Bart Simons

Bart Simons


Thoughts, stories and ideas.

Bart Simons
Author

Share


Tags


.net .net core Apache C# CentOS LAMP NET Framework Pretty URLs Windows Server WireGuard WireGuard.io access log add analysis android api at the same time authentication authorization automate automation azure azurerm backup bash basics batch bootstrap build capture cheat sheet chromium chroot class cli click to close code snippet command line commands compile compiling compression containers control controller controlling convert cpu usage create credentials csv csvparser curl data dd deployment desktop detect devices disable diskpart dism distributed diy docker dom changes dotnet core drivers ease of access encryption example export file transfer files fix folders generalize getting started ghost ghost.org gui guide gunicorn gzip html html tables icewarp igd imagex import inotify install installation interactive ios iphone itunes java javascript jquery json kiosk kotlin linux live load data loading screen lock screen loopback audio lxc lxd lxml macos manage manually message messages minio mirrored mod_rewrite monitor monitoring mutationobserver mysql nexmo nginx no oobe node node.js nodejs not installing notification notifications object storage on desktop one command openssl owncloud parallels parallels tools parse perfect philips hue play port forwarding portainer.io powershell processing ps-spotify python quick raspberry pi record rip ripping rsync rtmp save save data sbapplication scraping script scripting scriptingbridge scripts security send server service sharedpreferences sms songs sonos spotify spotify api spotlight ssh stack streaming streamlink studio sudo swarm swift sync sysprep system audio systemd tables terminal tracking tutorial twilio ubiquiti ubuntu ubuntu 18.04 ui code unifi unlock unsplash source upnp uptime usb tethering wallpapers wasapi website websites webview windows windows 10 without itunes without oobe workaround xaml

Live system DD backup, with encryption and compression!

Imaging a live system disk, what a stupid idea, right? It actually is.. but hey, I was just looking for an alternative solution for an off-site backup of my servers: DD reading my disk bit by bit, while spitting out data through the pipeline to gzip which spits out data to OpenSSL through another pipeline, and OpenSSL finally pipes all the final data to netcat.

That's a handful of words right there! It's relatively simple, actually. This is the command I ran on my server:

sudo dd if=/dev/vda conv=sync,noerror status=progress | openssl aes-192-cbc -salt -e | gzip -9 -c | nc -l 10.11.12.1 56002

Netcat starts a TCP listener on the IP address 10.11.12.1 and port number 56002, and waits for an incoming connection. You will be prompted to enter a password to put on your data after you run this long command, your data gets protected with AES-192 encryption which is more than sufficient. Make sure you remember this password, because it is the ONLY key to your data!

Remote server transferring an image to the client

I used my local computer which runs Linux to stream the disk image to. The local machine connects to the remote server and the transfer will start as soon when a TCP connection has been initialised with the server. You can even follow the throughput like on the screenshot above! Pretty cool, huh?

The command to run on your client machine is:

nc 10.11.12.1 56002 | gunzip -c | openssl aes-192-cbc -salt -d > disk.img

It took me around 15-20 minutes to copy a live 20GB VM over to my local computer. This server has 1 core and 512MB RAM so I'd say that the results are pretty acceptable.

And the good thing is that the Linux disk was actually bootable! Since the output is a raw disk image, I had to convert it over to a VMware .vmdk file and that file worked. I'm pretty amazed!

Awesome, now let's hope that there's an equivalent alternative for Windows available 😜

Bart Simons
Author

Bart Simons

View Comments