clonezilla-live Mailing List for Clonezilla
A partition and disk imaging/cloning program
Brought to you by:
steven_shiau
Menu
▾
▴
clonezilla-live — Anything about Clonezilla live
You can subscribe to this list here.
| 2007 |
Jan
|
Feb
|
Mar
(3) |
Apr
(5) |
May
(13) |
Jun
(6) |
Jul
(5) |
Aug
|
Sep
(12) |
Oct
(8) |
Nov
(9) |
Dec
(4) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2008 |
Jan
(9) |
Feb
(5) |
Mar
(16) |
Apr
(10) |
May
(2) |
Jun
(4) |
Jul
(22) |
Aug
(26) |
Sep
(8) |
Oct
(33) |
Nov
(25) |
Dec
(13) |
| 2009 |
Jan
(54) |
Feb
(65) |
Mar
(15) |
Apr
(12) |
May
(29) |
Jun
(46) |
Jul
(23) |
Aug
(71) |
Sep
(22) |
Oct
(13) |
Nov
(16) |
Dec
(65) |
| 2010 |
Jan
(18) |
Feb
(22) |
Mar
(26) |
Apr
(82) |
May
(36) |
Jun
(45) |
Jul
(40) |
Aug
(6) |
Sep
(44) |
Oct
(33) |
Nov
(8) |
Dec
(38) |
| 2011 |
Jan
(16) |
Feb
(13) |
Mar
(19) |
Apr
(27) |
May
(37) |
Jun
(14) |
Jul
(4) |
Aug
(2) |
Sep
(13) |
Oct
(5) |
Nov
(6) |
Dec
(6) |
| 2012 |
Jan
(6) |
Feb
(1) |
Mar
(36) |
Apr
(13) |
May
(4) |
Jun
(4) |
Jul
|
Aug
|
Sep
|
Oct
(5) |
Nov
(5) |
Dec
(4) |
| 2013 |
Jan
(7) |
Feb
(6) |
Mar
(3) |
Apr
(5) |
May
(1) |
Jun
(8) |
Jul
(5) |
Aug
(3) |
Sep
|
Oct
(1) |
Nov
(2) |
Dec
|
| 2014 |
Jan
(12) |
Feb
(10) |
Mar
|
Apr
(2) |
May
(3) |
Jun
|
Jul
(1) |
Aug
(8) |
Sep
(1) |
Oct
(1) |
Nov
(2) |
Dec
(2) |
| 2015 |
Jan
(13) |
Feb
(6) |
Mar
(2) |
Apr
(4) |
May
(15) |
Jun
(6) |
Jul
(20) |
Aug
(2) |
Sep
(1) |
Oct
(2) |
Nov
(4) |
Dec
(1) |
| 2016 |
Jan
|
Feb
(2) |
Mar
|
Apr
(7) |
May
(1) |
Jun
(12) |
Jul
(1) |
Aug
|
Sep
|
Oct
(1) |
Nov
(6) |
Dec
|
| 2017 |
Jan
|
Feb
(1) |
Mar
(4) |
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
(15) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(5) |
Sep
(2) |
Oct
(6) |
Nov
(4) |
Dec
(4) |
| 2019 |
Jan
(1) |
Feb
(1) |
Mar
(1) |
Apr
(1) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
(1) |
Oct
(1) |
Nov
|
Dec
|
| 2020 |
Jan
|
Feb
(2) |
Mar
(5) |
Apr
(1) |
May
(3) |
Jun
|
Jul
|
Aug
(2) |
Sep
|
Oct
|
Nov
(11) |
Dec
(2) |
| 2021 |
Jan
(2) |
Feb
|
Mar
(5) |
Apr
(2) |
May
|
Jun
|
Jul
(2) |
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2022 |
Jan
|
Feb
|
Mar
|
Apr
(4) |
May
(16) |
Jun
(3) |
Jul
(6) |
Aug
(13) |
Sep
|
Oct
|
Nov
(2) |
Dec
(1) |
| 2023 |
Jan
|
Feb
(1) |
Mar
|
Apr
(4) |
May
(6) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(7) |
Nov
(9) |
Dec
(2) |
| 2024 |
Jan
(8) |
Feb
(1) |
Mar
|
Apr
(9) |
May
(2) |
Jun
|
Jul
(2) |
Aug
(5) |
Sep
(7) |
Oct
(1) |
Nov
|
Dec
|
| 2025 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
(10) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
(7) |
Nov
|
Dec
|
|
From: Steven S. <ste...@ni...> - 2025-10-21 12:47:26
|
Stable Clonezilla live 3.3.0-33 is released. For more info, please check: https://sourceforge.net/p/clonezilla/news/2025/10/stable-clonezilla-live-333-33-released/ Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Steven S. <ste...@ni...> - 2025-10-19 01:26:11
|
We have very limited man power in this project. Hence for the Linux kernel we only use the one from upstream, i.e., Debian or Ubuntu. Please ask this feature in Debian or Ubuntu for us if you can. Thank you very much. Steven On 10/16/25 23:05, yakkie wrote: > 回复: Re: [Clonezilla-live] YT-6801 driver > Hello! > It still cannot recognize yt6801,tested today. > best regards! > > > > 发自vivo电子邮件 > ---------- 回复的原邮件 ---------- > 发件人:Steven Shiau via Clonezilla-live > <clo...@li...> > 日期:2025年10月15日 21:11 > 主题:Re: [Clonezilla-live] YT-6801 driver > 收件人:clonezilla-live <clo...@li...> > 抄送: > > How about giving Ubuntu-based Clonezilla live a try? Especially the > testing one, like 20251015-questing: > > https://clonezilla.org/downloads.php > > Steven > > On 10/12/25 07:54, yakkie wrote: >> YT-6801 driver >> Hello: >> The newest version clonezilla cannot recognize YT6801 net card,so pxe >> client which use YT6801 netcard cannot bootup via pxe. >> Please add YT6801 netcard driver in clonezilla,thanks!! >> >> >> >> 发自vivo电子邮件 >> >> >> _______________________________________________ >> Clonezilla-live mailing list >> Clo...@li... >> https://lists.sourceforge.net/lists/listinfo/clonezilla-live > -- > Steven Shiau <steven _at_ stevenshiau org> > Public Key Server PGP Key ID: 4096R/163E3FB0 > Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: yakkie <ya...@12...> - 2025-10-16 15:05:44
|
Hello! It still cannot recognize yt6801,tested today. best regards! 发自vivo电子邮件---------- 回复的原邮件 ---------- 发件人:Steven Shiau via Clonezilla-live <clo...@li...> 日期:2025年10月15日 21:11 主题:Re: [Clonezilla-live] YT-6801 driver 收件人:clonezilla-live <clo...@li...> 抄送: How about giving Ubuntu-based Clonezilla live a try? Especially the testing one, like 20251015-questing: https://clonezilla.org/downloads.php Steven On 10/12/25 07:54, yakkie wrote: > > YT-6801 driver > Hello: > The newest version clonezilla cannot recognize YT6801 net card,so pxe client which use YT6801 netcard cannot bootup via pxe. > Please add YT6801 netcard driver in clonezilla,thanks!! > > > > 发自vivo电子邮件 > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live > -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: yakkie <ya...@12...> - 2025-10-15 13:25:55
|
Ubuntu based 20251005 was tested,failed.
