Still fiddling around, not getting it running, I'd like to ask here.
The situation:
Clonezilla live on a stick running an custom-ocs allows newbie-users to backup/restore their hardware (2 harddisks with various partitions each).
The custom-ocs provides a kind of BASH-GUI and runs underneath in a batch mode various commands, as for example:
yes "" | ocs-sr -b -q2 -j2 -z1p -i 2000 -fsck-src-part-y -p true saveparts "$BakNameSda1" sda1 | tee $Path2LogfileSda1
My Question:
Since I'd like to allow the user also to do encrypted backups/restores, I want to add $Enc containing " -enc" oder " -senc" and provide a password ($EncPw) the user typed in.
Ending up with something like:
yes "" | ocs-sr -b -q2 -j2 -z1p -i 2000 -fsck-src-part-y $Enc $EncPw -p true saveparts "$BakNameSda1" sda1 | tee $Path2LogfileSda1
But how to provide the user-password in batch mode?
Any hints, ideas, links, etc would be very welcome
ub2
By the way. Clonezilla is great, Thanks a lot.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
OK, the option "-enc" or "-senc" is only a switch, and it won't accept
any parameter. Therefore if you want to provide an encryption password
in batch mode, the version of Clonezilla now does not support it. We
will have to implement that in the future.
For the moment, actually the image encryption of Clonezilla is done by
the opensource pacakge "ecryptfs", therefore you can use your own
command and password to mount it by something like:
mount -t ecryptfs /home/partimag/2017-12-22-01-img-enc
/tmp/ecryptfs_mnt.if8GFo -o
ecryptfs_cipher=aes,ecryptfs_key_bytes=16,no_sig_cache,ecryptfs_enable_filename_crypto=n,ecryptfs_passthrough,key=passphrase:passphrase_passwd_file=/tmp/ecryptfs_f.h5HnQy
(Basically you prepare a empty image dir called
/home/partimag/2017-12-22-01-img-enc, and use encryptfs to encrypt the
dir, then ocs-sr save the image to the mounted encrypted image dir.)
You can google to find the details about using ecryptfs.
Steven
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Dear Clonezilla cracks
Still fiddling around, not getting it running, I'd like to ask here.
The situation:
yes "" | ocs-sr -b -q2 -j2 -z1p -i 2000 -fsck-src-part-y -p true saveparts "$BakNameSda1" sda1 | tee $Path2LogfileSda1
My Question:
Ending up with something like:
yes "" | ocs-sr -b -q2 -j2 -z1p -i 2000 -fsck-src-part-y $Enc $EncPw -p true saveparts "$BakNameSda1" sda1 | tee $Path2LogfileSda1
But how to provide the user-password in batch mode?
Any hints, ideas, links, etc would be very welcome
ub2
By the way. Clonezilla is great, Thanks a lot.
Help !
I'm still struggling to provide the encryption-password in batch mode:
trial1
ok if EncCode=" -senc"
fails if EncCode=" -enc Password"
...
BefZeiSda1='yes "" | ocs-sr -b -q2 -j2 -z1p -i 4096 -sfsck'$EncCode' -p true saveparts '$BakNameSda1' sda1 | tee '$PfadLogfileSda1LastBakDetails
...
eval $BefZeiSda1
RetBefZeiSda1=$?
trial2
fails in both cases: a) Enc=" -senc" EncPw="" and b) Enc=" -enc" EncPw="password"
...
BefZeiSda1='yes "" | echo '$EncPw' | ocs-sr -b -q2 -j2 -z1p -i 4096 -sfsck'$Enc' -p true saveparts '$BakNameSda1' sda1 | tee '$PfadLogfileSda1LastBakDetails
...
eval $BefZeiSda1
RetBefZeiSda1=$?
trial3
fails in both cases a) Enc=" -senc" EncP2="" and b) Enc=" -enc" EncPw="password"
...
BefZeiSda1='yes "" | ocs-sr -b -q2 -j2 -z1p -i 4096 -sfsck'$Enc' -p true saveparts '$BakNameSda1' sda1 < echo '$EncPw' | tee '$PfadLogfileSda1LastBakDetails
...
eval $BefZeiSda1
RetBefZeiSda1=$?
Really nobody out there who already has done encrypted backups in batch mode?
Any help, hint, keyword, etc .. would be highly appreciated.
Tanks a lot ub2
Sorry for bad formatting, ub2
Hi ub2,
OK, the option "-enc" or "-senc" is only a switch, and it won't accept
any parameter. Therefore if you want to provide an encryption password
in batch mode, the version of Clonezilla now does not support it. We
will have to implement that in the future.
For the moment, actually the image encryption of Clonezilla is done by
the opensource pacakge "ecryptfs", therefore you can use your own
command and password to mount it by something like:
mount -t ecryptfs /home/partimag/2017-12-22-01-img-enc
/tmp/ecryptfs_mnt.if8GFo -o
ecryptfs_cipher=aes,ecryptfs_key_bytes=16,no_sig_cache,ecryptfs_enable_filename_crypto=n,ecryptfs_passthrough,key=passphrase:passphrase_passwd_file=/tmp/ecryptfs_f.h5HnQy
(Basically you prepare a empty image dir called
/home/partimag/2017-12-22-01-img-enc, and use encryptfs to encrypt the
dir, then ocs-sr save the image to the mounted encrypted image dir.)
You can google to find the details about using ecryptfs.
Steven
Hi ub2,
Feel free to post my answer in the Clonezilla live forum. Thanks.
I might have some time after Xmas or new year, so I will implement the feature you have requested. Please be patient.
Merry Xmas and Happy new year.
Steven
Please give Clonezilla live 2.5.5-19 a try:
http://clonezilla.org/downloads.php
The command ocs-sr now comes with option -pe or -pfe which you can use to provide the password. For more info, run:
ocs-sr --help
Let us know your testing results. Thanks.
Steven