Restoring Qubes Without Backup

Hello,

I had a Qubes install become unbootable after a hard restart and I tried booting on multiple laptops but the SSD was unrecognizable for boot. After multiple attempts in trying to restore that Qubes OS , I gave up and downloaded a new Qubes on a new SSD.

I plugged in that old SSD (running Qubes 3 I think) in my Debian laptop and I was able to view all the VM’s I had on there using the lsblk command.

My main focus is trying to recover a couple Standalone VM’s I had. If the VM was a standalone os and it was Kali linux for example, how do I recover that? Also, same question for a standalone Windows 10 VM.
My template vm’s and appvm’s I can figure it out because I can click all the drives that show up and go through them but I cant seem to find standalone OS VM’s. lsblk also doesn’t have a mount-point for the standalone vms and some off my other vms.

Is this possible? Am I better off trying to fix the boot issue? I tried the Qubes USB stick rescue option but I keep getting no linux partitions found.

Thanks!

You can try to boot from installation ISO in rescue mode and mount your old system there and try to run qvm-backup tool from chroot to backup your VMs.

Not exactly the same issue, but I have managed to recover Qubes from non-booting after hard reset in a couple of ways before.

Once I had managed to use all diskspace available and managed to boot in just by deleting some VMs and some temp files in dom0.
This was enough to get back in and backup Qubes.

Other time, which is similar to your situation I re-installed but wanted to access Standalone - in my case I did locate them in the lsblk (or maybe using some lvm command - possibly vgdisplay?) and copied it to new install.
However it wasn’t showing, so i created new Standalone with same specs, deleted the new and replaced it with the copy.
Again, this was enough to get it showing, backed up and recreated.

thanks for the replies!

@kernel did you just copy paste the data after reinstalling or were you able to run the dd tool and completely replace the new qubes drive with your old one (per VM obviously)

@tzwcfq every time I run the rescue tool, it takes me to a shell asks for a password and it says no linux distributions found. I’ve tried on healthy drives as well, it gives me the same error.

As far as mounting goes, what is the proper command to mount and which drive do I mount?

I’ve tried to run qvm-backup from chroot but it didn’t work. It needs qubesd service running but I’m not sure it’s possible to run in from chroot.

If it’ll be enough for you to just backup your VMs drives then you can mount your drive and copy them.

By default Qubes installer will create 32 partitions:

1. EFI System partition (<1GB) - /dev/nvme0n1p1
2. Boot partition (ext4 fs, 1GB) - /dev/nvme0n1p2
3. System partition (ext4 fs, the size of remaining disk) - /dev/nvme0n1p3

To mount your system drive you need to run these commands (example for ssd):

1. Decrypt drive:
   sudo cryptsetup open /dev/nvme0n1p3 qubes
2. Activate LVM:
   sudo vgchange -ay
3. Copy with dd or mount the VM disk images qubes_dom0* from /dev/mapper/ directory.

Just for the record, there is documentation for four kinds of backup/restore:

1. Normal
2. Paranoid mode for when your Qubes system may got infected
3. Emergency restore for restoring out of backups from a non Qubes system
4. Mounting a (possibly broken) Qubes partition and extract the data that way.

The fourth should be applicable here.

Also i want to add another thing i do: Additional backup of the boot sector, for example with clonezilla. This helped me getting qubes bootable quickly without much cost in time nor storage.

In case your did not know it: A backup (procedure) that has not been tested for restoring is none.

And also for the record:

1. Normal

• not capable of doing this considering my situation… I cannot boot into qubes

2. Paranoid mode for when your Qubes system may got infected
   -if you’re referring to this comment for the solution Introduce paranoid mode for qvm-backup-restore · Issue #2737 · QubesOS/qubes-issues · GitHub , . For someone who is learning and hasn’t mastered coding or software, this is very hard.
   I don’t know how to extract backup-header , qubes.xml and qubes.xml.hmac
   Also don’t know how to validate qubes.xml
   And googling both of those doesn’t give me any solutions except more rabbit holes.