I will try the 20251015 assp and feedback.
best regards!!
thanks!!
发自vivo电子邮件---------- 回复的原邮件 ----------
发件人:Steven Shiau via Clonezilla-live <clo...@li...>
日期:2025年10月15日 21:11
主题:Re: [Clonezilla-live] YT-6801 driver
收件人:clonezilla-live <clo...@li...>
抄送:
How about giving Ubuntu-based Clonezilla live a try? Especially the testing one, like 20251015-questing:
https://clonezilla.org/downloads.php
Steven
On 10/12/25 07:54, yakkie wrote:
>
> YT-6801 driver
> Hello:
> The newest version clonezilla cannot recognize YT6801 net card,so pxe client which use YT6801 netcard cannot bootup via pxe.
> Please add YT6801 netcard driver in clonezilla,thanks!!
>
>
>
> 发自vivo电子邮件
>
>
> _______________________________________________
>
> Clonezilla-live mailing list
>
> Clo...@li...
>
> https://lists.sourceforge.net/lists/listinfo/clonezilla-live
>
--
Steven Shiau <steven _at_ stevenshiau org>
Public Key Server PGP Key ID: 4096R/163E3FB0
Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0
|
|
From: Steven S. <ste...@ni...> - 2025-10-15 12:58:53
|
How about giving Ubuntu-based Clonezilla live a try? Especially the testing one, like 20251015-questing: https://clonezilla.org/downloads.php Steven On 10/12/25 07:54, yakkie wrote: > YT-6801 driver > Hello: > The newest version clonezilla cannot recognize YT6801 net card,so pxe > client which use YT6801 netcard cannot bootup via pxe. > Please add YT6801 netcard driver in clonezilla,thanks!! > > > > 发自vivo电子邮件 > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Steven S. <ste...@ni...> - 2025-10-15 12:15:43
|
How about giving Ubuntu-based Clonezilla live a try? Especially the testing one, like 20251015-questing: https://clonezilla.org/downloads.php Steven On 10/12/25 07:54, yakkie wrote: > YT-6801 driver > Hello: > The newest version clonezilla cannot recognize YT6801 net card,so pxe > client which use YT6801 netcard cannot bootup via pxe. > Please add YT6801 netcard driver in clonezilla,thanks!! > > > > 发自vivo电子邮件 > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: yakkie <ya...@12...> - 2025-10-11 23:54:41
|
Hello: The newest version clonezilla cannot recognize YT6801 net card,so pxe client which use YT6801 netcard cannot bootup via pxe. Please add YT6801 netcard driver in clonezilla,thanks!! 发自vivo电子邮件 |
|
From: Steven S. <st...@na...> - 2025-06-23 13:26:26
|
Stable Clonezilla live 3.2.2-15 is released. For more info, please check: https://sourceforge.net/p/clonezilla/news/2025/06/stable-clonezilla-live-322-15-released/ Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Steven S. <st...@na...> - 2025-05-16 07:55:30
|
Stable Clonezilla live 3.2.2-5 is released. For more info, please check: https://sourceforge.net/p/clonezilla/news/2025/05/stable-clonezilla-live-322-5-released/ Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Robert K C. J. -I. F. D. Corp. <bco...@in...> - 2025-05-08 12:35:30
|
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Obviously, this doesn't apply if the image contains sensitive
information, but if it is just an OS install and some apps, run
the image over netcat and generate a hash on the result to confirm
it arrived ok.</p>
<p>It has been a while since I did SSH tunneling but it seems to me
that it would be simple to manually mount a remote NFS share.</p>
<p><br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 5/7/2025 2:12:47 PM, James Epp
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAJ...@ma...">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Honestly I hadn't thought too strictly in terms of
necessitating the encryption to occur within clonezilla but
seeing as we're on the *clonezilla* mailing list I suppose that
would be a fair restriction to apply (if nothing else for the
sake of refining a potential feature request).
