If you have to do this, then the danger is that your USB device will
have malware that attacks persistent means of storage - MBR, the USB
controller itself, etc. These will survive a reinstall.
Buying a new USB drive (in person) removes the possibility of a
targetted attack: don’t let the drive out of your hands at purchase.
If you want to continue, having considered and accepted the security
implications, then that’s fine.
You need not do this in Qubes - any live distro will allow you to
decrypt and mount the Qubes partition, and then mount the individual
qube storage partitions, (found in /dev and linked under familiar names
If you want to use your existing Qubes, the you may have to remove the
parameter at boot that masks the USB controllers from dom0 -
Once you have access to the USB, then you can mount it in dom0:
mount /dev/sdX /mnt/destination
Then you should be able to mount the individual qube private drives, and
copy out the data. (I assume that you only want /home from each qube)
mount vm-SOURCE-private /mnt/source
cp -rv /mnt/source/home/user /mnt/destination/SOURCE
Obviously there is scope for automating this using a basic bash script
that iterates over the contents of