How to backup a system with whole disk-encryption?

Solution 1:

If you have whole-disk encryption, then just boot the system in the usual way, including unlocking the disk. Then make a backup using say duplicity, using gpg so that it's encrypted on the destination machine.

There is not much point trying to backup the raw encrypted partition.

Solution 2:

If, when you say encrypted system, you mean that you chose to encrypt your home directory when you set up your system, don't worry, you can backup those files/folders normally.

What happens with the encryption placed on your home directory is that every file and folder in it is copied to a encrypted directory that mirrors your home directory ie you would have

/home/<user>/stuff
/home/.encfs/<user>/stuff, but encrypted

where the second directory is the encrypted one. When you log in, the the security system attempt to decrypt the encrypted directory using your username and password, thus giving you access to the stuff. It's not encrypted while you're logged in, so you can back the stuff up normally.

You can read up on how the encrypted home directory works at this Ubuntu Wiki page. Specifically, you should check out the How it works section mid way down the page, and excerpt of which I've posted below:

Encfs creates an encrypted file/folder inside /home/.encfs/testuser for every file/folder you create inside /home/testuser. When the encrypted folder is "mounted" the files are decrypted on the fly and accessible at the mountpoint (/home/testuser).

With pam_encfs configured as it is, everytime a user tries to log in, it will attempt to execute "encfs /home/.enc/$USERNAME /home/$USERNAME" using your account password. For users you haven't setup encryption for, this will simply fail and everything is the same as normal. For users you setup, the empty /home/$USERNAME folder will suddenly provide access to their decrypted files and folders! Yay!