<div><br>
</div>
<div>Again, SSH tunneling may be *an* approach here. I could've
sworn the live env has SSH built-in but whether that would
work I don't know. Just skimming the usage section of the code
you link to, my brain wanders towards some drop-in replacement
for netcat that would work for the -np option (or in a
different but similar vein, the --net-filter option).</div>
<div><br>
</div>
<div>I'm well outside my expertise at this point.</div>
</div>
<br>
<div class="gmail_quote gmail_quote_container">
<div dir="ltr" class="gmail_attr">On Wed, May 7, 2025 at
11:17 AM michaelof--- via Clonezilla-live <<a
href="mailto:clo...@li..."
moz-do-not-send="true" class="moz-txt-link-freetext">clo...@li...</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">VPN
would be of course a good idea, but as we have two Clonezilla
Live instances here, means "including" operating system, not
"only" Clonezilla, the VPN must be included/prepared by
Clonzilla "within" e.g the ISO.<br>
<br>
BUT thinking about this I strongly assume that your first
remarks reg. auth/enc keys are the key to the answer of my
question :)<br>
<br>
I've looked into the source code, and if I got it right, this
file (<a
href="https://github.com/stevenshiau/clonezilla/blob/62e404d8f1d8a4619cf116dac3598036f81e61a4/sbin/ocs-onthefly"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://github.com/stevenshiau/clonezilla/blob/62e404d8f1d8a4619cf116dac3598036f81e61a4/sbin/ocs-onthefly</a>)
is the relevant script. Which uses netcat (<a
href="https://manpages.org/nc" rel="noreferrer"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://manpages.org/nc</a>),
means UENCRYPTED.<br>
<br>
<br>
<br>
<br>
Am 07.05.25 um 14:43 schrieb James Epp:<br>
> I haven't done any testing (yet) but a couple more
thoughts on the subject:<br>
> <br>
> 1. I am not super skilled with network analysis. I will
not be able to tell just by looking at data streams whether
the data is compressed, encrypted, or both. Clonezilla almost
certainly compresses blocks in transit, so I probably won't be
able to tell much from that angle.<br>
> <br>
> 2. If you trust the LANs in both your source and target
networks/providers, you could consider doing something like a
VPN tunnel using any number of different
technologies/protocols. That would probably remove *most* of
the risk you're exposed to (because presumably you trust the
provider to not intercept/eavesdrop on your traffic as a
customer).<br>
> <br>
> 3. In terms of this evolving into a feature request,
maybe SSH tunneling is a method here but again we still face
the challenge of needing to authenticate the machines with one
another which is easier said than done (though one could argue
that's putting perfection before progress).<br>
> <br>
> On Tue, May 6, 2025 at 1:29 PM michaelof--- via
Clonezilla-live <<a
href="mailto:clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">clo...@li...</a>
<mailto:<a
href="mailto:clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">clo...@li...</a>>>
wrote:<br>
> <br>
> I assumed the same, but if this true and in case this
uncrypted communication is NOT documented - maybe I've just
not found it - it would IMHO be worth to add this to the docs.
E.g. with a warning "Use direct cloning only on LANs!" or
similar.<br>
> <br>
> <br>
> Just a remark: ** IF ** live cloning with sufficient
encryption would be possible, it would be IMHO a cool feature
and would be make the following use case for VPS possible:<br>
> <br>
> "Move" a "VPS old" to "VPS new", by using Clonezilla
Live in both VPS simultaneously. Needed from time to time, if.
e.g hosting company offers no "upgrade path" from VPS type A
to B, if you want to upgrade/modernize your VPS. Happens
frequently. Similar if hosting company increase prices etc.,
and you want to move to a different company.<br>
> - Very frequently VPS have only exactly one virtual
hdd<br>
> - Means, at least AFAIK, no chance to use a local
partimag, both on "old" or "new". I've tried to store the
image locally on "old", didn't work as I found no way to
"tell" Clonezilla to exclude the "partimag" Partition. LVM LV
in my case. Recursion errors by Clonezilla Live. Tried also to
use Clonezilla Live on "old", storing the image via SSH to
"new", "new" not Clonezilla Live, but "normal" Linux (mainly
hoster's default VPS images based). Imaging then (of course)
works fine, but NO IDEA how to tell Clonezilla Live in 2nd
step to "restore" from local partimag.. hen and egg :) Remark.
In my case I always had enough disk space available for all
these operations.<br>
> <br>
> I've solved this always by device to image, writing
via SSH to my PC @home, and afterwards restore to device,
reading via SSH from my PC @home. Works (of course, Clonezilla
is pretty stable :), but is naturally MUCH slower than data
center "old" to data center "new", or even within same data
center...<br>
> <br>
> <br>
> <br>
> Am 06.05.25 um 19:27 schrieb James Epp:<br>
> > I'm only responding to say that's an excellent
question I don't have an answer for but maybe I could try to
test that and inspect the traffic to see if there's a way to
tell. From a purely academic point of view though, I would
warn that unless you are manually typing in encryption keys on
both ends or some similar form of manual authentication
there's really no good way to prevent a MITM attack (at least
not from a modern "end to end" perspective).<br>
> ><br>
> > On Tue, May 6, 2025 at 10:40 AM michaelof---
via Clonezilla-live <<a
href="mailto:clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">clo...@li...</a>
<mailto:<a
href="mailto:clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">clo...@li...</a>>
<mailto:<a
href="mailto:clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">clo...@li...</a>
<mailto:<a
href="mailto:clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">clo...@li...</a>>>>
wrote:<br>
> ><br>
> > Hi all,<br>
> ><br>
> ><br>
> > haven't found anything in avail. docs and
mailing list archives:<br>
> ><br>
> > If I do a remote cloning via Clonezilla
live, one machine as remote-dest, one as remote-source, which
type of network communication is this using. Is there any
encryption between these two machines?<br>
> ><br>
> ><br>
> > Thanks,<br>
> > Michael<br>
> ><br>
> ><br>
> >
_______________________________________________<br>
> > Clonezilla-live mailing list<br>
> > <a
href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a>
<mailto:<a
href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a>>
<mailto:<a
href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a>
<mailto:<a
href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a>>><br>
> > <a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>
<<a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>>
<<a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>
<<a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>>><br>
> ><br>
> <br>
> <br>
> <br>
> _______________________________________________<br>
> Clonezilla-live mailing list<br>
> <a
href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a>
<mailto:<a
href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a>><br>
> <a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>
<<a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>><br>
> <br>
<br>
<br>
<br>
_______________________________________________<br>
Clonezilla-live mailing list<br>
<a href="mailto:Clo...@li..."
