I frequently have a need to take a snapshot image of a hard drive, and save it to another machine over the network. I just did this with an old computer at a customer's site that had been sitting gathering dust for a number of years, and needed to be recycled. Unfortunately, the drive on this machine contained files that were necessary to keep, for legal and archival reasons.
It was an old Windows NT4 machine, with only a 2.1 GB hard drive, so space was not an issue. Nobody seemed to remember the Administrator password to log in, so I couldn't easily tell what files were necessary, and what wasn't.
Now, I could have just taken the drive out, and used a USB to IDE adapter, had this been a regular computer. However, it wasn't a regular computer, as it was a SCSI hard drive, rather than IDE.
The easiest way to do this kind of backup would be to use a Live Linux CD, like Knoppix, and copy the entire hard drive over the network to the fileserver. Again, I could pick and choose files, but then I have to deal with partitions. And for some reason, this tiny 2.1 GB drive had 3 partitions on it. I'd have to look at each one, and copy individual important folders from each; definitely labour-intensive, considering a lot of these files would never need to be looked at except in the case of a lawsuit, or other legal requirements.
So, how to simply image the whole drive, with a single command, so I could walk away and let it do it's thing?
Well, normally, for backups like this, I'll use scp from within Knoppix. But, with 3 partitions, I'd have to do this once, then return to the machine when it was done, and do it again for the next partition, and again for the last. Could be done, but more finnicky than I wanted to be for this particular job.
The next thought would be to use scp like this:
scp /dev/sda user@server:BackupOfOldComputer
But, scp won't copy a block device file like /dev/sda.
So what to do? Well, the beauty of the Linux command line is you can send the output of one program into another program with the pipe character (|).
Try this:
dd if=/dev/sda | gzip -c | ssh user@server 'dd of=/home/backups/OldComputer.img' bs=2048
This will read the whole drive with the dd command, which was designed to do this, compress it with gzip, then use ssh to securely transfer the data to the server computer, which will then use it's own dd command to write that data into the backup image file.
This file can then be mounted without writing it back to a hard drive. It takes a little finesse, as you have to deal with partitions within the image file, but it's no more work than dealing with the partitions initially. And in this case, it's much less likely to be necessary.