On Passwords and Backups…

So I got a NAS and moved my server RAID disks from the server to the NAS.

First things first – take a complete backup of the server onto a shiny new 4TB external disk. Encrypted, of course, as it contains some sensitive data. As I’m using Linux, I used LUKS to do a full-disk encryption.

Next, move the disks from the server to the NAS and set up the NAS. This includes reformatting the disk and installing some NAS-specific software on them.

Finally, mount the backup disk again and copy the data from the backup onto the NAS.

Wait, what, invalid password?

Ok, so a million tries later, various patches to various automated hacking utlities, and still no joy. To say I was devastated is an understatement; yes, a large amount of data was also on other media, but this was the definitive copy and containedĀ a lot of less critical data not stored elsewhere.

It eventually turned out that when I originally entered the LUKS password, my keyboard was set to another layout and hence the password contained some “interesting” characters.. Long story short, IĀ regained access to the data after 36 stressful hours.

But this leads me to write down some golden rules for password management and backups again:

  1. Ensure the new password you THINK you’re typing is the password you’re ACTUALLY typing.
  2. Ensure your backup works before reformatting the source disks.