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Clo...@li...</a><br>
<a
href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a><br>
</blockquote>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre wrap="" class="moz-quote-pre">_______________________________________________
Clonezilla-live mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Clo...@li...">Clo...@li...</a>
<a class="moz-txt-link-freetext" href="https://lists.sourceforge.net/lists/listinfo/clonezilla-live">https://lists.sourceforge.net/lists/listinfo/clonezilla-live</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Robert K Coffman Jr.
Info From Data Corp.
3307249000
<a class="moz-txt-link-abbreviated" href="mailto:su...@in...">su...@in...</a></pre>
</body>
</html>
|
|
From: <mic...@ro...> - 2025-05-08 12:27:35
|
Clonezilla Live Images have sshd included, as a Cloning from Clonzilla Live to a partimag on remote location accessible via ssh is possible. But this is from a Clonezilla perspective OUTGOING only. On the remote site there would be no Clonezilla Live, but whatever OS being able to server as SSH tunnel endpoint. Just brainstorming: One way to use an SSH tunnel between two Clonezilla Live instances, where already as of of now manual intervention is always neccesary, would be to "exchange" an ssh public key remotely. As of now, in this CLL (Clonezilla Live) to CLL scenario, you have to switch the CLL receiving the image (I always forget which side is remote-source and remote-dest :)) into "ready for connection mode", where in the mentioned script netcat has started, opened a socket, and listens. Then you have to enter on the other site, where the to be cloned device resides, the URL/IP/port etc. information abouit the waiting site. Exactly here could some steps be added: - sending site would use ssh_keygen to create a key pair for current CLL OS user. - Result would be the PUBLIC key, which the waiting site would need - Waiting site woud take the public key from previuos step, and add to ~/.ssh/authorized_keys for the current CLL OS user on the waiting site. From than on, sending site could connect via ssh, key based, getting an encrypted tunnel for the subsequent sending. Restriction IMHO is probably the "handshake": In the mentioned VPS to VPS scenario, in assumed 99% percent of cases CLL means rescue system, DVD/ISO booted CLL or similar. And access to CLL via VNC, more and more (only) browser based, from hosting companys' offered customer control panels. Means: a) no issue from a security perspective, if VNC connection is encrypted, also b) BUT: In most of the cases I'm aware of *** NO *** copy&paste would be possible. And "exchanging" public ssh keys by TYPING them into a remote VNC terminal is a pain in the neck, IMHO :D Am 07.05.25 um 20:12 schrieb James Epp: > Honestly I hadn't thought too strictly in terms of necessitating the encryption to occur within clonezilla but seeing as we're on the *clonezilla* mailing list I suppose that would be a fair restriction to apply (if nothing else for the sake of refining a potential feature request). > > Again, SSH tunneling may be *an* approach here. I could've sworn the live env has SSH built-in but whether that would work I don't know. Just skimming the usage section of the code you link to, my brain wanders towards some drop-in replacement for netcat that would work for the -np option (or in a different but similar vein, the --net-filter option). > > I'm well outside my expertise at this point. > > On Wed, May 7, 2025 at 11:17 AM michaelof--- via Clonezilla-live <clo...@li... <mailto:clo...@li...>> wrote: > > VPN would be of course a good idea, but as we have two Clonezilla Live instances here, means "including" operating system, not "only" Clonezilla, the VPN must be included/prepared by Clonzilla "within" e.g the ISO. > > BUT thinking about this I strongly assume that your first remarks reg. auth/enc keys are the key to the answer of my question :) > > I've looked into the source code, and if I got it right, this file (https://github.com/stevenshiau/clonezilla/blob/62e404d8f1d8a4619cf116dac3598036f81e61a4/sbin/ocs-onthefly <https://github.com/stevenshiau/clonezilla/blob/62e404d8f1d8a4619cf116dac3598036f81e61a4/sbin/ocs-onthefly>) is the relevant script. Which uses netcat (https://manpages.org/nc <https://manpages.org/nc>), means UENCRYPTED. > > > > > Am 07.05.25 um 14:43 schrieb James Epp: > > I haven't done any testing (yet) but a couple more thoughts on the subject: > > > > 1. I am not super skilled with network analysis. I will not be able to tell just by looking at data streams whether the data is compressed, encrypted, or both. Clonezilla almost certainly compresses blocks in transit, so I probably won't be able to tell much from that angle. > > > > 2. If you trust the LANs in both your source and target networks/providers, you could consider doing something like a VPN tunnel using any number of different technologies/protocols. That would probably remove *most* of the risk you're exposed to (because presumably you trust the provider to not intercept/eavesdrop on your traffic as a customer). > > > > 3. In terms of this evolving into a feature request, maybe SSH tunneling is a method here but again we still face the challenge of needing to authenticate the machines with one another which is easier said than done (though one could argue that's putting perfection before progress). > > > > On Tue, May 6, 2025 at 1:29 PM michaelof--- via Clonezilla-live <clo...@li... <mailto:clo...@li...> <mailto:clo...@li... <mailto:clo...@li...>>> wrote: > > > > I assumed the same, but if this true and in case this uncrypted communication is NOT documented - maybe I've just not found it - it would IMHO be worth to add this to the docs. E.g. with a warning "Use direct cloning only on LANs!" or similar. > > > > > > Just a remark: ** IF ** live cloning with sufficient encryption would be possible, it would be IMHO a cool feature and would be make the following use case for VPS possible: > > > > "Move" a "VPS old" to "VPS new", by using Clonezilla Live in both VPS simultaneously. Needed from time to time, if. e.g hosting company offers no "upgrade path" from VPS type A to B, if you want to upgrade/modernize your VPS. Happens frequently. Similar if hosting company increase prices etc., and you want to move to a different company. > > - Very frequently VPS have only exactly one virtual hdd > > - Means, at least AFAIK, no chance to use a local partimag, both on "old" or "new". I've tried to store the image locally on "old", didn't work as I found no way to "tell" Clonezilla to exclude the "partimag" Partition. LVM LV in my case. Recursion errors by Clonezilla Live. Tried also to use Clonezilla Live on "old", storing the image via SSH to "new", "new" not Clonezilla Live, but "normal" Linux (mainly hoster's default VPS images based). Imaging then (of course) works fine, but NO IDEA how to tell Clonezilla Live in 2nd step to "restore" from local partimag.. hen and egg :) Remark. In my case I always had enough disk space available for all these operations. > > > > I've solved this always by device to image, writing via SSH to my PC @home, and afterwards restore to device, reading via SSH from my PC @home. Works (of course, Clonezilla is pretty stable :), but is naturally MUCH slower than data center "old" to data center "new", or even within same data center... > > > > > > > > Am 06.05.25 um 19:27 schrieb James Epp: > > > I'm only responding to say that's an excellent question I don't have an answer for but maybe I could try to test that and inspect the traffic to see if there's a way to tell. From a purely academic point of view though, I would warn that unless you are manually typing in encryption keys on both ends or some similar form of manual authentication there's really no good way to prevent a MITM attack (at least not from a modern "end to end" perspective). > > > > > > On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live <clo...@li... <mailto:clo...@li...> <mailto:clo...@li... <mailto:clo...@li...>> <mailto:clo...@li... <mailto:clo...@li...> <mailto:clo...@li... <mailto:clo...@li...>>>> wrote: > > > > > > Hi all, > > > > > > > > > haven't found anything in avail. docs and mailing list archives: > > > > > > If I do a remote cloning via Clonezilla live, one machine as remote-dest, one as remote-source, which type of network communication is this using. Is there any encryption between these two machines? > > > > > > > > > Thanks, > > > Michael > > > > > > > > > _______________________________________________ > > > Clonezilla-live mailing list > > > Clo...@li... <mailto:Clo...@li...> <mailto:Clo...@li... <mailto:Clo...@li...>> <mailto:Clo...@li... <mailto:Clo...@li...> <mailto:Clo...@li... <mailto:Clo...@li...>>> > > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> <https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live>> <https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> <https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live>>> > > > > > > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... <mailto:Clo...@li...> <mailto:Clo...@li... <mailto:Clo...@li...>> > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> <https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live>> > > > > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... <mailto:Clo...@li...> > https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> > |
|
From: James E. <jam...@gm...> - 2025-05-07 18:13:20
|
Honestly I hadn't thought too strictly in terms of necessitating the encryption to occur within clonezilla but seeing as we're on the *clonezilla* mailing list I suppose that would be a fair restriction to apply (if nothing else for the sake of refining a potential feature request). Again, SSH tunneling may be *an* approach here. I could've sworn the live env has SSH built-in but whether that would work I don't know. Just skimming the usage section of the code you link to, my brain wanders towards some drop-in replacement for netcat that would work for the -np option (or in a different but similar vein, the --net-filter option). I'm well outside my expertise at this point. On Wed, May 7, 2025 at 11:17 AM michaelof--- via Clonezilla-live < clo...@li...> wrote: > VPN would be of course a good idea, but as we have two Clonezilla Live > instances here, means "including" operating system, not "only" Clonezilla, > the VPN must be included/prepared by Clonzilla "within" e.g the ISO. > > BUT thinking about this I strongly assume that your first remarks reg. > auth/enc keys are the key to the answer of my question :) > > I've looked into the source code, and if I got it right, this file ( > https://github.com/stevenshiau/clonezilla/blob/62e404d8f1d8a4619cf116dac3598036f81e61a4/sbin/ocs-onthefly) > is the relevant script. Which uses netcat (https://manpages.org/nc), > means UENCRYPTED. > > > > > Am 07.05.25 um 14:43 schrieb James Epp: > > I haven't done any testing (yet) but a couple more thoughts on the > subject: > > > > 1. I am not super skilled with network analysis. I will not be able to > tell just by looking at data streams whether the data is compressed, > encrypted, or both. Clonezilla almost certainly compresses blocks in > transit, so I probably won't be able to tell much from that angle. > > > > 2. If you trust the LANs in both your source and target > networks/providers, you could consider doing something like a VPN tunnel > using any number of different technologies/protocols. That would probably > remove *most* of the risk you're exposed to (because presumably you trust > the provider to not intercept/eavesdrop on your traffic as a customer). > > > > 3. In terms of this evolving into a feature request, maybe SSH tunneling > is a method here but again we still face the challenge of needing to > authenticate the machines with one another which is easier said than done > (though one could argue that's putting perfection before progress). > > > > On Tue, May 6, 2025 at 1:29 PM michaelof--- via Clonezilla-live < > clo...@li... <mailto: > clo...@li...>> wrote: > > > > I assumed the same, but if this true and in case this uncrypted > communication is NOT documented - maybe I've just not found it - it would > IMHO be worth to add this to the docs. E.g. with a warning "Use direct > cloning only on LANs!" or similar. > > > > > > Just a remark: ** IF ** live cloning with sufficient encryption > would be possible, it would be IMHO a cool feature and would be make the > following use case for VPS possible: > > > > "Move" a "VPS old" to "VPS new", by using Clonezilla Live in both > VPS simultaneously. Needed from time to time, if. e.g hosting company > offers no "upgrade path" from VPS type A to B, if you want to > upgrade/modernize your VPS. Happens frequently. Similar if hosting company > increase prices etc., and you want to move to a different company. > > - Very frequently VPS have only exactly one virtual hdd > > - Means, at least AFAIK, no chance to use a local partimag, both on > "old" or "new". I've tried to store the image locally on "old", didn't work > as I found no way to "tell" Clonezilla to exclude the "partimag" Partition. > LVM LV in my case. Recursion errors by Clonezilla Live. Tried also to use > Clonezilla Live on "old", storing the image via SSH to "new", "new" not > Clonezilla Live, but "normal" Linux (mainly hoster's default VPS images > based). Imaging then (of course) works fine, but NO IDEA how to tell > Clonezilla Live in 2nd step to "restore" from