-work-1 -o dvd-my-work-1.iso /home/media/user/Documents/dvd-my-work-1
>dvdisaster --image="/home/media/user/Documents/dvd-my-work-1/dvd-my-work-1.iso“ --method=RS02 --redundancy=20% --create
>dvdisaster --test --image=”/home/media/user/Documents/dvd-my-work-1/dvd-my-work-1.iso”
>ls dvd-my-work-1.isoYou could burn your image using a GUI like xfburn. In this blog we will show you the console way. Burning does not work with XFCE4 and Rocky Linux 9.2. I am now using Linux Mint 21.3.
This is how to burn any iso image to your optical drive which has a DVD-RW;
–
>wodim dev=/dev/cdrom speed=2 fs=128m driveropts=burnfree blank=fast
>wodim dev=/dev/cdrom speed=2 fs=128m driveropts=burnfree -data dvd-my-work-1.isoWe need to verify the burnt disc. Eject the DVD and mount both the iso and the new optical medium; –
>mount /dev/cdrom /mnt/temp1 -o ro
>mount dvd-my-work-1.iso /mnt/temp2 -o ro
>diff -dur /mnt/temp1 /mnt/temp2;echo $?
0The above should return 0 and no errors if both locations are the same.
Alternatives to Cryptsetup
Instead of using cryptsetup and removing the luks header, it is simpler to use an apricorn security key that is brute force protected. Below are examples of hardware encrypted storage devices; –
The benefits of this is; –
- that it is simple
- has brute force protection
The downsides; –
- it is expensive
Conclusion
Backing up to cloud automatically can still lock you out by ransomware. By learning how to manually backup the old school way ensures ransomware cannot hold you back. EMF fields in your environment, like in a construction site, may destroy data on your SDCard. Also using optical backups ensures that you are not at a total loss.
I hope this article helps a few people wanting to use linux as their main OS.
Leave a Reply