{"id":405,"date":"2018-01-13T23:54:35","date_gmt":"2018-01-13T23:54:35","guid":{"rendered":"https:\/\/www.micha.name\/blog\/?p=405"},"modified":"2018-01-13T23:54:35","modified_gmt":"2018-01-13T23:54:35","slug":"on-passwords-and-backups","status":"publish","type":"post","link":"https:\/\/www.micha.name\/blog\/2018\/01\/13\/on-passwords-and-backups\/","title":{"rendered":"On Passwords and Backups&#8230;"},"content":{"rendered":"<p>So I got a NAS and moved my server RAID disks from the server to the NAS.<\/p>\n<p>First things first &#8211; take a complete backup of the server onto a shiny new 4TB external disk. Encrypted, of course, as it contains some sensitive data. As I&#8217;m using Linux, I used LUKS to do a full-disk encryption.<\/p>\n<p>Next, move the disks from the server to the NAS and set up the NAS. This includes reformatting the disk and installing some NAS-specific software on them.<\/p>\n<p>Finally, mount the backup disk again and copy the data from the backup onto the NAS.<\/p>\n<p><em><strong>Wait, what, invalid password?<\/strong><\/em><\/p>\n<p>Ok, so a million tries later, various patches to various automated hacking utlities, and still no joy. To say I was devastated is an understatement; yes, a large amount of data was also on other media, but this was the definitive copy and contained\u00a0a lot of less critical data not stored elsewhere.<\/p>\n<p>It eventually turned out that when I originally entered the LUKS password, my keyboard was set to another layout and hence the password contained some &#8220;interesting&#8221; characters.. Long story short, I\u00a0regained access to the data after 36 stressful hours.<\/p>\n<p>But this leads me to write down some golden rules for password management and backups again:<\/p>\n<ol>\n<li>Ensure the new password you THINK you&#8217;re typing is the password you&#8217;re ACTUALLY typing.<\/li>\n<li>Ensure your backup works before reformatting the source disks.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>TL;DR: ensure backups work before reusing the source disks and double-check your passwords!<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[11],"tags":[68,67],"_links":{"self":[{"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/posts\/405"}],"collection":[{"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/comments?post=405"}],"version-history":[{"count":1,"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/posts\/405\/revisions"}],"predecessor-version":[{"id":407,"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/posts\/405\/revisions\/407"}],"wp:attachment":[{"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/media?parent=405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/categories?post=405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.micha.name\/blog\/wp-json\/wp\/v2\/tags?post=405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}