@Tourma
You're wise to want a #backup. I've never regretted having a backup. I've occasionally regretted the lack of one.
I have a dedicated partition just for disk images. Before dangerous operations, or just when I feel like it, I boot into a #Linux live image, use #cryptsetup to decrypt my root partition, and use #dd to back up critical partitions to my images partition. I use a script so that it's harder to make mistakes (by, for example, copying in the wrong direction). The script has several commands like this:
Milan Broz
C++ Wage Slavesudo dd bs=16M status=progress if=/dev/sdb1 of=/mnt/images/biosboot.img
sudo dd bs=16M status=progress if=/dev/sdb2 of=/mnt/images/boot.img
... plus some stuff for decrypting my root directory, which won't be relevant for your application.
If this is a one-off operation for you, and especially if you're only backing up a single partition, then you don't need to write a script for it.
Although I have an images partition, you could back up across the network. The essential thing is to boot into a Linux live image and make sure none of the partitions you want to back up is mounted.
The first time you look at a #Windows machine's hard disk under Linux, you'll find several hidden partitions. I honestly don't know what they all do, except that one, I know, is dedicated to telemetry. But you might be wise to back up the entire disk (in Linux terms, something like /dev/sda) rather than just a single partition (/dev/sda1). That way, you'll get all those partitions and the partition table as well.
I'd suggest seeking advice from someone who spends more time in the Windows world, just in case there's something I don't know about that end of things.
My experience with #FlashDrives recently has been mixed. I have no problem in encrypting them with #LUKS, using #cryptsetup or with formatting a partition with #Btrfs, for instance, using #gparted and doing other tinkering with #Gnome #disks. But the problem has been with the actual drives themselves. The cheaper ones seem to have quite a few bad sectors, etc. and so they’re not really reliable for medium term storage.
1/2
In case someone else is wondering why linux luks hard disk encryption is usually within a lvm container: that way you only need one password to unlock multiple partitions.
(found out the hard way)
So today I tired #mkfs.btrfs and this works. I was using #gparted, which can’t create #encrypted file systems and so I created a blank (cleared) one, used #cryptsetup to create the #encryption on the device, and then created the brtrfs file system.
Зашифрованные флешки и переносные hdd, поддерживаются почти всеми линуксами «из коробки».
Если на windows’ах для работы с флешкой использовалось #VeraCrypt или даже #TrueCrypt, то на linux-системах с этой же флешкой можно и через #cryptsetup работать. Без надобности устанавливать дополнительные приложения, сродни того же VeraCrypt.
Подключить целиком зашифрованную флешку:
Khurram Wadee ✅
13reak 
gihyo.jp
🚀 Несерьёзный Выдумщик 👨🔬 
sudo cryptsetup open --type tcrypt /dev/sdXY myconfidential
sudo mkdir /mnt/secureflash
sudo mount /dev/mapper/myconfidential /mnt/secureflash
sudo umount /mnt/secureflash
sudo cryptsetup close myconfidential
/mnt/secureflash./dev/sdXY числится флешка, то поможет: lsblk -f или что-то схожее, на вкус и цвет более подходящее.Does someone have a working #nixos setup where they decrypt their drive via #cryptsetup that they access remotely via #tailscale?
That's what I am building for my new working machine.
Also WakeOnLan (via local network though).
Does someone have a working #nixos setup where they decrypt their drive via #cryptsetup that they access remotely via #tailscale?
That's what I am building for my new working machine.
Also WakeOnLan (via local network though).
musicmatze 
