Backing up your Tails persistence data in under 5 minutes

Yes I know, nobody likes making backups. But imagine if you would suddenly loose your Tails USB stick. You would also loose access to your market account, all your bitcoins, your PGP key, . . .

This sucks even more if you are a vendor. So please take five minutes to make a backup with the following steps. Since there is no official way of doing it, I wrote up a small guide. It is just copying the commands and it really does not take longer than the 5 minutes. I have done the process below several times and could restore the persistence folder, electrum, all pgp keys and my bookmarks successfully. If you have any issues with it please make a comment here or message me.


Backing up your persistence data

Reboot Tails and select "Yes" for the More Options question on the Tails greeting screen and enter the password for your persistence volume. Click on "Forward" and set an administrator password. It does not have to be that strong because it will be only used for this session. Confirm by clicking on "Login".

When you are on your Tails desktop, click on "Applications" the top left corner and go to the category "System Tools". Select the "Root Terminal" entry and enter the root password you have previously set.

Now enter the commands one after another by copying them and then right click in the root terminal and select "Paste", after that press enter. Wait after each one till it is finished, i.e. the last line of the root terminal (at the bottom) starts with "root@amnesia:".

cd /live/persistence/TailsData_unlocked/

This goes into the directory where all your persistence files are stored.

tar cjf - . | gpg --cipher-algo AES -c - > /home/amnesia/YYYY-MM-DD-backup.tbz2.gpg

This backs up all files in that directory and pushes them into a file called YYYY-MM-DD-backup.tbz2.gpg in your persistence file folder. Replace the date placeholders with the actual current date so you later know when you made this backup just by looking at the filename (e.g. 2017-02-11-backup.tbz2.gpg).

After you press enter it will prompt you for a password. Choose a strong one because if law enforcement can guess it, they have all the evidence they need laid out in front of them. Note: when you enter it, the characters will not appear in the terminal. Just enter your password, press enter, confirm it by entering it again and press enter again.

cd /home/amnesia/

This goes into your home directory.

chmod ugo+rw YYYY-MM-DD-backup.tbz2.gpg

This makes it possible for every user to read and write the backup file. It is necessary because you created the backup file as root and only he would be able to read and write the file. That does not mean that everybody can read the content of your encrypted backup, it just allows you to copy it to your USB stick in the next step. The content of the backup is still only readable if you know the password you set earlier.

Note: you can press TAB once to use the autocomplete function. That means just type the beginning of the long backup filename (e.g. "2017-") and then press TAB. That will add the rest of the filename to your command.

Almost done! Now just plug in your USB stick on which you want to store the backup file (it does not need additional encryption because the backup file is already encrypted itself). Then go into your home directory (by clicking on "Home" on your Tails desktop) where you will see the backup file. Copy it to your USB stick that you plugged in by clicking on the name of your USB stick on the left sidebar and then pasting the backup file.

However, it would be a shame if you lost your Tails USB stick but think you at least got a backup of it, just to later discover that there is a problem with it and you really lost all your data permanently. This would suck, so invest one more minute in checking if the backup was successfully:

If that is the case you can delete the YYYY-MM-DD-backup.tbz2.gpg and the YYYY-MM-DD-backup.tbz2 file from your Persistence folder, but do not delete the YYYY-MM-DD-backup.tbz2.gpg file from the USB stick.

Remember to stash your USB stick with the backup somewhere safe where nobody will find it easily but you can still retrieve it after your properties got searched and your assets seized.


Restoring your persistence data

Now if the worst case happens and you loose your Tails USB stick or it gets destroyed you have to do the following to restore your data. Create a new Tails USB stick and enable the persistence volume on it. Make sure that you enabled the persistent volume for the exact same categories as you had on your old one (e.g. they should be Personal Data, GnuPG, Network Connections (if you used WiFi), Browser bookmarks and Bitcoin Client).

Reboot Tails and set a root password as described above.

When you are on your Tails desktop, click on "Home" and select your USB stick from the left sidebar of the file explorer window. After you left clicked on the USB stick you will see the content of it, it should contain the backup file (YYYY-MM-DD-backup.tbz2.gpg). Now hover over the entry of your USB stick on the left sidebar and you should see where it is mounted, e.g. if your USB stick is called "backup", the path should be "/live/amnesia/backup". Remember that path.

Then start the root terminal as described above.

Now enter the commands one after another by copying them and then right click in the root terminal and select "Paste", after that press enter. Wait after each one till it is finished, i.e. the last line of the root terminal (at the bottom) starts with "root@amnesia:".

cd /live/persistence/

This goes into the directory where all your persistence files are stored.

rm -r TailsData_unlocked/*

This removes all files currently stored on your persistence volume since you want to replace them with your old ones from the backup).

cd TailsData_unlocked

This goes into the directory where all your persistence files were stored.

cp /live/amnesia/backup/YYYY-MM-DD-backup.tbz2.gpg ./

This copies the backup file from your backup USB stick (which is called "backup" in this example) to the directory where all your persistence files were stored. There may be some issues if your USB stick name contains spaces or other special characters. In that case copy the backup file to your home folder (using the file browser) and then enter the command "cp /home/amnesia/YYYY-MM-DD-backup.tbz2.gpg ./" instead of the above.

gpg -o backup.tbz2 --decrypt YYYY-MM-DD-backup.tbz2.gpg

This decrypts the backup file, enter the password for it in the terminal when asked for it.

tar xvjf backup.tbz2

This extracts the files from the decrypted archive.

rm YYYY-MM-DD-backup.tbz2.gpg

This removes the encrypted backup file from your current directory because you do not need it any more.

rm backup.tbz2

This removes the decrypted backup file from your current directory because you do not need it any more.

Now reboot Tails and see if you have your old files back by:

If you get an error that the clock failed to synchronize (your old data should still be recovered) just reboot Tails and you should be able to connect to the internet again.


Comments


[2 Points] None:

why dont you have two usbs with tails running persistence.


[1 Points] CannaDickThrowAway:

I use a program called USBit to make an image of the Tails USB. It makes an exact image so you can write the image (including persistence) to a new usb. I keep 2 up to date Tails USBs plus the image for total safety. I make new images if the info on Tails changes. Very easy and safe.


[1 Points] None:

[deleted]


[1 Points] None:

SQUUUUUWK


[1 Points] None:

I just drag my files from tails data unlocked to the usb i want it on. Seems to work every time.


[1 Points] tripdawg420:

doing this now


[1 Points] lordredvampire:

I will use your post on my /r/opsec_101 and credited to you. Thanks!


[1 Points] lordredvampire:

Sticky this on /r/DarkNetMarketsNoobs/


[1 Points] DooshNozzzle:

dude all you have to do is open up a 2nd USB running tails then plug in the old one that you want to copy. then...

applications

utilities

disks,

then open it up and copy/paste all of the files.

all this command prompt/ terminal command bullshit is time consuming and complicated.


[1 Points] Joeblow123123:

/u/wombat2combat Ever since following this guide I have recieved the Clock failed to sychronize ERROR everytime I use one of my obfs4 bridges! This happens no matter how many times I reboot!!!!