Redundancy with thumb drive as keyring

Hello.

I want to store my keyfiles (luks, veracrypt, keepassxc, pam) in a thumb drive that I carry around, but I’m worried about partial drive failure resulting in data loss. Is there a simple way to set up some redundancy by automatically creating multiple copies of the files every time they are changed?

To automatically do that, you will need to plug your USB drive into a computer at some point. When you plug it into a USB drive and do updates, that will probably be the time you want to automate or store the backups.

As to how you want to automate this depends on how you plan to store the backups.

You misunderstood, I’m not talking about backups or redundancy outside the filesystem, but about making multiple copies of the files inside the usb stick to partially mitigate partial failures of the usb drive (as in, some files are corrupted but the drive is still mostly functional).

Copy/paste them if they don’t change often? :grin: data would be stored in different locations.

But in seriousness, I think the best bet is to choose a filesystem best suited for your needs. Different file systems will offer different benefits, but you probably want a journaling file system. It’s not perfectly immune to corruption but it helps.

The other redundancy/resiliency pattern is RAID, but that across multiple hard drives and isn’t really a use case for USB drives, and it’s unheard of to try this.

With all of this, I like the answer for the link I provided: this is the redundancy that will provide you the most protection if you haven’t done so already.

You should recognize that nothing important should ever be kept solely on flash memory. USB sticks are too easy to lose, step on, or drop into the toilet, etc. Important data should be backed up and kept on at least two distinct drives, and preferably in at least 2 separate physical locations (think fire risk, flood risk, etc).

1 Like

For context, why is this a problem you are trying to solve? Did other solutions not meet your needs? Just curious as to what problem led to this question arising, or if it’s a hypothetical question.

  • Keyfiles are more secure and convenient than passwords that I actually have to remember (master password for pw manager, LUKS password etc).
  • A USB stick is a convenient way to carry said keyfiles around, but if I’m on the field then the USB stick becomes a SPOF so if it fails, I’m out of a computer until I get home/can restore backups
  • From my experience, these flash drives often have partial failures rather than a complete failure. Having multiple copies of each file can mitigate this and save me headaches.

Manually copying the files over multiple times obviously is a possibility, but maybe an automated solution could do this in a smarter way than me, i.e. by placing copies of each file in different and distant sectors so that if there’s an issue there, it will minimize the chance of all copies of said file being corrupted.

I learned that ZFS has a way to automatically store multiple copies of files. It seems cursed to use ZFS in a thumb drive, but I’m going to try it out.

  • A USB stick is a convenient way to carry said keyfiles around, but if I’m on the field then the USB stick becomes a SPOF so if it fails, I’m out of a computer until I get home/can restore backups

If you are trying to mitigate a partial drive failure and have it last just long enough to get you through the day (at which I’d assume it will get replaced at the end of day) I can see the interest in this. Personally after partial failure, I’d immediately ditch it as I wouldn’t want to risk further issues. Let me know how this experiment goes if you try ZFS and it mitigates your issue :grin:

Otherwise, I’d say USB drives are cheap enough to have a secondary drive on you as well in case the other fails. Is there a reason this isn’t quite the solution you need?