BackupRestore: update emergency restore instruction for Qubes R2 backup format

2024-10-01 01:25:40 -04:00 · 2015-04-21 14:40:56 +02:00 · 2015-04-21 14:40:56 +02:00 · 81c8b8b6d6
commit 81c8b8b6d6
parent c926e8d50c
3 changed files with 203 additions and 97 deletions
--- a/BackupEmergencyRestoreV2.md
+++ b/BackupEmergencyRestoreV2.md
@ -0,0 +1,108 @@
 ---
 layout: doc
 title: Emergency Backup Recovery - format version 2
 permalink: /doc/BackupEmergencyRestoreV2/
 ---
 Emergency Backup Recovery without Qubes - format version 2
 ==========================================================
 This page describes how to perform emergency restore of backup created on Qubes R2 Beta3 or earlier (which uses backup format 2).
 The Qubes backup system has been designed with emergency disaster recovery in mind. No special Qubes-specific tools are required to access data backed up by Qubes. In the event a Qubes system is unavailable, you can access your data on any GNU/Linux system with the following procedure.
 **Note:** In the following example, the backup file is assumed to be both encrypted and compressed.
 1.  Untar the main backup file.
    {% highlight trac-wiki %}
    [user@restore ~]$ tar -i -xvf qubes-backup-2013-12-26-123456
    backup-header
    backup-header.hmac
    qubes.xml.000
    qubes.xml.000.hmac
    vm1/private.img.000
    vm1/private.img.000.hmac
    vm1/icon.png.000
    vm1/icon.png.000.hmac
    vm1/firewall.xml.000
    vm1/firewall.xml.000.hmac
    vm1/whitelisted-appmenus.list.000
    vm1/whitelisted-appmenus.list.000.hmac
    dom0-home/dom0user.000
    dom0-home/dom0user.000.hmac
    {% endhighlight %}
 1.  Verify the integrity of the `private.img` file which houses your data.
    {% highlight trac-wiki %}
    [user@restore ~]$ cd vm1/
    [user@restore vm1]$ openssl dgst -sha512 -hmac "your_passphrase" private.img.000
    HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
    [user@restore vm1]$ cat private.img.000.hmac 
    (stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
    {% endhighlight %}
  **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error.
  **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`.
 1.  Decrypt the `private.img` file.
    {% highlight trac-wiki %}
    [user@restore vm1]$ openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in private.img.000 -out private.img.dec.000
    {% endhighlight %}
  **Note:** For multi-part files, a loop can be used:
  {% highlight trac-wiki %}
  for f in private.img.*; do
    openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in $f -out
  ${f/.img/.img.dec}
  done
  {% endhighlight %}
  **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. A complete list of supported cipher algorithms can be found with `openssl list-cipher-algorithms`.
 1.  Decompress the decrypted `private.img` file.
    {% highlight trac-wiki %}
    [user@restore vm1]$ zforce private.img.dec.*
    [user@restore vm1]$ gunzip private.img.dec.000.gz
    {% endhighlight %}
  **Note:** If your backup was compressed with a program other than `gzip`, you must substitute the correct compression program.
 1.  Untar the decrypted and decompressed `private.img` file.
    {% highlight trac-wiki %}
    [user@restore vm1]$ tar -M -xvf private.img.dec.000
    vm1/private.img
    {% endhighlight %}
    **Note:** For multi-part files, a script is required:
    1.  Create a `new-volume-script`:
        {% highlight trac-wiki %}
        #!/bin/sh
        name=`expr $TAR_ARCHIVE : '\(.*\)\..*'`
        suffix=`printf %03d $[ $TAR_VOLUME - 1 ]`
        echo $name.$suffix >&$TAR_FD
        {% endhighlight %}
    2.  `chmod +x new-volume-script`.
    3.  `tar --new-volume-script=./new-volume-script -xvf private.img.dec.000`. (The `--new-volume-script` option enables multi-volume untaring.)
 1.  Mount the private.img file and access your data.
    {% highlight trac-wiki %}
    [user@restore vm1]$ sudo mkdir /mnt/img
    [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/
    [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt
    This data has been successfully recovered!
