=============================================
clone a physical disk to a virtual disk
using Virtualbox and a live CD
see my similar tutorial from 2017 here:
https://ubuntuforums.org/showthread.php?t=2360974
context
someone has an encrypted linux operative system in a physical hard drive
and wants to convert that to a virtual machine with a virtual hard drive (VDI)
you must have Virtualbox installed
=============================================
the new disk (VDI) must have the same number of partitions:
boot (not encrypted)
swap (luks encrypted)
root (luks encrypted)
this I am not sure
the partitions must be formatted the same (ext2, ext4, etc)
if the original partitions are encrypted, the cloned partitions must also be encrypted
use a live CD with the same architecture (32 bit or 64 bit)
=============================================
create the virtual disk
VBoxManage createhd --filename /home/user1/my-new-clone-disk.vdi --size 30000 --format VDI
note:
--size 30000 means 30GB
chmod 777 /home/user1/my-new-clone-disk.vdi
chown user1:user1 /home/user1/my-new-clone-disk.vdi
=============================================
partition the virtual disk
create a new virtual machine in Virtualbox with:
- the new virtual disk (VDI)
- the live CD (or a linux guest with the same architecture (32 bit or 64 bit))
start the virtual machine
=============================================
guest
if fedora, centoOS or similar
system-config-keyboard
dnf install openssh-server
dnf install cryptsetup
nano /etc/ssh/sshd_config
make appropriate changes
service sshd restart
passwd root
passwd "user" (to see the user name open the terminal and see after $)
ip a
if debian, ubuntu or similar
apt update
install openssh-server
cryptsetup: nao é preciso instalar, ja está
mousepad /etc/ssh/sshd_config
make appropriate changes
service sshd restart
passwd root
passwd "user" (to see the user name open the terminal and see after $)
ip a
in debian buster 10 if I change display resolution I won't be able to mount the encrypted mapped devices after, I don't know why
if you don't believe, change it, then run "ls /dev/mapper" and see only "control" appear and nothing else
=============================================
host, login via ssh to guest
ssh root@"guest-ip-address"
if the key already exists, remove it and enter ssh again with these two commands
ssh-keygen -f "/user1/.ssh/known_hosts" -R "guest-ip-address" && ssh root@"guest-ip-address"
=============================================
guest
list disks
fdisk -l
now we must format the virtual disk with the 3 partitions, just like the original disk
1 - boot
2 - swap
3 - root
but first, in the host, check where these 3 partitions start and end
host
parted /dev/sdx
(parted) u s [unit sectors]
(parted) p [print, the partition table: shows each partition start and end sectors]
(parted) q [quit]
guest
parted /dev/sdx
(parted) mklabel msdos ou mklabel gpt [same as the original disk in the host]
(parted) u s
(parted) mkpart
fill the same details (and start and end sectors, as in the host original disk)
do the same for swap and root partitions
when asking about ext2, etc, just choose ext4 for example, they will be luks formatted below anyway
set boot flag on partition boot (partition 1)
(parted) set 1 boot on
print the partition table
and check if it is the same as the partition table of the original disk (start and end sectors)
(parted) p
quit
(parted) q
=============================================
create filesystems
boot
mkfs.ext4 /dev/sdx1
if your original disk has boot in ext2, also do ext2 here, or ext3
swap
cryptsetup luksFormat --cipher aes-cbc-essiv:sha256 --verify-passphrase --key-size 256 /dev/sdx2
cryptsetup luksOpen /dev/sdx2 SWAP_crypt
mkswap /dev/mapper/SWAP_crypt
root
cryptsetup luksFormat --cipher aes-cbc-essiv:sha256 --verify-passphrase --key-size 256 /dev/sdx3
cryptsetup luksOpen /dev/sdx3 ROOT_crypt
mkfs.ext4 /dev/mapper/ROOT_crypt
see the mapped devices
ls /dev/mapper
mount
mount /dev/mapper/ROOT_crypt /mnt
observe that the directory /boot is excluded here:
rsync -aAXv -e "ssh -p 55555" root@"host-ip-address":/* /mnt/ --exclude={"/boot/*","/dev/*","home/user1/.cache/*","home/user1/.thumbnails/*","/lost+found","/media/*","/mnt/*","/proc/*","root/.cache/*","root/.thumbnails/*","/run/*","/sys/*","/tmp/*","/var/tmp/*"}
mount /dev/sdx1 /mnt/boot
rsync -aAXv -e "ssh -p 55555" root@"host-ip-address":/boot/* /mnt/boot/
=============================================
in fstab and crypttab, change:
sda2_crypt and sda3_crypt
to
SWAP_crypt and ROOT_crypt
nano /mnt/etc/fstab
nano /mnt/etc/crypttab
and update the partitions' UUID's
to know them just run
blkid
in fstab and crypttab, comment all eventual partitions that you wont mount on this cloned disk
this will prevent you from waiting when you boot onto the cloned system later
=============================================
nano /mnt/etc/initramfs-tools/conf.d/resume
change
RESUME=sda2_crypt
to
RESUME=SWAP_crypt
=============================================
chroot:
mount --bind /dev /mnt/dev
mount --bind /dev/pts /mnt/dev/pts
mount --bind /proc /mnt/proc
mount --bind /sys /mnt/sys
chroot /mnt
=============================================
update initramfs:
update-initramfs -u -k all
if these errors appears, just ignore them:
update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64
W: mkconf: MD subsystem is not loaded, thus I cannot scan for arrays.