local partimag.. hen and egg > :) Remark. In my case I always had enough disk space available for all > these operations. > > > > I've solved this always by device to image, writing via SSH to my PC > @home, and afterwards restore to device, reading via SSH from my PC @home. > Works (of course, Clonezilla is pretty stable :), but is naturally MUCH > slower than data center "old" to data center "new", or even within same > data center... > > > > > > > > Am 06.05.25 um 19:27 schrieb James Epp: > > > I'm only responding to say that's an excellent question I don't > have an answer for but maybe I could try to test that and inspect the > traffic to see if there's a way to tell. From a purely academic point of > view though, I would warn that unless you are manually typing in encryption > keys on both ends or some similar form of manual authentication there's > really no good way to prevent a MITM attack (at least not from a modern > "end to end" perspective). > > > > > > On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live < > clo...@li... <mailto: > clo...@li...> <mailto: > clo...@li... <mailto: > clo...@li...>>> wrote: > > > > > > Hi all, > > > > > > > > > haven't found anything in avail. docs and mailing list > archives: > > > > > > If I do a remote cloning via Clonezilla live, one machine as > remote-dest, one as remote-source, which type of network communication is > this using. Is there any encryption between these two machines? > > > > > > > > > Thanks, > > > Michael > > > > > > > > > _______________________________________________ > > > Clonezilla-live mailing list > > > Clo...@li... <mailto: > Clo...@li...> <mailto: > Clo...@li... <mailto: > Clo...@li...>> > > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live < > https://lists.sourceforge.net/lists/listinfo/clonezilla-live> < > https://lists.sourceforge.net/lists/listinfo/clonezilla-live < > https://lists.sourceforge.net/lists/listinfo/clonezilla-live>> > > > > > > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... <mailto: > Clo...@li...> > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live < > https://lists.sourceforge.net/lists/listinfo/clonezilla-live> > > > > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live > |
|
From: <mic...@ro...> - 2025-05-07 16:15:43
|
VPN would be of course a good idea, but as we have two Clonezilla Live instances here, means "including" operating system, not "only" Clonezilla, the VPN must be included/prepared by Clonzilla "within" e.g the ISO. BUT thinking about this I strongly assume that your first remarks reg. auth/enc keys are the key to the answer of my question :) I've looked into the source code, and if I got it right, this file (https://github.com/stevenshiau/clonezilla/blob/62e404d8f1d8a4619cf116dac3598036f81e61a4/sbin/ocs-onthefly) is the relevant script. Which uses netcat (https://manpages.org/nc), means UENCRYPTED. Am 07.05.25 um 14:43 schrieb James Epp: > I haven't done any testing (yet) but a couple more thoughts on the subject: > > 1. I am not super skilled with network analysis. I will not be able to tell just by looking at data streams whether the data is compressed, encrypted, or both. Clonezilla almost certainly compresses blocks in transit, so I probably won't be able to tell much from that angle. > > 2. If you trust the LANs in both your source and target networks/providers, you could consider doing something like a VPN tunnel using any number of different technologies/protocols. That would probably remove *most* of the risk you're exposed to (because presumably you trust the provider to not intercept/eavesdrop on your traffic as a customer). > > 3. In terms of this evolving into a feature request, maybe SSH tunneling is a method here but again we still face the challenge of needing to authenticate the machines with one another which is easier said than done (though one could argue that's putting perfection before progress). > > On Tue, May 6, 2025 at 1:29 PM michaelof--- via Clonezilla-live <clo...@li... <mailto:clo...@li...>> wrote: > > I assumed the same, but if this true and in case this uncrypted communication is NOT documented - maybe I've just not found it - it would IMHO be worth to add this to the docs. E.g. with a warning "Use direct cloning only on LANs!" or similar. > > > Just a remark: ** IF ** live cloning with sufficient encryption would be possible, it would be IMHO a cool feature and would be make the following use case for VPS possible: > > "Move" a "VPS old" to "VPS new", by using Clonezilla Live in both VPS simultaneously. Needed from time to time, if. e.g hosting company offers no "upgrade path" from VPS type A to B, if you want to upgrade/modernize your VPS. Happens frequently. Similar if hosting company increase prices etc., and you want to move to a different company. > - Very frequently VPS have only exactly one virtual hdd > - Means, at least AFAIK, no chance to use a local partimag, both on "old" or "new". I've tried to store the image locally on "old", didn't work as I found no way to "tell" Clonezilla to exclude the "partimag" Partition. LVM LV in my case. Recursion errors by Clonezilla Live. Tried also to use Clonezilla Live on "old", storing the image via SSH to "new", "new" not Clonezilla Live, but "normal" Linux (mainly hoster's default VPS images based). Imaging then (of course) works fine, but NO IDEA how to tell Clonezilla Live in 2nd step to "restore" from local partimag.. hen and egg :) Remark. In my case I always had enough disk space available for all these operations. > > I've solved this always by device to image, writing via SSH to my PC @home, and afterwards restore to device, reading via SSH from my PC @home. Works (of course, Clonezilla is pretty stable :), but is naturally MUCH slower than data center "old" to data center "new", or even within same data center... > > > > Am 06.05.25 um 19:27 schrieb James Epp: > > I'm only responding to say that's an excellent question I don't have an answer for but maybe I could try to test that and inspect the traffic to see if there's a way to tell. From a purely academic point of view though, I would warn that unless you are manually typing in encryption keys on both ends or some similar form of manual authentication there's really no good way to prevent a MITM attack (at least not from a modern "end to end" perspective). > > > > On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live <clo...@li... <mailto:clo...@li...> <mailto:clo...@li... <mailto:clo...@li...>>> wrote: > > > > Hi all, > > > > > > haven't found anything in avail. docs and mailing list archives: > > > > If I do a remote cloning via Clonezilla live, one machine as remote-dest, one as remote-source, which type of network communication is this using. Is there any encryption between these two machines? > > > > > > Thanks, > > Michael > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... <mailto:Clo...@li...> <mailto:Clo...@li... <mailto:Clo...@li...>> > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> <https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live>> > > > > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... <mailto:Clo...@li...> > https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> > |