    {% endhighlight %}
  **Note:** You may wish to store a plain text copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure while this web page is inaccessible. You may obtain a plaintext version of this file in Git repository housing all the documentation at:
    https://github.com/QubesOS/qubes-doc.git
--- a/BackupEmergencyRestoreV3.md
+++ b/BackupEmergencyRestoreV3.md
@ -0,0 +1,94 @@
 ---
 layout: doc
 title: Emergency Backup Recovery - format version 3
 permalink: /doc/BackupEmergencyRestoreV3/
 ---
 Emergency Backup Recovery without Qubes - format version 3
 ==========================================================
 This page describes how to perform emergency restore of backup created on Qubes R2 or later (which uses backup format 3).
 The Qubes backup system has been designed with emergency disaster recovery in mind. No special Qubes-specific tools are required to access data backed up by Qubes. In the event a Qubes system is unavailable, you can access your data on any GNU/Linux system with the following procedure.
 **Note:** In the following example, the backup file is assumed to be both encrypted and compressed.
 1.  Untar the main backup file.
    [user@restore ~]$ tar -i -xvf qubes-backup-2013-12-26-123456
    backup-header
    backup-header.hmac
    qubes.xml.000
    qubes.xml.000.hmac
    vm1/private.img.000
    vm1/private.img.000.hmac
    vm1/icon.png.000
    vm1/icon.png.000.hmac
    vm1/firewall.xml.000
    vm1/firewall.xml.000.hmac
    vm1/whitelisted-appmenus.list.000
    vm1/whitelisted-appmenus.list.000.hmac
    dom0-home/dom0user.000
    dom0-home/dom0user.000.hmac
 1. Verify the integrity of the `backup-header` file contains basic information about your backup.
    [user@restore ~]$ cd vm1/
    [user@restore ~]$ openssl dgst -sha512 -hmac "your_passphrase" backup-header
    HMAC-SHA512(backup-header)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c
    [user@restore ~]$ cat backup-header.hmac 
    (stdin)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c
  **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error.
  **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`.
 1. Read the `backup-header`. You'll need some of this information later. The file will look similar to this:
    version=3
    hmac-algorithm=SHA512
    crypto-algorithm=aes-256-cbc
    encrypted=True
    compressed=True
  If you see `version=2` here, go to [Emergency Backup Recovery - format version 2](/doc/BackupEmergencyRestoreV2/) page instead.
 1. Verify the integrity of the `private.img` file which houses your data.
    [user@restore ~]$ cd vm1/
    [user@restore vm1]$ openssl dgst -sha512 -hmac "your_passphrase" private.img.000
    HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
    [user@restore vm1]$ cat private.img.000.hmac 
    (stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
  **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error.
  **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`. You can check `backup-header` file for the hash used to create the backup.
 1. Decrypt the `private.img` file.
    cat private.img.??? | openssl enc -d -pass pass:your_passphrase -aes-256-cbc -out private.img.dec
  **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. A complete list of supported cipher algorithms can be found with `openssl list-cipher-algorithms`. You can check `backup-header` file to get that information.
 1. Decompress the decrypted `private.img` file.
    [user@restore vm1]$ zforce private.img.dec
    [user@restore vm1]$ gunzip private.img.dec.gz
  **Note:** If your backup was compressed with a program other than `gzip`, you must substitute the correct compression program. `backup-header` file contains name of program used to compress the data.
 1. Untar the decrypted and decompressed `private.img` file.
    [user@restore vm1]$ tar -xvf private.img.dec
    vm1/private.img
 1.  Mount the private.img file and access your data.
    [user@restore vm1]$ sudo mkdir /mnt/img
    [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/
    [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt
    This data has been successfully recovered!
  **Note:** You may wish to store a plain text copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure while this web page is inaccessible. You may obtain a plaintext version of this file in Git repository housing all the documentation at:
    https://github.com/QubesOS/qubes-doc.git
--- a/BackupRestore.md
+++ b/BackupRestore.md
@ -79,103 +79,7 @@ Emergency Backup Recovery without Qubes
 The Qubes backup system has been designed with emergency disaster recovery in mind. No special Qubes-specific tools are required to access data backed up by Qubes. In the event a Qubes system is unavailable, you can access your data on any GNU/Linux system with the following procedure.