W: mdadm: failed to auto-generate temporary mdadm.conf file.
=============================================
install grub:
grub-install /dev/sdx
update-grub
if errors like these appear, just ignore them:
WARNING: Device /dev/loop0 not initialized in udev database even after waiting 10000000 microseconds.
google showed:
these appear to be benign warning messages
though can burn up several minutes until the process terminates after the reported devices are probed repeatedly
=============================================
exit chroot:
exit
umount /mnt/dev/pts
umount /mnt/dev
umount /mnt/proc
umount /mnt/sys
umount /mnt/boot
umount /mnt
or
umount /mnt/dev/pts && sleep 1 && umount /mnt/dev && sleep 1 && umount /mnt/proc && sleep 1 && umount /mnt/sys && sleep 1 && umount /mnt/boot && sleep 1 && umount /mnt
shutdown -h now
remove live CD from the virtual machine settings
start the virtual machine
enjoy!
=============================================
notes
the new virtual machine with the cloned disk should boot properly in the first time
but, if on the second time it hangs while booting, in this message:
"a start job is running for /dev/mapper/cryptswap"
is because maybe you missed this step:
nano /mnt/etc/initramfs-tools/conf.d/resume
change
RESUME=sda2_crypt
to
RESUME=SWAP_crypt
in this case, shutdown the virtual machine
and try to start it several times until it starts well
it will after a few tries or even the next one
then, just disable swap by commenting it's line in fstab and crypttab
if this virtual machine will not be used often and is just to archive or system backup, etc
and then run
update-initramfs -u -k all
or recreate swap, if you prefer or you are going to use it often:
cryptsetup luksFormat --cipher aes-cbc-essiv:sha256 --verify-passphrase --key-size 256 /dev/sdx2
cryptsetup luksOpen /dev/sdx2 SWAP_crypt
mkswap /dev/mapper/SWAP_crypt
=============================================
thanks to Debian Forum members, especially p.H., who helped me on these two posts:
http://forums.debian.net/viewtopic.php?f=10&t=143279
http://forums.debian.net/viewtopic.p...51ecc4f5365c67
=============================================
improvements or suggestions are welcome!
=============================================
clone a physical disk to a virtual disk
using Virtualbox and a live CD
see my similar tutorial from 2017 here:
https://ubuntuforums.org/showthread.php?t=2360974
context
someone has an encrypted linux operative system in a physical hard drive
and wants to convert that to a virtual machine with a virtual hard drive (VDI)
you must have Virtualbox installed
=============================================
the new disk (VDI) must have the same number of partitions:
boot (not encrypted)
swap (luks encrypted)
root (luks encrypted)
this I am not sure
the partitions must be formatted the same (ext2, ext4, etc)
if the original partitions are encrypted, the cloned partitions must also be encrypted
use a live CD with the same architecture (32 bit or 64 bit)
=============================================
create the virtual disk
VBoxManage createhd --filename /home/user1/my-new-clone-disk.vdi --size 30000 --format VDI
note:
--size 30000 means 30GB
chmod 777 /home/user1/my-new-clone-disk.vdi
chown user1:user1 /home/user1/my-new-clone-disk.vdi
=============================================
partition the virtual disk
create a new virtual machine in Virtualbox with:
- the new virtual disk (VDI)
- the live CD (or a linux guest with the same architecture (32 bit or 64 bit))
start the virtual machine
=============================================
guest
if fedora, centoOS or similar
system-config-keyboard
dnf install openssh-server
dnf install cryptsetup
nano /etc/ssh/sshd_config
make appropriate changes
service sshd restart
passwd root
passwd "user" (to see the user name open the terminal and see after $)
ip a
if debian, ubuntu or similar
apt update
install openssh-server
cryptsetup: nao é preciso instalar, ja está
mousepad /etc/ssh/sshd_config
make appropriate changes
service sshd restart
passwd root
passwd "user" (to see the user name open the terminal and see after $)
ip a
in debian buster 10 if I change display resolution I won't be able to mount the encrypted mapped devices after, I don't know why
if you don't believe, change it, then run "ls /dev/mapper" and see only "control" appear and nothing else
=============================================
host, login via ssh to guest
ssh root@"guest-ip-address"
if the key already exists, remove it and enter ssh again with these two commands
ssh-keygen -f "/user1/.ssh/known_hosts" -R "guest-ip-address" && ssh root@"guest-ip-address"
=============================================
guest
list disks
fdisk -l
now we must format the virtual disk with the 3 partitions, just like the original disk
1 - boot
2 - swap
3 - root
but first, in the host, check where these 3 partitions start and end
host
parted /dev/sdx
