{"id":74169,"date":"2023-01-27T11:30:00","date_gmt":"2023-01-27T16:30:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=74169"},"modified":"2024-01-05T16:34:20","modified_gmt":"2024-01-05T21:34:20","slug":"how-to-back-up-luks-encrypted-device","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device","title":{"rendered":"How to Back Up &amp; Restore a LUKS Encrypted Device"},"content":{"rendered":"\n<p><a class=\"wp-block-cgb-button button\" href=\"#step1\">Jump to Tutorial<\/a><\/p>\n\n\n\n<p>LUKS (Linux Unified Key Setup) is the de facto standard for <a href=\"https:\/\/jumpcloud.com\/blog\/how-to-enable-full-disk-encryption-ubuntu-22-04\">enabling disk encryption on Linux<\/a>. It facilitates compatibility among distributions, and provides secure management of multiple user passwords. LUKS encrypts data at a disk-block level, thus allowing users to deploy any filesystem on top of the encrypted block device.&nbsp;<\/p>\n\n\n\n<p>LUKS encryption uses a header to store a device&#8217;s metadata. The header is usually placed at the beginning of the encrypted partition or raw block device and contains valuable information such as the cipher name and mode, key slots, SALT, and additional data that is used to encrypt and decrypt the device.<\/p>\n\n\n\n<p>Forgetting a passphrase or a password to a LUKS2 encrypted device results in data loss. A fully encrypted volume may lead to boot failure since decryption is not possible without the passphrase. There is no present way to recover a forgotten passphrase from a LUKS2 encrypted device. The key is encrypted and stored at the volume header.<\/p>\n\n\n\n<p>It\u2019s prudent to create a backup of your LUKS header in case something goes wrong, such as a corrupted header or hardware failure.<\/p>\n\n\n\n<p>In this tutorial, we\u2019ll install LUKS and encrypt a removable USB volume. We will then demonstrate how to back up and restore the LUKS volume header.<\/p>\n\n\n\n<figure class=\"image is-16by9\">\n<iframe class=\"has-ratio\" width=\"300\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/GAeXqnNpP4g?rel=0\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen=\"\"><\/iframe>\n<\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step1\"><strong>1. Install LUKS<\/strong><\/h2>\n\n\n\n<p>For demonstration, we will install LUKS on Ubuntu 22.04. We will then encrypt a removable USB drive, and backup and restore the header.<\/p>\n\n\n\n<p>Open terminal and update the packages lists and install the <strong>cryptsetup<\/strong> package as follows:<\/p>\n\n\n\n<p><code>$ sudo apt update<\/code><\/p>\n\n\n\n<p><code>$ sudo apt install cryptsetup<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"216\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/1-7.png\" alt=\"screenshot of code\" class=\"wp-image-74171\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/1-7.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/1-7-300x127.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step2\"><strong>2. Encrypt USB Volume with LUKS<\/strong><\/h2>\n\n\n\n<p>We already have an external USB volume connected to the Linux system. Your system will discover and mount the device by running the command:<\/p>\n\n\n\n<p><code>$ df -Th<\/code><\/p>\n\n\n\n<p>For our case, the device\u2019s file system is identified as <code>\/dev\/sdb<\/code><\/p>\n\n\n\n<p>Next, unmount the device. The unmount command syntax is <code>$ sudo unmount &lt;device|directory&gt;<\/code>&nbsp;<\/p>\n\n\n\n<p>In this example, type:<\/p>\n\n\n\n<p><code>$ sudo unmount \/dev\/sdb<\/code><\/p>\n\n\n\n<p>Next, wipe the filesystem from your device using the <code>wipefs <\/code>command as shown:<\/p>\n\n\n\n<p><code>$ sudo wipefs -a \/dev\/sdb<\/code><\/p>\n\n\n\n<p><strong>NOTE:<\/strong> Extreme caution should be taken when running this command. Be sure to verify the drive name\/path twice before pressing ENTER. An error can destroy your primary drive, leading to irrecoverable data.&nbsp;<\/p>\n\n\n\n<p>Once the file system has been wiped clean, proceed and encrypt the removable volume as shown:<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksFormat \/dev\/sdb<\/code><\/p>\n\n\n\n<p>This command will overwrite all the data on your volume. To carry on with the operation, type \u2018YES\u2019 in uppercase and hit ENTER. When prompted, provide the passphrase and confirm it.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"260\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/2-7.png\" alt=\"screenshot of code\" class=\"wp-image-74172\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/2-7.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/2-7-300x152.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>To confirm that the device has been encrypted, access it as shown. The <code>my-drive <\/code>parameter is simply a label which can be any arbitrary value.<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksOpen \/dev\/sdb my-drive<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"86\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/3-5.png\" alt=\"screenshot of code\" class=\"wp-image-74173\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/3-5.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/3-5-300x50.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>The above command creates the following mapper:&nbsp;<\/p>\n\n\n\n<p><code>\/dev\/mapper\/my-drive.&nbsp;<\/code><\/p>\n\n\n\n<p>You can confirm this by running the command:<\/p>\n\n\n\n<p><code>$ ls -l \/dev\/mapper\/my-drive<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"95\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/4-5.png\" alt=\"screenshot of code\" class=\"wp-image-74174\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/4-5.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/4-5-300x56.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>Next, you can create a filesystem on the volume. We selected the EXT4 filesystem on the drive; feel free to specify a different filesystem.<\/p>\n\n\n\n<p><code>$ sudo mkfs.ext4 \/dev\/mapper\/my-drive -L my-drive<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"164\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/5-5.png\" alt=\"screenshot of code\" class=\"wp-image-74175\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/5-5.