3. Emergency restore for restoring out of backups from a non Qubes system

• am i supposed to do this in dom0?? i tried on dom0 and got import read failed for rpm --import qubes-release-4-signing-key.asc. And reading further on that, I am trying to do the cryptsetup luksOpen /dev/… but I am not sure what goes after that. I tried all the sdb options and nvme0n1p1,p2 etc. and get the error “command requires device and mapped name as argument”

4. Mounting a (possibly broken) Qubes partition and extract the data that way.

• this is continuation of number 3 , cannot pass luksOpen, don’t know the proper command for mounting.

Honestly, if it seems like I’m looking for the easy way out askin yu guys, I’m really not. I’ve made several posts on here asking for help and either got pointed completly i the wrong direction or got responded to with some type of “I know, you dot know, go learn yourself” type attitude.
All the issues I’ve had with qubes I have fixed by myself. Not saying the forum didn’t help, but for something that’s hardly googleable, I would expect for support from members. If I saw a post on here that I knew the answer to or thought I knew,I would help out. But for us, low level coders/programmers, some of this stuff is too advanced. I’ve spent days literally trying to solve problems that not only I have had. For example, downloading issues, booting issues, what to do after a hard reset etc etc. This is literally the 4th download of qubes ive had with 2 hard drives that are currently not bootable but contain all the VM’s on there when I connect it and input my password. There has to be an easier way…

So you can see your VM storages /dev/mapper/qubes_dom0_…?
So what’s the problem with them? You can’t copy or mount them?

I just mentioned these options, so other ppl with questions about restore could find it. Only the 4rth option is possible for you, as you do not have a Backup.

Regarding Paranoid mode, this is just another flag for the qvm-backup-restore --paranoid-mode command. Mentioned in the issue is what it does different.

The 3rd is if you have a Qubes backup, no running Qubes system to restore it and need to extract data.

Sorry for the confustion

The 4rth is the way you need to go.

So you fire up your running qubes and do in dom0:

cryptsetup luksOpen /dev/<disk> <mapper>

for you can choose whatever you want.

Then enter your password to decrypt it.

A device under /dev/mapper/<mapper> that you can mount somewhere.

All your lvms should be there and can be copied to the running qubes system.

thanks for the response.

I’ve tried so many options, I can’t figure out what exactly goes after luksOpen /dev… is it the root, private or back version of the VM? Also, going off the provided screenshot, i tried cryptsetup luksOpen /dev/qubes_dom0-vm–personal–private (example if i want to restore private) it says command requires device and mapped name. What would that be, is this something I do in dom0 or create the VM then mount it and do this inside the VM? If I put just a external drive like sda for mapper it says:
Device /dev/qubes_dom0-vm–personal–private does not exist or access denied.
Currently on live usb though not in qubes but I tried on both.

The issue is I want everything restored even system files or for example appdata. And even if copy pasting worked in that scenerio, theres a back, root and private drive do I have to mount and copy paste from all 3?
Even though both are important, Mainly my concern is for a standalone Os like a windows qube, How would I restore that? I tried created a new standalone vm and booting from that vm drive but it doesnt detect it.

You don’t need to decrypt qubes_dom0-vm–personal–private as it’s already decrypted.
These qubes_dom0-vm-* are your VMs storage and you need to copy them.
Here is an example of how to restore your ‘personal’ VM on new Qubes:

1. Copy VM storage from old Qubes:
   dd if=/dev/mapper/qubes_dom0-vm–personal–private of=/path/to/where/you/want/to/store/this/backup/qubes_dom0-vm–personal–private.img bs=1M status=progress
2. Boot your new Qubes and create AppVM with name ‘personal’ (the old AppVM settings won’t be restored so you need to enter them manually in Qubes Settings if needed). Start this AppVM so it’ll create empty storage. Then shutdown this AppVM.
3. in dom0 restore old AppVM image over empty new AppVM storage:
   dd if=/path/to/where/you/want/to/store/this/backup/qubes_dom0-vm–personal–private.img of=/dev/mapper/qubes_dom0-vm–personal–private bs=1M status=progress
4. Done, your ‘personal’ AppVM is restored.

The same goes for your HVMs but for HVMs you’ll need to copy qubes_dom0-vm–*–root and qubes_dom0-vm–*–private storage if you used both of them in your HVM.

thanks!! that worked