[dm-crypt] How to backup entire encrypted HDD?

John Gomez d0006 at ymail.com
Thu Apr 11 06:12:40 CEST 2013

Can someone please add a section to the cryptsetup FAQ that explains how to backup a HDD with whole disk encryption?

I have a 500GB 
HD encrypted with LUKS, partitioned with LVM (I think) and formatted ext4. The /boot partition is on a USB stick. I want to make a backup of the HDD. Say my first drive is /sda and the backup drive is /sdx and I want the backup to go in /sdx3.

AFAIK, I have two choices;
1: Create an encrypted partition on /sdx say, /sdx3, mount and decrypt /sda, then use rsync to copy the filesystem from /sda to /sdx3. Not the worst choice but there are flaws.  What if I want to do this over a network?  What if I want to do this on /sdx that is already partitioned? (If /sdx is already partitioned I can not encrypt the partition /sdx3. Is this correct?)

2: Use dd (or GNU ddrescue or similar) using the parameters if=/sda of=/sdx3/backup.img.  Then the problems are: how do I view the files?  This post describes mounting an image of a partition: http://www.rebelzero.com/howto/backup-and-restore-files-tofrom-a-luks-encrypted-partition-image-file/189.  Does anyone know a better way to do this?  Will this work for an image of the entire drive?  Is there any other way to verify the integrity of the backup?

Any suggestions are appreciated.

Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20130410/b105021a/attachment.html>

More information about the dm-crypt mailing list