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/5-5-300x96.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>Create a mount point and mount the drive as follows to access and store data on the drive.<\/p>\n\n\n\n<p><code>$ sudo mkdir \/mnt\/data<\/code><\/p>\n\n\n\n<p><code>$ sudo mount \/dev\/mapper\/my-drive&nbsp; \/mnt\/data<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"110\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/6-4.png\" alt=\"screenshot of code\" class=\"wp-image-74176\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/6-4.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/6-4-300x64.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step3\"><strong>3. Dump LUKS Header<\/strong><\/h2>\n\n\n\n<p>Use the following syntax to view all the contents of the header and dump the LUKS header information:<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksDump DEVICE<\/code><\/p>\n\n\n\n<p>In the following command, <code>\/dev\/sdb<\/code> is the encrypted device.<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksDump \/dev\/sdb<\/code><\/p>\n\n\n\n<p>This populates the following information about the encrypted volume:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"317\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/7-4.png\" alt=\"screenshot of code\" class=\"wp-image-74177\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/7-4.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/7-4-300x186.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>Only key slot 0 is in use, because we only added a single passphrase when encrypting the device. Encrypted LUKS volumes allow a total of eight key slots or passphrases for encrypted disks. This allows users to add passphrases or backup keys.<\/p>\n\n\n\n<p>We will add a backup key, which will result in the creation of an additional key slot.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step4\"><strong>4. Add a Backup Key<\/strong><\/h2>\n\n\n\n<p>Next, add a backup key using the <code>luksAddKey<\/code> parameter as shown to create an additional key slot:<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksAddKey &#8211;key-slot 1 \/dev\/sdb<\/code><\/p>\n\n\n\n<p>Be advised that you will be prompted for the passphrase of key slot 0 before adding the new one.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"104\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/8-4.png\" alt=\"screenshot of code\" class=\"wp-image-74178\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/8-4.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/8-4-300x61.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>Dump the LUKS header once again. You will see an additional key slot as shown below.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"306\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/9-2.png\" alt=\"screenshot of code\" class=\"wp-image-74179\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/9-2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/9-2-300x179.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>There are now two passphrases (in case you forget the first one). You can always use the second one for encryption.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step5\"><strong>5. Backup and Restore LUKS Header Key<\/strong><\/h2>\n\n\n\n<p>All data will be permanently lost if the header of a LUKS volume gets damaged, unless you have a header backup in place. Also, if the key slot is damaged, it can only be restored from a header backup.<\/p>\n\n\n\n<p>It\u2019s strongly advisable to create a backup of the header file. You can do this using the following syntax where <code>DEVICE<\/code> is the block volume and <code>\/path\/of\/file<\/code><code> <\/code>is the path of the file where the header will be backed up:<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksHeaderBackup DEVICE &#8211;header-backup-file \/path\/of\/file<\/code><\/p>\n\n\n\n<p>The command has the following format:<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksHeaderBackup \/dev\/sdb &#8211;header-backup-file \/root\/sdb-header.backup<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"67\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/10-2.png\" alt=\"screenshot of code\" class=\"wp-image-74180\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/10-2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/10-2-300x39.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>You can restore a corrupted header using the <code>luksHeaderRestore<\/code> parameter as shown in the command below:<\/p>\n\n\n\n<p><code>$ sudo cryptsetup luksHeaderRestore \/dev\/sdb &#8211;header-backup-file \/root\/sdb-header.backup<\/code><\/p>\n\n\n\n<p>Note that the restoration procedure replaces all the key slots. This implies that only the passphrases from the backup will work thereafter.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"100\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/11-2.png\" alt=\"screenshot of code\" class=\"wp-image-74181\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/11-2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/11-2-300x59.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"conclusion\"><strong>Conclusion<\/strong><\/h2>\n\n\n\n<p>Creating a device header is always recommended as a contingency measure in the event the current header is damaged. Ensure that you store the backup of the header securely on an offline location. The file must be stored outside the encrypted device, otherwise, you will not be able to restore it. For additional information, check out the <a href=\"https:\/\/gitlab.com\/cryptsetup\/cryptsetup\" target=\"_blank\" rel=\"noreferrer noopener\">cryptsetup project<\/a>.