mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2025-01-05 04:31:02 -05:00
181 lines
6.4 KiB
ReStructuredText
181 lines
6.4 KiB
ReStructuredText
|
==============================
|
|||
|
Emergency backup recovery (v3)
|
|||
|
==============================
|
|||
|
|
|||
|
|
|||
|
This page describes how to perform an emergency restore of a backup
|
|||
|
created on Qubes R2 or later (which uses backup format version 3).
|
|||
|
|
|||
|
The Qubes backup system has been designed with emergency disaster
|
|||
|
recovery in mind. No special Qubes-specific tools are required to access
|
|||
|
data backed up by Qubes. In the event a Qubes system is unavailable, you
|
|||
|
can access your data on any GNU/Linux system with the following
|
|||
|
procedure.
|
|||
|
|
|||
|
**Note:** In the following example, the backup file is both *encrypted*
|
|||
|
and *compressed*.
|
|||
|
|
|||
|
1. Untar the main backup file.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore ~]$ tar -i -xvf qubes-backup-2015-06-05T123456
|
|||
|
backup-header
|
|||
|
backup-header.hmac
|
|||
|
qubes.xml.000
|
|||
|
qubes.xml.000.hmac
|
|||
|
vm1/private.img.000
|
|||
|
vm1/private.img.000.hmac
|
|||
|
vm1/icon.png.000
|
|||
|
vm1/icon.png.000.hmac
|
|||
|
vm1/firewall.xml.000
|
|||
|
vm1/firewall.xml.000.hmac
|
|||
|
vm1/whitelisted-appmenus.list.000
|
|||
|
vm1/whitelisted-appmenus.list.000.hmac
|
|||
|
dom0-home/dom0user.000
|
|||
|
dom0-home/dom0user.000.hmac
|
|||
|
|
|||
|
|
|||
|
|
|||
|
2. Set the backup passphrase environment variable. While this isn’t
|
|||
|
strictly required, it will be handy later and will avoid saving the
|
|||
|
passphrase in the shell’s history.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore ~]$ read -r backup_pass
|
|||
|
|
|||
|
|
|||
|
|
|||
|
3. Verify the integrity of the ``backup-header`` file, which contains
|
|||
|
basic information about your backup.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore ~]$ openssl dgst -sha512 -hmac "$backup_pass" backup-header
|
|||
|
HMAC-SHA512(backup-header)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c
|
|||
|
[user@restore ~]$ cat backup-header.hmac
|
|||
|
(stdin)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c
|
|||
|
|
|||
|
|
|||
|
**Note:** The hash values should match. If they do not match, then
|
|||
|
the backup file may have been tampered with, or there may have been
|
|||
|
a storage error.
|
|||
|
**Note:** If your backup was hashed with a message digest algorithm
|
|||
|
other than ``sha512``, you must substitute the correct message
|
|||
|
digest command. This information is contained in the
|
|||
|
``backup-header`` file (see step 4), however it is not recommended
|
|||
|
to open this file until its integrity and authenticity has been
|
|||
|
verified (the current step). A complete list of supported message
|
|||
|
digest algorithms can be found with
|
|||
|
``openssl list-message-digest-algorithms``.
|
|||
|
|
|||
|
4. Read the ``backup-header``. You’ll need some of this information
|
|||
|
later. The file will look similar to this:
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore ~]$ cat backup-header
|
|||
|
version=3
|
|||
|
hmac-algorithm=SHA512
|
|||
|
crypto-algorithm=aes-256-cbc
|
|||
|
encrypted=True
|
|||
|
compressed=True
|
|||
|
compression-filter=gzip
|
|||
|
|
|||
|
|
|||
|
**Note:** If you see ``version=2`` here, go to :doc:`Emergency Backup Recovery - format version 2 </user/how-to-guides/backup-emergency-restore-v2>`
|
|||
|
instead.
|
|||
|
|
|||
|
5. Verify the integrity of the ``private.img`` file which houses your
|
|||
|
data.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore ~]$ cd vm1/
|
|||
|
[user@restore vm1]$ openssl dgst -sha512 -hmac "$backup_pass" private.img.000
|
|||
|
HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
|
|||
|
[user@restore vm1]$ cat private.img.000.hmac
|
|||
|
(stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
|
|||
|
|
|||
|
|
|||
|
**Note:** The hash values should match. If they do not match, then
|
|||
|
the backup file may have been tampered with, or there may have been
|
|||
|
a storage error.
|
|||
|
**Note:** If your backup was hashed with a message digest algorithm
|
|||
|
other than ``sha512``, you must substitute the correct message
|
|||
|
digest command. This information is contained in the
|
|||
|
``backup-header`` file (see step 4). A complete list of supported
|
|||
|
message digest algorithms can be found with
|
|||
|
``openssl list-message-digest-algorithms``.
|
|||
|
|
|||
|
6. Decrypt the ``private.img`` file.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore vm1]$ find -name 'private.img.*[0-9]' | sort -V | xargs cat | openssl enc -d -md MD5 -pass pass:"$backup_pass" -aes-256-cbc -out private.img.dec
|
|||
|
|
|||
|
|
|||
|
**Note:** If your backup was encrypted with a cipher algorithm other
|
|||
|
than ``aes-256-cbc``, you must substitute the correct cipher
|
|||
|
command. This information is contained in the ``backup-header`` file
|
|||
|
(see step 4). A complete list of supported cipher algorithms can be
|
|||
|
found with ``openssl list-cipher-algorithms``.
|
|||
|
|
|||
|
7. Decompress the decrypted ``private.img`` file.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore vm1]$ zforce private.img.dec
|
|||
|
private.img.dec -- replaced with private.img.dec.gz
|
|||
|
[user@restore vm1]$ gunzip private.img.dec.gz
|
|||
|
|
|||
|
|
|||
|
**Note:** If your backup was compressed with a program other than
|
|||
|
``gzip``, you must substitute the correct compression program. This
|
|||
|
information is contained in the ``backup-header`` file (see step 4).
|
|||
|
For example, if you used ``bzip2``, then you should do this:
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore vm1]$ mv private.img.dec private.img.dec.bz2
|
|||
|
[user@restore vm1]$ bunzip2 private.img.dec.bz2
|
|||
|
|
|||
|
|
|||
|
|
|||
|
8. Untar the decrypted and decompressed ``private.img`` file.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore vm1]$ tar -xvf private.img.dec
|
|||
|
vm1/private.img
|
|||
|
|
|||
|
|
|||
|
|
|||
|
9. Mount the private.img file and access your data.
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
[user@restore vm1]$ sudo mkdir /mnt/img
|
|||
|
[user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/
|
|||
|
[user@restore vm1]$ cat /mnt/img/home/user/your_data.txt
|
|||
|
This data has been successfully recovered!
|
|||
|
|
|||
|
|
|||
|
|
|||
|
10. Success! If you wish to recover data from more than one VM in your
|
|||
|
backup, simply repeat steps 5–9 for each additional VM.
|
|||
|
**Note:** You may wish to store a copy of these instructions with
|
|||
|
your Qubes backups in the event that you fail to recall the above
|
|||
|
procedure while this web page is inaccessible. All Qubes
|
|||
|
documentation, including this page, is available in plain text
|
|||
|
format in the following Git repository:
|
|||
|
|
|||
|
.. code:: bash
|
|||
|
|
|||
|
https://github.com/QubesOS/qubes-doc.git
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|