-> **Note:** In the following example, the backup file is assumed to be both encrypted and compressed.
+For emergency restore of backup created on Qubes R2 or newer take a look [here](/doc/BackupEmergencyRestoreV3/). For backups created on earlier Qubes version, take a look [here](/doc/BackupEmergencyRestoreV2/).
 1.  Untar the main backup file.
    {% highlight trac-wiki %}
    [user@restore ~]$ tar -i -xvf qubes-backup-2013-12-26-123456
    backup-header
    backup-header.hmac
    qubes.xml.000
    qubes.xml.000.hmac
    vm1/private.img.000
    vm1/private.img.000.hmac
    vm1/icon.png.000
    vm1/icon.png.000.hmac
    vm1/firewall.xml.000
    vm1/firewall.xml.000.hmac
    vm1/whitelisted-appmenus.list.000
    vm1/whitelisted-appmenus.list.000.hmac
    dom0-home/dom0user.000
    dom0-home/dom0user.000.hmac
    {% endhighlight %}
 1.  Verify the integrity of the `private.img` file which houses your data.
    {% highlight trac-wiki %}
    [user@restore ~]$ cd vm1/
    [user@restore vm1]$ openssl dgst -sha512 -hmac "your_passphrase" private.img.000
    HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
    [user@restore vm1]$ cat private.img.000.hmac 
    (stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
    {% endhighlight %}
 > **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error.
 > **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`.
 1.  Decrypt the `private.img` file.
    {% highlight trac-wiki %}
    [user@restore vm1]$ openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in private.img.000 -out private.img.dec.000
    {% endhighlight %}
 > **Note:** For multi-part files, a loop can be used:
 >
 > {% highlight trac-wiki %}
 > for f in private.img.*; do
 >   openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in $f -out
 > ${f/.img/.img.dec}
 > done
 > {% endhighlight %}
 > **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. A complete list of supported cipher algorithms can be found with `openssl list-cipher-algorithms`.
 1.  Decompress the decrypted `private.img` file.
    {% highlight trac-wiki %}
    [user@restore vm1]$ zforce private.img.dec.*
    [user@restore vm1]$ gunzip private.img.dec.000.gz
    {% endhighlight %}
 > **Note:** If your backup was compressed with a program other than `gzip`, you must substitute the correct compression program.
 1.  Untar the decrypted and decompressed `private.img` file.
    {% highlight trac-wiki %}
    [user@restore vm1]$ tar -M -xvf private.img.dec.000
    vm1/private.img
    {% endhighlight %}
    **Note:** For multi-part files, a script is required:
    1.  Create a `new-volume-script`:
        {% highlight trac-wiki %}
        #!/bin/sh
        name=`expr $TAR_ARCHIVE : '\(.*\)\..*'`
        suffix=`printf %03d $[ $TAR_VOLUME - 1 ]`
        echo $name.$suffix >&$TAR_FD
        {% endhighlight %}
    2.  `chmod +x new-volume-script`.
    3.  `tar --new-volume-script=./new-volume-script -xvf private.img.dec.000`. (The `--new-volume-script` option enables multi-volume untaring.)
 1.  Mount the private.img file and access your data.
    {% highlight trac-wiki %}
    [user@restore vm1]$ sudo mkdir /mnt/img
    [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/
    [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt
    This data has been successfully recovered!
    {% endhighlight %}
 > **Note:** You may wish to store a plain text copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure while this web page is inaccessible. You may download a plain text copy of this page by clicking the `Plain Text` link at the bottom of this page (as with every page on this wiki). In addition, the whole wiki is synced hourly with a public Git repo at:
 >
 > {% highlight trac-wiki %}
 > git://gitorious.org/qubes-os/wiki.git
 > {% endhighlight %}
 Migrating Between Two Physical Machines
 ---------------------------------------