<\/p>\n\n\n\n\n<div class=\"promotion-banner-small is-flex-direction-column has-items-aligned-flex-start has-items-aligned-center-tablet\">\n    <div class=\"promo-small-image is-hidden-mobile\">\n        <img decoding=\"async\" src=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2016\/09\/Devices-General.jpg\" alt=\"cross-platform management\">\n    <\/div>\n    <div class=\"promo-small-content\">\n        <p class=\"is-type-body-tiny is-type-weight-bold is-important promo-small-title\">\n            Secure &amp; Manage Linux Systems        <\/p>\n        <p class=\"is-type-body-default is-important\">\n            Cross-OS device management for the modern organization        <\/p>\n    <\/div>\n    <div class=\"promo-small-cta\">\n        <a href=\"https:\/\/jumpcloud.com\/platform\/cloud-device-management\" data-promo=\"Linux Device Management\" class=\"button is-primary-green promo-small-banner-link\">Learn More<\/a>\n    <\/div>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.<\/p>\n","protected":false},"author":150,"featured_media":74193,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781],"tags":[],"collection":[2778,2775],"platform":[],"funnel_stage":[3017],"coauthors":[2535],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Back Up &amp; Restore a LUKS Encrypted Device - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Back Up &amp; Restore a LUKS Encrypted Device\" \/>\n<meta property=\"og:description\" content=\"Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-27T16:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-05T21:34:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"384\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Worthington\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Worthington\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\"},\"author\":{\"name\":\"David Worthington\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\"},\"headline\":\"How to Back Up &amp; Restore a LUKS Encrypted Device\",\"datePublished\":\"2023-01-27T16:30:00+00:00\",\"dateModified\":\"2024-01-05T21:34:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\"},\"wordCount\":857,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg\",\"articleSection\":[\"How-To\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\",\"url\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\",\"name\":\"How to Back Up & Restore a LUKS Encrypted Device - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg\",\"datePublished\":\"2023-01-27T16:30:00+00:00\",\"dateModified\":\"2024-01-05T21:34:20+00:00\",\"description\":\"Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg\",\"width\":640,\"height\":384,\"caption\":\"encrypted code\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Back Up &amp; Restore a LUKS Encrypted Device\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\",\"name\":\"David Worthington\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"caption\":\"David Worthington\"},\"description\":\"I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.\",\"sameAs\":[\"https:\/\/jumpcloud.com\/blog\",\"david.worthington@jumpcloud.com\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Back Up & Restore a LUKS Encrypted Device - JumpCloud","description":"Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device","og_locale":"en_US","og_type":"article","og_title":"How to Back Up &amp; Restore a LUKS Encrypted Device","og_description":"Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.","og_url":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device","og_site_name":"JumpCloud","article_published_time":"2023-01-27T16:30:00+00:00","article_modified_time":"2024-01-05T21:34:20+00:00","og_image":[{"width":640,"height":384,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg","type":"image\/jpeg"}],"author":"David Worthington","twitter_card":"summary_large_image","twitter_misc":{"Written by":"David Worthington","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device"},"author":{"name":"David Worthington","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e"},"headline":"How to Back Up &amp; Restore a LUKS Encrypted Device","datePublished":"2023-01-27T16:30:00+00:00","dateModified":"2024-01-05T21:34:20+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device"},"wordCount":857,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg","articleSection":["How-To"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device","url":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device","name":"How to Back Up & Restore a LUKS Encrypted Device - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg","datePublished":"2023-01-27T16:30:00+00:00","dateModified":"2024-01-05T21:34:20+00:00","description":"Learn how to install LUKS and encrypt a removable USB volume, as well as how to back up and restore the LUKS volume header.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/encryption.jpg","width":640,"height":384,"caption":"encrypted code"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/how-to-back-up-luks-encrypted-device#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"How to Back Up &amp; Restore a LUKS Encrypted Device"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e","name":"David Worthington","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411","url":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","caption":"David Worthington"},"description":"I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.","sameAs":["https:\/\/jumpcloud.com\/blog","david.worthington@jumpcloud.com"]}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/74169"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/150"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=74169"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/74169\/revisions"}],"predecessor-version":[{"id":103037,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/74169\/revisions\/103037"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/74193"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=74169"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=74169"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=74169"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=74169"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=74169"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=74169"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=74169"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}