Yes I know, nobody likes making backups. But imagine if you would suddenly loose your Tails USB stick. You would also loose access to your market account, all your bitcoins, your PGP key, . . .
This sucks even more if you are a vendor. So please take five minutes to make a backup with the following steps. Since there is no official way of doing it, I wrote up a small guide. It is just copying the commands and it really does not take longer than the 5 minutes. I have done the process below several times and could restore the persistence folder, electrum, all pgp keys and my bookmarks successfully. If you have any issues with it please make a comment here or message me.
Backing up your persistence data
Reboot Tails and select "Yes" for the More Options question on the Tails greeting screen and enter the password for your persistence volume. Click on "Forward" and set an administrator password. It does not have to be that strong because it will be only used for this session. Confirm by clicking on "Login".
When you are on your Tails desktop, click on "Applications" the top left corner and go to the category "System Tools". Select the "Root Terminal" entry and enter the root password you have previously set.
Now enter the commands one after another by copying them and then right click in the root terminal and select "Paste", after that press enter. Wait after each one till it is finished, i.e. the last line of the root terminal (at the bottom) starts with "root@amnesia:".
cd /live/persistence/TailsData_unlocked/
This goes into the directory where all your persistence files are stored.
tar cjf - . | gpg --cipher-algo AES -c - > /home/amnesia/YYYY-MM-DD-backup.tbz2.gpg
This backs up all files in that directory and pushes them into a file called YYYY-MM-DD-backup.tbz2.gpg in your persistence file folder. Replace the date placeholders with the actual current date so you later know when you made this backup just by looking at the filename (e.g. 2017-02-11-backup.tbz2.gpg).
After you press enter it will prompt you for a password. Choose a strong one because if law enforcement can guess it, they have all the evidence they need laid out in front of them. Note: when you enter it, the characters will not appear in the terminal. Just enter your password, press enter, confirm it by entering it again and press enter again.
cd /home/amnesia/
This goes into your home directory.
chmod ugo+rw YYYY-MM-DD-backup.tbz2.gpg
This makes it possible for every user to read and write the backup file. It is necessary because you created the backup file as root and only he would be able to read and write the file. That does not mean that everybody can read the content of your encrypted backup, it just allows you to copy it to your USB stick in the next step. The content of the backup is still only readable if you know the password you set earlier.
Note: you can press TAB once to use the autocomplete function. That means just type the beginning of the long backup filename (e.g. "2017-") and then press TAB. That will add the rest of the filename to your command.
Almost done! Now just plug in your USB stick on which you want to store the backup file (it does not need additional encryption because the backup file is already encrypted itself). Then go into your home directory (by clicking on "Home" on your Tails desktop) where you will see the backup file. Copy it to your USB stick that you plugged in by clicking on the name of your USB stick on the left sidebar and then pasting the backup file.
However, it would be a shame if you lost your Tails USB stick but think you at least got a backup of it, just to later discover that there is a problem with it and you really lost all your data permanently. This would suck, so invest one more minute in checking if the backup was successfully:
- right click on the YYYY-MM-DD-backup.tbz2.gpg file and select "Open With Decrypt File". Then you will see a file called YYYY-MM-DD-backup.tbz2 in the same directory. Double click on it and go through the folders a bit to see if your persistence files got backed up correctly (e.g. go into the folder called "persistence" and check if you can open some txt files you stored there).
If that is the case you can delete the YYYY-MM-DD-backup.tbz2.gpg and the YYYY-MM-DD-backup.tbz2 file from your Persistence folder, but do not delete the YYYY-MM-DD-backup.tbz2.gpg file from the USB stick.
Remember to stash your USB stick with the backup somewhere safe where nobody will find it easily but you can still retrieve it after your properties got searched and your assets seized.
Restoring your persistence data
Now if the worst case happens and you loose your Tails USB stick or it gets destroyed you have to do the following to restore your data. Create a new Tails USB stick and enable the persistence volume on it. Make sure that you enabled the persistent volume for the exact same categories as you had on your old one (e.g. they should be Personal Data, GnuPG, Network Connections (if you used WiFi), Browser bookmarks and Bitcoin Client).
Reboot Tails and set a root password as described above.
When you are on your Tails desktop, click on "Home" and select your USB stick from the left sidebar of the file explorer window. After you left clicked on the USB stick you will see the content of it, it should contain the backup file (YYYY-MM-DD-backup.tbz2.gpg). Now hover over the entry of your USB stick on the left sidebar and you should see where it is mounted, e.g. if your USB stick is called "backup", the path should be "/live/amnesia/backup". Remember that path.
Then start the root terminal as described above.
Now enter the commands one after another by copying them and then right click in the root terminal and select "Paste", after that press enter. Wait after each one till it is finished, i.e. the last line of the root terminal (at the bottom) starts with "root@amnesia:".
cd /live/persistence/
This goes into the directory where all your persistence files are stored.
rm -r TailsData_unlocked/*
This removes all files currently stored on your persistence volume since you want to replace them with your old ones from the backup).
cd TailsData_unlocked
This goes into the directory where all your persistence files were stored.
cp /live/amnesia/backup/YYYY-MM-DD-backup.tbz2.gpg ./
This copies the backup file from your backup USB stick (which is called "backup" in this example) to the directory where all your persistence files were stored. There may be some issues if your USB stick name contains spaces or other special characters. In that case copy the backup file to your home folder (using the file browser) and then enter the command "cp /home/amnesia/YYYY-MM-DD-backup.tbz2.gpg ./" instead of the above.
gpg -o backup.tbz2 --decrypt YYYY-MM-DD-backup.tbz2.gpg
This decrypts the backup file, enter the password for it in the terminal when asked for it.
tar xvjf backup.tbz2
This extracts the files from the decrypted archive.
rm YYYY-MM-DD-backup.tbz2.gpg
This removes the encrypted backup file from your current directory because you do not need it any more.
rm backup.tbz2
This removes the decrypted backup file from your current directory because you do not need it any more.
Now reboot Tails and see if you have your old files back by:
starting Electrum and checking the balance
checking the home/Persistence folder for your old files
checking the browser bookmarks by starting the Tor browser
checking the PGP keys by clicking on the clipboard icon, selecting "Manage Keys" and then going in the "GnuPG Keys" section on the left sidebar
If you get an error that the clock failed to synchronize (your old data should still be recovered) just reboot Tails and you should be able to connect to the internet again.
why dont you have two usbs with tails running persistence.