|
From: James E. <jam...@gm...> - 2025-05-07 12:44:31
|
I haven't done any testing (yet) but a couple more thoughts on the subject: 1. I am not super skilled with network analysis. I will not be able to tell just by looking at data streams whether the data is compressed, encrypted, or both. Clonezilla almost certainly compresses blocks in transit, so I probably won't be able to tell much from that angle. 2. If you trust the LANs in both your source and target networks/providers, you could consider doing something like a VPN tunnel using any number of different technologies/protocols. That would probably remove *most* of the risk you're exposed to (because presumably you trust the provider to not intercept/eavesdrop on your traffic as a customer). 3. In terms of this evolving into a feature request, maybe SSH tunneling is a method here but again we still face the challenge of needing to authenticate the machines with one another which is easier said than done (though one could argue that's putting perfection before progress). On Tue, May 6, 2025 at 1:29 PM michaelof--- via Clonezilla-live < clo...@li...> wrote: > I assumed the same, but if this true and in case this uncrypted > communication is NOT documented - maybe I've just not found it - it would > IMHO be worth to add this to the docs. E.g. with a warning "Use direct > cloning only on LANs!" or similar. > > > Just a remark: ** IF ** live cloning with sufficient encryption would be > possible, it would be IMHO a cool feature and would be make the following > use case for VPS possible: > > "Move" a "VPS old" to "VPS new", by using Clonezilla Live in both VPS > simultaneously. Needed from time to time, if. e.g hosting company offers no > "upgrade path" from VPS type A to B, if you want to upgrade/modernize your > VPS. Happens frequently. Similar if hosting company increase prices etc., > and you want to move to a different company. > - Very frequently VPS have only exactly one virtual hdd > - Means, at least AFAIK, no chance to use a local partimag, both on "old" > or "new". I've tried to store the image locally on "old", didn't work as I > found no way to "tell" Clonezilla to exclude the "partimag" Partition. LVM > LV in my case. Recursion errors by Clonezilla Live. Tried also to use > Clonezilla Live on "old", storing the image via SSH to "new", "new" not > Clonezilla Live, but "normal" Linux (mainly hoster's default VPS images > based). Imaging then (of course) works fine, but NO IDEA how to tell > Clonezilla Live in 2nd step to "restore" from local partimag.. hen and egg > :) Remark. In my case I always had enough disk space available for all > these operations. > > I've solved this always by device to image, writing via SSH to my PC > @home, and afterwards restore to device, reading via SSH from my PC @home. > Works (of course, Clonezilla is pretty stable :), but is naturally MUCH > slower than data center "old" to data center "new", or even within same > data center... > > > > Am 06.05.25 um 19:27 schrieb James Epp: > > I'm only responding to say that's an excellent question I don't have an > answer for but maybe I could try to test that and inspect the traffic to > see if there's a way to tell. From a purely academic point of view though, > I would warn that unless you are manually typing in encryption keys on both > ends or some similar form of manual authentication there's really no good > way to prevent a MITM attack (at least not from a modern "end to end" > perspective). > > > > On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live < > clo...@li... <mailto: > clo...@li...>> wrote: > > > > Hi all, > > > > > > haven't found anything in avail. docs and mailing list archives: > > > > If I do a remote cloning via Clonezilla live, one machine as > remote-dest, one as remote-source, which type of network communication is > this using. Is there any encryption between these two machines? > > > > > > Thanks, > > Michael > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... <mailto: > Clo...@li...> > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live < > https://lists.sourceforge.net/lists/listinfo/clonezilla-live> > > > > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live > |
|
From: <mic...@ro...> - 2025-05-06 18:28:16
|
I assumed the same, but if this true and in case this uncrypted communication is NOT documented - maybe I've just not found it - it would IMHO be worth to add this to the docs. E.g. with a warning "Use direct cloning only on LANs!" or similar. Just a remark: ** IF ** live cloning with sufficient encryption would be possible, it would be IMHO a cool feature and would be make the following use case for VPS possible: "Move" a "VPS old" to "VPS new", by using Clonezilla Live in both VPS simultaneously. Needed from time to time, if. e.g hosting company offers no "upgrade path" from VPS type A to B, if you want to upgrade/modernize your VPS. Happens frequently. Similar if hosting company increase prices etc., and you want to move to a different company. - Very frequently VPS have only exactly one virtual hdd - Means, at least AFAIK, no chance to use a local partimag, both on "old" or "new". I've tried to store the image locally on "old", didn't work as I found no way to "tell" Clonezilla to exclude the "partimag" Partition. LVM LV in my case. Recursion errors by Clonezilla Live. Tried also to use Clonezilla Live on "old", storing the image via SSH to "new", "new" not Clonezilla Live, but "normal" Linux (mainly hoster's default VPS images based). Imaging then (of course) works fine, but NO IDEA how to tell Clonezilla Live in 2nd step to "restore" from local partimag.. hen and egg :) Remark. In my case I always had enough disk space available for all these operations. I've solved this always by device to image, writing via SSH to my PC @home, and afterwards restore to device, reading via SSH from my PC @home. Works (of course, Clonezilla is pretty stable :), but is naturally MUCH slower than data center "old" to data center "new", or even within same data center... Am 06.05.25 um 19:27 schrieb James Epp: > I'm only responding to say that's an excellent question I don't have an answer for but maybe I could try to test that and inspect the traffic to see if there's a way to tell. From a purely academic point of view though, I would warn that unless you are manually typing in encryption keys on both ends or some similar form of manual authentication there's really no good way to prevent a MITM attack (at least not from a modern "end to end" perspective). > > On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live <clo...@li... <mailto:clo...@li...>> wrote: > > Hi all, > > > haven't found anything in avail. docs and mailing list archives: > > If I do a remote cloning via Clonezilla live, one machine as remote-dest, one as remote-source, which type of network communication is this using. Is there any encryption between these two machines? > > > Thanks, > Michael > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... <mailto:Clo...@li...> > https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live> > |
