Safe storage of Clonezilla backup images
A partition and disk imaging/cloning program
Brought to you by:
steven_shiau
Menu
▾
▴
Hello,
I am using Clonezilla for my PC backups, covering both Windows and Linux based OS's.
However, I see that when the Clonezilla backup is complete, it creates a directory of files rather than a single file. I would like to store these files on an external hard disk, but I feel there is no way to check SHA256 on the folder of files to check to see if they have been tampered with or corrupted. Is there any way of getting a single file output? I have a few thoughts on this, and I would like to get the Clonezilla community's input.
I am gravitating towards using Linux (Linux Mint/ Kubuntu) as I am getting sick of Windows and its intrusive ways. Previously, the way I would have made a single file in Windows, is by using WinRAR to RAR the file and then get a checksum from the single file, then store it in a VeraCrypt container on an external HDD. This way I can check the checksum of the RAR file at a later date to see if the file is all good. When using WinRAR, I am using the "store" option (no compression) and protecting the file with a password.
Now on Linux, it is slightly different, as I am new to this OS. I have researched a few different ways, but I am not sure which is the best way to go.
Option 1: Using Linux Mint Archive Manager, I could select the compress to TAR option to get the directory into a single file, then by using terminal I could get the SHA256 of the output TAR file. In addition to this, I could also GPG encrypt the file using the "gpg --symmetric --cipher-algo aes256 "Existing file to be encrypted" command.
Option 2: Again, using Linux Mint Archive Manager, I could select the compress to 7z option and enable password/encryption to the file. To do this option it takes forever, because the 7z process is compressing the file which I don't want/need. There is no option in the GUI software to change this setting.
Option 3: Using Linux Mint Terminal, I could use p7z and enable password/encryption to the file. But in this option, I can control the parameters to instruct not to use compression. The command I am using is: "7z a -p -mx=0 -mhe=on clonezillabkup_23_01_10.7z clonezillabkup_23_01_10". Once the file is done, I can SHA256 from terminal to get the result.
What option do you think is the better way to go? I hear that compressing the file increases the risk of corruption, so I avoid the compression. I am more concerned with getting the SHA256 or SHA512 to confirm that the file is the original file with no corruption, tampering, or even virus/malware.
Is TAR still good for uncompressed storage, or should I be using p7zip 16.02? Or is there a better way to do this without all these options? On a side note, p7zip seems a bit outdated on Linux Mint, considering it is a port of 7zip, and the latest version is 22.01.
Any guidance will be appreciated. Thanks for reading my post.
Darryl
A directory gives the most flexibility for an image. That's what Clonezilla needs.
"but I feel there is no way to check SHA256 on the folder of files to check to see if they have been tampered with or corrupted. " -> You can enter expert mode, and check the options -gm, -gs, or even -gmf, as shown here:
https://clonezilla.org/clonezilla-live/doc/01_Save_disk_image/advanced/09-advanced-param.php
Steven