Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
encrypt and backup
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
while true
Guru
Guru


Joined: 07 Apr 2010
Posts: 454
Location: Ljubljana, Slovenia

PostPosted: Sun Oct 28, 2018 9:19 pm    Post subject: encrypt and backup Reply with quote

Hello gentoo people, I had hard time deciding where to post this dilemma, admin sorry...

I am getting second ssd, 240gb.
I am thinking of 2 things:

First, i'd like to have new ssd for backup for old one, and since my enlighs bad i'll try to elaborate, so i have ssd that is in use and i want all the data to be written on second ssd as well, immediately, automagically, as backup.
So, what are solutions for that kind of rig?

Second, I'd like to encrypt those ssds. I was thinking of reinstalling gentoo, but as i am looking in handbook i could not find the point where and how to do it.

all literature, tips, input and time is much appreciated.

Thank you
_________________
Kind regards, Goran Mitic

alive
while true
kick ass
Back to top
View user's profile Send private message
phelix
n00b
n00b


Joined: 28 Oct 2018
Posts: 2

PostPosted: Sun Oct 28, 2018 11:49 pm    Post subject: Reply with quote

Hi for(;;), // ;)

you could either use a softraid: https://wiki.gentoo.org/wiki/Complete_Handbook/Software_RAID
or logic volume manager: https://wiki.gentoo.org/wiki/LVM

Disk encryption can be applied on any blockdevice. I would try to encrypt the blockdevice which holds the filesystem itself, because

  • you just need one passphrase/key [convenience]
  • you do the encryption just once [performance]
  • you have verry similar bits on both disks (im not sure what headers the softraid and lvm are using/writing) [robustness]


-- update
When you are encryptiong you root disk you should also read about full disk encryption: https://wiki.gentoo.org/wiki/Full_Disk_Encryption_From_Scratch_Simplified
Back to top
View user's profile Send private message
while true
Guru
Guru


Joined: 07 Apr 2010
Posts: 454
Location: Ljubljana, Slovenia

PostPosted: Mon Oct 29, 2018 10:35 am    Post subject: Reply with quote

Hello phelix,

for backup:
aha 2 ways to go about it, raid and lvm-way.
i started to read upon raid, and there are 2 kinds, hardware and software,
i opened my motherboard handbook (asus with amd SB950 chipset for raid)
but at very beginning there is a note claiming:
You must install windows xp service pack 3 or latter versions before using
Serial ATA hard disk drives. The Serial ATA RAID feature is available only
if you are using windows xp SP3 or later versions.

So, this means that hardware AND software raid is out of the question
and I should definitely go lvm way?


for encryption:
oh, this is even more fragmented....
What i had in mind was, like, I turn on machine, it asks me for password,
once at the boot, to decrypt the whole disk, and than goes on with booting.
I read this little (and mind you phelix, i am noob) i can skip some things
from encryption? I can't understand the reasons, yet. Are there any good ones?
_________________
Kind regards, Goran Mitic

alive
while true
kick ass
Back to top
View user's profile Send private message
litan
n00b
n00b


Joined: 13 Aug 2012
Posts: 51

PostPosted: Mon Oct 29, 2018 11:44 am    Post subject: Reply with quote

while true wrote:
First, i'd like to have new ssd for backup for old one, and since my enlighs bad i'll try to elaborate, so i have ssd that is in use and i want all the data to be written on second ssd as well, immediately, automagically, as backup.
So, what are solutions for that kind of rig?


While I think that what you want primarily is a RAID, like phelix pointed you to, please
be cautious: RAID is no backup! And backups are a very good idea.
Why is RAID no backup? Because one of the important characteristics of a backup is
that you can use it to restore old files in case they are deleted (accidentally or not).
So while having a RAID is a good idea (in the sense where the R is for 'redundant' - there is also RAID 0
which has the opposite effect you want) you might almost certainly want to also have a backup.
Read: get a third disk where you copy your files to regularily.
This also protects your data from your system catching fire or the like if you store this extra disk in
a seperate place.

Edit: More info: https://serverfault.com/questions/2888/why-is-raid-not-a-backup

while true wrote:

i started to read upon raid, and there are 2 kinds, hardware and software,
i opened my motherboard handbook (asus with amd SB950 chipset for raid)
but at very beginning there is a note claiming:
You must install windows xp service pack 3 or latter versions before using
Serial ATA hard disk drives. The Serial ATA RAID feature is available only
if you are using windows xp SP3 or later versions.

So, this means that hardware AND software raid is out of the question
and I should definitely go lvm way?


No, this just means that hardware RAID is not supported. That's no problem,
since software RAID is the better approach anyway.

while true wrote:

for encryption:
oh, this is even more fragmented....
What i had in mind was, like, I turn on machine, it asks me for password,
once at the boot, to decrypt the whole disk, and than goes on with booting.
I read this little (and mind you phelix, i am noob) i can skip some things
from encryption? I can't understand the reasons, yet. Are there any good ones?


In case you accidentally lock yourself out of your encrypted data (as result of a lack of understanding or not)
a backup on an extra disk is even more important.
Back to top
View user's profile Send private message
while true
Guru
Guru


Joined: 07 Apr 2010
Posts: 454
Location: Ljubljana, Slovenia

PostPosted: Mon Oct 29, 2018 12:38 pm    Post subject: Reply with quote

Hello litan,

hmmm, so raid is not backup... I presume lvm is also not a backup (i haven't managed to read up on lvm yet).
So, what is backup? ~/i_guess_all and some system files like /etc/* (and what else?)
and that should not take that much space, so better some (encrypted) usb disk for that matter?

hmmm, let me sit on it for a day, since raid-1 (and presumably lvm) just make system more reliable in case of a disk failure, right?

which lives us with encryption of ssd disk.
As i read, GPT and EFI is to be set, and i can not remember which one i chose 4-5 years ago when i installed gentoo on this machine.
How can I check which one i have installed, GPT or EFI?

that is for now, but i'll be back with more noob questions ;)

thank you
_________________
Kind regards, Goran Mitic

alive
while true
kick ass
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13490

PostPosted: Tue Oct 30, 2018 2:25 am    Post subject: Reply with quote

Any setup where writes are automatically propagated is not a backup in the sense that term is typically used. It can be useful as a way of avoiding data loss if a disk dies. It is not useful at avoiding data loss if the operating system loses the data (rogue rm -r, filesystem corruption bug, software upgrade gone wrong, etc.), because by definition that loss will be written to the secondary drive at the same time as the primary, so there is no opportunity for the administrator to recover the data. When you create a backup, you should choose a balance between convenience of restoration and convenience of archival. You always want to save anything you would be sad to lose forever (personal photos, unpublished works, financial records, etc.). You may want to save things that could, with time, be reconstructed (system files, system configuration). If you save a full copy of the system, restoring is very easy - but you pay for it with the size of the backup and the time required to create it. If you save only the things you cannot recreate, restoring is more work.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum