You are not logged in.
- Topics: Active | Unanswered
#1 2013-12-31 05:14:38
- LeftyAce
- Member
- Registered: 2012-08-18
- Posts: 159
[Solved] Clone existing arch system onto dm-crypt encrypted volume
Hi all,
I've been playing around with full disk encryption using dm-crypt and luks, and have it working pretty well on a spare harddrive. I don't want to go through the process of re-customizing a full install again, so I was wondering if it's possible to clone my / partition from my current install to an encrypted disk?
My end goal is to have my /boot partition on a USB thumb drive and a giant encrypted volume for the rest of the / partition (including /home).
My current drive has a / partition and a separate /home partition.
I'm imagining something like this:
Set up the whole new drive as an encrypted volume, unlock it with cryptsetup and map it to /dev/mapper/root
dd if=/dev/myOldDisk/rootPartition of=/dev/mapper/root
delete the encrypted /boot (it came over from OldDisk but I don't want it on the new encrypted disk).
Copy files from old home to encrypted disk's /home folder.
Would that work? Or am I better off just copying files over from my old / folder rather than using dd?
I appreciate any input you've got!
-Lefty
Last edited by LeftyAce (2014-01-06 22:41:14)
Offline
#2 2013-12-31 05:20:19
- dodo3773
- Member
- Registered: 2011-03-17
- Posts: 820
Re: [Solved] Clone existing arch system onto dm-crypt encrypted volume
I use rsync for this sort of thing: https://wiki.archlinux.org/index.php/Fu … le_command
Where /path/to/backupfolder is the other hard drive. Just make sure you mount your boot and luks/lvm partitions before copying and copy to the mount point. After that you will need to update and or remake your /etc/fstab, make sure you add the correct lvm encrypt etc... hooks to your /etc/mkinitcpio.conf, chroot in, rebuild your initrd with mkinitcpio, reinstall and update grub and you should be good to go. Probably be a little easier working with files than an image. At least that's how I would do it. Good luck.
Offline
#3 2013-12-31 20:23:20
- LeftyAce
- Member
- Registered: 2012-08-18
- Posts: 159
Re: [Solved] Clone existing arch system onto dm-crypt encrypted volume
Thanks dodo! I'll try doing a file copy and then rebuilding mkinitcpio and grub (I was going to need to do that regardless).
Offline
#4 2013-12-31 20:29:31
- dodo3773
- Member
- Registered: 2011-03-17
- Posts: 820
Re: [Solved] Clone existing arch system onto dm-crypt encrypted volume
No problem. Hope it works out for you. I've actually been thinking about doing this myself.
Offline
#5 2014-01-06 20:43:39
- Strike0
- Member
- From: Germany
- Registered: 2011-09-05
- Posts: 1,489
Re: [Solved] Clone existing arch system onto dm-crypt encrypted volume
Set up the whole new drive as an encrypted volume, unlock it with cryptsetup and map it to /dev/mapper/root
dd if=/dev/myOldDisk/rootPartition of=/dev/mapper/root
+1 to dodo3773's suggestion to use rsync, the above dd would create garbage anyway. You could dd an encrypted partition to another empty one (on the new drive), but creating and mapping a new encrypted volume first will result in a fresh encryption key. The garbage occurs since your command clones encrypted bytes incl. the old encryption header to a transparent (non-encrypted) mapper. A bit more info here.
Offline
#6 2014-01-06 22:40:54
- LeftyAce
- Member
- Registered: 2012-08-18
- Posts: 159
Re: [Solved] Clone existing arch system onto dm-crypt encrypted volume
Thanks for the feedback guys. I went with the rsync approach and it worked great. I'm writing this from the migrated system!
In case anyone comes along trying this, I did have to exclude certain folders (or at least their contents). I essentially followed this page: https://wiki.archlinux.org/index.php/Fu … with_rsync
Offline