diff --git a/user/common-tasks/backup-emergency-restore-v2.md b/user/common-tasks/backup-emergency-restore-v2.md index 159607f7..6c03bd3e 100644 --- a/user/common-tasks/backup-emergency-restore-v2.md +++ b/user/common-tasks/backup-emergency-restore-v2.md @@ -68,7 +68,7 @@ encrypted and compressed. **Note:** For multi-part files, a loop can be used: ~~~ - for f in private.img.*; do + find -name 'private.img.*' | sort -V | while read f; do openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in $f -out ${f/.img/.img.dec} done diff --git a/user/common-tasks/backup-emergency-restore-v3.md b/user/common-tasks/backup-emergency-restore-v3.md index c2774ee9..2718b5d4 100644 --- a/user/common-tasks/backup-emergency-restore-v3.md +++ b/user/common-tasks/backup-emergency-restore-v3.md @@ -93,7 +93,7 @@ any GNU/Linux system with the following procedure. 5. Decrypt the `private.img` file. - [user@restore vm1]$ cat private.img.??? | openssl enc -d -pass pass:your_passphrase -aes-256-cbc -out private.img.dec + [user@restore vm1]$ find -name 'private.img.*[0-9]' | sort -V | xargs cat | openssl enc -d -pass pass:your_passphrase -aes-256-cbc -out private.img.dec **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. This diff --git a/user/common-tasks/backup-emergency-restore-v4.md b/user/common-tasks/backup-emergency-restore-v4.md index ec9731d4..fa607e78 100644 --- a/user/common-tasks/backup-emergency-restore-v4.md +++ b/user/common-tasks/backup-emergency-restore-v4.md @@ -145,39 +145,32 @@ Emergency Recovery Instructions [user@restore ~]$ backup_id=20161020T123455-1234 - 6. Verify the integrity of and decrypt the `private.img` file that houses your - data. + 6. Verify the integrity of your data, decrypt, decompress, and extract `private.img`: - [user@restore ~]$ for f_enc in vm1/private.img.???.enc; do \ + [user@restore ~]$ find vm1 -name 'private.img.*.enc' | sort -V | while read f_enc; do \ f_dec=${f_enc%.enc}; \ - echo "$backup_id!$f_dec!$backup_pass" | scrypt dec -P $f_enc $f_dec || break; \ - done - - **Note:** If this command fails, it is likely that the backup is corrupted - or has been tampered with. - - 7. Decompress and untar the decrypted `private.img` file. - - [user@restore ~]$ cat vm1/private.img.??? | gzip -d | tar -xv + echo "$backup_id!$f_dec!$backup_pass" | scrypt dec -P $f_enc || break; \ + done | gzip -d | tar -xv vm1/private.img + If this pipeline fails, it is likely that the backup is corrupted or has + been tampered with. + **Note:** If your backup was compressed with a program other than `gzip`, - you must substitute the correct compression program. This information is - contained in `backup-header` (see step 4). For example, if you used `bzip2`, - then you should do this: + you must substitute the correct compression program in the command above. + This information is contained in `backup-header` (see step 4). For example, + if your backup is compressed with `bzip2`, use `bzip2 -d` instead in the + command above. - [user@restore vm1]$ mv private.img.dec private.img.dec.bz2 - [user@restore vm1]$ bunzip2 private.img.dec.bz2 - - 8. Mount `private.img` and access your data. + 7. Mount `private.img` and access your data. [user@restore vm1]$ sudo mkdir /mnt/img [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/ [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt This data has been successfully recovered! - 9. Success! If you wish to recover data from more than one VM in your backup, - simply repeat steps 6--8 for each additional VM. + 8. Success! If you wish to recover data from more than one VM in your backup, + simply repeat steps 6 and 7 for each additional VM. **Note:** You may wish to store a copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure