Clonzilla vs. restic

20 June 2025

Two is one and one is none.

Ny current backup system, mostly as a reminder for myself. While my laptop primarily resides on my desk, it also accompanies me to work a few times a week. Here's how I make sure my data is protected.

Clonezilla

My primary backup solution is Clonezilla, which I run from a USB stick to create a complete disk copy on an another external USB drive. This bit-for-bit copy ensures that I don't miss any files I might need later. If my hard drive fails, I can easily replace it, restore the latest backup, and be back up and running in no time. Clonezilla features an ncurses interface, making it relatively user-friendly, although I always worry about accidentally writing the backup to the source drive if I'm not careful.

I don’t encrypt the Clonezilla backups. The external drive is physically located in my home and only connected during backups, an acceptable risk. This waI can’t forget the password.

However, there are some drawbacks to this method. First, because Clonezilla creates an identical copy, it may not function properly with different hardware configurations. While I can replace the hard drive in my laptop, a complete laptop replacement could pose compatibility issues. That said, I can still restore individual files, so it's not a complete deal breaker.

Secondly, Clonezilla backups are not deduplicated, and since I back up my entire drive, I can only store one or two versions on the external drive.

Thirdly, the backup process is time-consuming, and I can't use my laptop while it's running. Although this ensures that no processes are active and no files are changing during the backup, it also means I don't perform backups as frequently as I'd like. My most recent backup is from four months ago, which isn't ideal.

This brings me to my secondary backup solution, which is faster, automated, and encrypted.

restic

Resitc is a command line backup tool. It stores snapshots of the directories you ask it to backup and stores them in a repository. This repository can be another location in the same disk or some remote system. It also compresses, dedupes and encrypts the data. It’s way faster as Clonezilla as it only copies the changes to the repository. It might be slow the first time but subsequent copies will be really fast. My restic repository lives on my Synology NAS and restic writes the backups to the NAS over SFTP. First enable SFTP. In Synology go to the Control Panel, File Services, FTP and enable the SFTP service (not the FTPS one). I kept port 22 as it means less configuration on the client. You'll also need to allow the user to use the SFTP service. In the Control Panel, under Users & Groups, open your user and click the Applications tab. Here allow the use of the SFTP application. Now you can access the Synology from another machine.

sftp -o IdentitiesOnly=yes simon@keszthely.panda-forel.ts.net

Note, you can add "-o IdentitiesOnly=yes" if you get a "Too many authentication failures" error. This happens when you have many SSH keys. I added the following to my ~/.ssh/config file to simplify the command even future:

Host keszthely
  HostName keszthely.panda-forel.ts.net
  User simon
  IdentitiesOnly yes

Next, initialise a new restic repository on the Synology NAS. You run this command from the laptop, it connects over SFTP and prepares a directory to store the snapshots.

restic init --repo sftp:keszthely:/drop/restic-repo

You can now create your first backup. Here I take a backup of my Linux home folder but restic can store multiple different directories in the same repository, backups from different systems even.

restic backup --repo sftp:keszthely:/drop/restic-repo ~/Documents/

You should see a new snapshot to confirm it worked:

restic snapshots --repo sftp:keszthely:/drop/restic-repo

Future backups will be faster as it only needs to store the differences. You can compare the differences between 2 snapshots via:

restic diff --repo sftp:keszthely:/drop/restic-repo d56ed9d5 1c100c47

You can inspect a snapshot as you would expect to find a file you want to restore.

restic ls --repo sftp:keszthely:/drop/restic-repo

You can restore your backup in place, which will remove files not present in the backup but this is too YOLO for me so I restore to a different directory:

restic restore --repo sftp:keszthely:/drop/restic-repo --target /tmp latest

I manually run `restic check —repo` from time to time to make sure all is fine. This, of course, will fill up the drive on the Synology NAS after a while. It only stores the changes but disk space is still finite. I remove old snapshots via.

restic forget --repo sftp:keszthely:/drop/restic-repo --keep-daily 3 --keep-weekly 5 --keep-monthly 7 --keep-yearly 9

Would keep the most recent 3 daily snapshots, 5 weekly, 7 monthly and 9 yearly snapshots. This only forgets but does not remove the data, add the --prune flag to trash the data as well. I run the restic backup command as a systemd timer. It also runs the old snapshots cleanup after successfully completing the backup. __explain systemd timer__

Summary

Clonezilla is my disaster revoecry backup. I am certain it backups my while drive so I don’t miss a file, the USB drive is disconnected and stored in a box after each backup so I won’t accidentally delete the data and it can’t get infected by malware. Resitc is my automated daily backup. It’s more connected (as it’s on my NAS) meaning it’s easier to take a backup or to restore files but it’s also more vulnerable to mistakes or malware. I could of course take an offline copy of the restic repository from time to time as a cold storage backup but using 2 different backup solutions has the added benefit of not putting my all my eggs in the same basket. I still have an alternative if a bug in Clonezilla or restic would corrupt the backups.