|
From: James E. <jam...@gm...> - 2025-05-06 17:27:50
|
I'm only responding to say that's an excellent question I don't have an answer for but maybe I could try to test that and inspect the traffic to see if there's a way to tell. From a purely academic point of view though, I would warn that unless you are manually typing in encryption keys on both ends or some similar form of manual authentication there's really no good way to prevent a MITM attack (at least not from a modern "end to end" perspective). On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live < clo...@li...> wrote: > Hi all, > > > haven't found anything in avail. docs and mailing list archives: > > If I do a remote cloning via Clonezilla live, one machine as remote-dest, > one as remote-source, which type of network communication is this using. Is > there any encryption between these two machines? > > > Thanks, > Michael > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live > |
|
From: <mic...@ro...> - 2025-05-06 15:38:48
|
Hi all, haven't found anything in avail. docs and mailing list archives: If I do a remote cloning via Clonezilla live, one machine as remote-dest, one as remote-source, which type of network communication is this using. Is there any encryption between these two machines? Thanks, Michael |
|
From: Steven S. <st...@na...> - 2025-05-06 13:33:59
|
Stable Clonezilla live 3.2.1-28 is released. For more info, please check: https://sourceforge.net/p/clonezilla/news/2025/05/-stable-clonezilla-live-321-28-released/ Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Steven S. <st...@na...> - 2025-03-07 12:02:40
|
Stable Clonezilla live 3.2.1-9 is released. For more info, please check: https://sourceforge.net/p/clonezilla/news/2025/03/stable-clonezilla-live-321-9-released/ Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Steven S. <st...@na...> - 2024-10-15 03:49:40
|
Stable Clonezilla live 3.2.0-5 is released. For more info, please check: https://sourceforge.net/p/clonezilla/news/2024/10/stable-clonezilla-live-320-5-released/ Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Steven S. <st...@na...> - 2024-09-21 06:09:17
|
On 9/20/2024 6:08 AM, Dirk Meier via Clonezilla-live wrote: > Am Donnerstag, 19. September 2024, 13:15:20 CEST schrieb Steven Shiau: >> On 2024/9/19 16:49, Dirk Meier wrote: >>> I have tried Sys-Rescue-CD, OpenWRT and OpenSuse Leap 15.6. All of them >>> are >>> working on tne N100. >> So maybe you can try older Clonezilla live? You can compare the Linux >> kernel then choose the appropriate one. >> >> Steven > Thank you for the hint. > Recent Clonezille-live for AMD architecture works fine. Dude, you should always use Clonezilla live amd64 (x86-64) release. Nowadays the modern 64-bits x86 CPU, no matter it's from Intel or AMD, is well supported by the "amd64" release of Clonezilla live. We have mentioned that on Clonezilla live download webpage. Steven Steven > > -- > Dirk > > > > > _______________________________________________ > Clonezilla-live mailing list > Clo...@li... > https://lists.sourceforge.net/lists/listinfo/clonezilla-live -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Dirk M. <dir...@gm...> - 2024-09-19 22:08:17
|
Am Donnerstag, 19. September 2024, 13:15:20 CEST schrieb Steven Shiau: > On 2024/9/19 16:49, Dirk Meier wrote: > > I have tried Sys-Rescue-CD, OpenWRT and OpenSuse Leap 15.6. All of them > > are > > working on tne N100. > > So maybe you can try older Clonezilla live? You can compare the Linux > kernel then choose the appropriate one. > > Steven Thank you for the hint. Recent Clonezille-live for AMD architecture works fine. -- Dirk |
|
From: Steven S. <st...@na...> - 2024-09-19 11:15:59
|
On 2024/9/19 16:49, Dirk Meier wrote: > I have tried Sys-Rescue-CD, OpenWRT and OpenSuse Leap 15.6. All of them are > working on tne N100. So maybe you can try older Clonezilla live? You can compare the Linux kernel then choose the appropriate one. Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 |
|
From: Dirk M. <dir...@gm...> - 2024-09-19 08:50:29
|
Am Donnerstag, 19. September 2024, 08:34:13 CEST schrieb Steven Shiau: > On 9/18/2024 1:24 AM, Dirk Meier via Clonezilla-live wrote: > > Hello, > > a new mini-pc boots fine with sys-rescue-cd on usb-stick, but only shows > > first menu-screen of clonezilla 3.1.3-16 on usb-Stick. After choosing > > first item clonezilla-live VGA 800x600 the monitor blanks and nothing > > other happens. Even failsafe mode shows the same behavior. > > PC is Intel N100 based Hunsn RJ53 with 8 GB RAM an 128 GB nvme SSD. > > Clonezilla 3.1.3-16 USB-Stick works fine on other intel PC. > > Is it a general problem with N100? > > Not sure. Do you know any GNU/Linux works on the N100 machine? > > Steven > > > Any help? > > > > Dirk > > > > > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live |
|
From: Dirk M. <dir...@gm...> - 2024-09-19 08:50:18
|
Am Donnerstag, 19. September 2024, 08:34:13 CEST schrieb Steven Shiau: > On 9/18/2024 1:24 AM, Dirk Meier via Clonezilla-live wrote: > > Hello, > > a new mini-pc boots fine with sys-rescue-cd on usb-stick, but only shows > > first menu-screen of clonezilla 3.1.3-16 on usb-Stick. After choosing > > first item clonezilla-live VGA 800x600 the monitor blanks and nothing > > other happens. Even failsafe mode shows the same behavior. > > PC is Intel N100 based Hunsn RJ53 with 8 GB RAM an 128 GB nvme SSD. > > Clonezilla 3.1.3-16 USB-Stick works fine on other intel PC. > > Is it a general problem with N100? > > Not sure. Do you know any GNU/Linux works on the N100 machine? > > Steven > > > Any help? > > > > Dirk > > > > > > > > > > _______________________________________________ > > Clonezilla-live mailing list > > Clo...@li... > > https://lists.sourceforge.net/lists/listinfo/clonezilla-live I have tried Sys-Rescue-CD, OpenWRT and OpenSuse Leap 15.6. All of them are working on tne N100. -- Dirk |
4 messages has been excluded from this view by a project administrator.