(parted) u s [unit sectors]
(parted) p [print, the partition table: shows each partition start and end sectors]
(parted) q [quit]
guest
parted /dev/sdx
(parted) mklabel msdos ou mklabel gpt [same as the original disk in the host]
(parted) u s
(parted) mkpart
fill the same details (and start and end sectors, as in the host original disk)
do the same for swap and root partitions
when asking about ext2, etc, just choose ext4 for example, they will be luks formatted below anyway
set boot flag on partition boot (partition 1)
(parted) set 1 boot on
print the partition table
and check if it is the same as the partition table of the original disk (start and end sectors)
(parted) p
quit
(parted) q
=============================================
create filesystems
boot
mkfs.ext4 /dev/sdx1
if your original disk has boot in ext2, also do ext2 here, or ext3
swap
cryptsetup luksFormat --cipher aes-cbc-essiv:sha256 --verify-passphrase --key-size 256 /dev/sdx2
cryptsetup luksOpen /dev/sdx2 SWAP_crypt
mkswap /dev/mapper/SWAP_crypt
root
cryptsetup luksFormat --cipher aes-cbc-essiv:sha256 --verify-passphrase --key-size 256 /dev/sdx3
cryptsetup luksOpen /dev/sdx3 ROOT_crypt
mkfs.ext4 /dev/mapper/ROOT_crypt
see the mapped devices
ls /dev/mapper
mount
mount /dev/mapper/ROOT_crypt /mnt
observe that the directory /boot is excluded here:
rsync -aAXv -e "ssh -p 55555" root@"host-ip-address":/* /mnt/ --exclude={"/boot/*","/dev/*","home/user1/.cache/*","home/user1/.thumbnails/*","/lost+found","/media/*","/mnt/*","/proc/*","root/.cache/*","root/.thumbnails/*","/run/*","/sys/*","/tmp/*","/var/tmp/*"}
mount /dev/sdx1 /mnt/boot
rsync -aAXv -e "ssh -p 55555" root@"host-ip-address":/boot/* /mnt/boot/
=============================================
in fstab and crypttab, change:
sda2_crypt and sda3_crypt
to
SWAP_crypt and ROOT_crypt
nano /mnt/etc/fstab
nano /mnt/etc/crypttab
and update the partitions' UUID's
to know them just run
blkid
in fstab and crypttab, comment all eventual partitions that you wont mount on this cloned disk
this will prevent you from waiting when you boot onto the cloned system later
=============================================
nano /mnt/etc/initramfs-tools/conf.d/resume
change
RESUME=sda2_crypt
to
RESUME=SWAP_crypt
=============================================
chroot:
mount --bind /dev /mnt/dev
mount --bind /dev/pts /mnt/dev/pts
mount --bind /proc /mnt/proc
mount --bind /sys /mnt/sys
chroot /mnt
=============================================
update initramfs:
update-initramfs -u -k all
if these errors appears, just ignore them:
update-initramfs: Generating /boot/initrd.img-4.19.0-5-amd64
W: mkconf: MD subsystem is not loaded, thus I cannot scan for arrays.
W: mdadm: failed to auto-generate temporary mdadm.conf file.
=============================================
install grub:
grub-install /dev/sdx
update-grub
if errors like these appear, just ignore them:
WARNING: Device /dev/loop0 not initialized in udev database even after waiting 10000000 microseconds.
google showed:
these appear to be benign warning messages
though can burn up several minutes until the process terminates after the reported devices are probed repeatedly
=============================================
exit chroot:
exit
umount /mnt/dev/pts
umount /mnt/dev
umount /mnt/proc
umount /mnt/sys
umount /mnt/boot
umount /mnt
or
umount /mnt/dev/pts && sleep 1 && umount /mnt/dev && sleep 1 && umount /mnt/proc && sleep 1 && umount /mnt/sys && sleep 1 && umount /mnt/boot && sleep 1 && umount /mnt
shutdown -h now
remove live CD from the virtual machine settings
start the virtual machine
enjoy!
=============================================
notes
the new virtual machine with the cloned disk should boot properly in the first time
but, if on the second time it hangs while booting, in this message:
"a start job is running for /dev/mapper/cryptswap"
is because maybe you missed this step:
nano /mnt/etc/initramfs-tools/conf.d/resume
change
RESUME=sda2_crypt
to
RESUME=SWAP_crypt
in this case, shutdown the virtual machine
and try to start it several times until it starts well
it will after a few tries or even the next one
then, just disable swap by commenting it's line in fstab and crypttab
if this virtual machine will not be used often and is just to archive or system backup, etc
and then run
update-initramfs -u -k all
or recreate swap, if you prefer or you are going to use it often:
cryptsetup luksFormat --cipher aes-cbc-essiv:sha256 --verify-passphrase --key-size 256 /dev/sdx2
cryptsetup luksOpen /dev/sdx2 SWAP_crypt
mkswap /dev/mapper/SWAP_crypt
=============================================
thanks to Debian Forum members, especially p.H., who helped me on these two posts:
http://forums.debian.net/viewtopic.php?f=10&t=143279
http://forums.debian.net/viewtopic.p...51ecc4f5365c67
=============================================
improvements or suggestions are welcome!
=============================================