On Passwords and Backups…

So I got a NAS and moved my server RAID disks from the server to the NAS.

First things first – take a complete backup of the server onto a shiny new 4TB external disk. Encrypted, of course, as it contains some sensitive data. As I’m using Linux, I used LUKS to do a full-disk encryption.

Next, move the disks from the server to the NAS and set up the NAS. This includes reformatting the disk and installing some NAS-specific software on them.

Finally, mount the backup disk again and copy the data from the backup onto the NAS.

Wait, what, invalid password?

Ok, so a million tries later, various patches to various automated hacking utlities, and still no joy. To say I was devastated is an understatement; yes, a large amount of data was also on other media, but this was the definitive copy and contained a lot of less critical data not stored elsewhere.

It eventually turned out that when I originally entered the LUKS password, my keyboard was set to another layout and hence the password contained some “interesting” characters.. Long story short, I regained access to the data after 36 stressful hours.

But this leads me to write down some golden rules for password management and backups again:

  1. Ensure the new password you THINK you’re typing is the password you’re ACTUALLY typing.
  2. Ensure your backup works before reformatting the source disks.