So, I have a remote computer with an SSH service installed, fully accessible to me. I have no physical access to the machine until tomorrow, but I don't want to wait.
I need to make an image of the harddrive, but the problem is, I am booted into the partition I am trying to image. So, the only option I can think of is to create a small partition, reboot, extract some small Linux disto to that partition, change Grub's settings to auto-boot into the partition, chroot and change the root password for the install, reboot, pray, ssh back into the box (now running the drop-in install), image the main partition, change the Grub default partition, and reboot.
Anyone know of a distro or another solution to getting the image?
There a few ways to do this:
Copy the contents of a small distro like puppy, tinycore, knopix, etc. to another partition. Setup the ssh daemon in the small distro to start networking and sshd at boot, change the grub config to start the new distro after a reboot, the reboot. Then you can make the image in any of the ways below.
Use cpio, tar, or rsync to make a copy of the filesystem. It doesn't give you an image but a copy of the contents. It may be all you need but if not see the other options.
Use dump to make the image. If there is a fs dump for the filesystem you are using then dump gives you an image of the filesystem that can be restored to any partition big enough to hold all the data. There are dump utilities for xfs and ext2. You can use the ext2 dump for ext3 filesystems as well. To make a complete image you will run something like
dump -0f - /mountpoint/or/dev_entry > image_file
Use dd to make an image of the running drive, If you use dd you may need to run fsck against the image before using it. I've used dd method against lots of different Unix variants. The big drawback is that it copies every block even if there is no data. You may want to experiment with block sizes before making the copy but 16M is usually a reasonable starting point.
dd if=/dev/sda1 bs=$((16 * 1024 * 1024))> image_file
is an example.If you have a large enough partition available you can make the copy locally. Otherwise you will need to copy it across the network which may make this very time consuming. Compression can help reduce the network time if bandwidth is a bottleneck. Piping the output through gzip to ssh can be done by replacing the
"> image_file"
with"| gzip | ssh user@remote_host '> /path/to/file.gz'"
If you are on a debian system you can use debootstrap to create a minimal debian install in an extra partition. Everything else is already in your question, although I would add: "Install ssh server and make sure it is started on bootup" after the "chroot" part.
Also make sure that networking will start in the minimal install.
You can do this with Debian. I believe it supports what is called a chroot install. Beyond that, I can't help as I've only heard about it from a friend.
dd command might help, a small distro would be tinycore
Why a physical disk copy? why not just a "normal" copy? as root :
and just try to not use anything. You can replace the z with j for bzip2 or --lzma if you have recent enough tar.