I assumed the same, but if this true and in case this uncrypted communication is NOT documented - maybe I've just not found it - it would IMHO be worth to add this to the docs. E.g. with a warning "Use direct cloning only on LANs!" or similar.
Just a remark: ** IF ** live cloning with sufficient encryption would be possible, it would be IMHO a cool feature and would be make the following use case for VPS possible: "Move" a "VPS old" to "VPS new", by using Clonezilla Live in both VPS simultaneously. Needed from time to time, if. e.g hosting company offers no "upgrade path" from VPS type A to B, if you want to upgrade/modernize your VPS. Happens frequently. Similar if hosting company increase prices etc., and you want to move to a different company. - Very frequently VPS have only exactly one virtual hdd - Means, at least AFAIK, no chance to use a local partimag, both on "old" or "new". I've tried to store the image locally on "old", didn't work as I found no way to "tell" Clonezilla to exclude the "partimag" Partition. LVM LV in my case. Recursion errors by Clonezilla Live. Tried also to use Clonezilla Live on "old", storing the image via SSH to "new", "new" not Clonezilla Live, but "normal" Linux (mainly hoster's default VPS images based). Imaging then (of course) works fine, but NO IDEA how to tell Clonezilla Live in 2nd step to "restore" from local partimag.. hen and egg :) Remark. In my case I always had enough disk space available for all these operations. I've solved this always by device to image, writing via SSH to my PC @home, and afterwards restore to device, reading via SSH from my PC @home. Works (of course, Clonezilla is pretty stable :), but is naturally MUCH slower than data center "old" to data center "new", or even within same data center... Am 06.05.25 um 19:27 schrieb James Epp:
I'm only responding to say that's an excellent question I don't have an answer for but maybe I could try to test that and inspect the traffic to see if there's a way to tell. From a purely academic point of view though, I would warn that unless you are manually typing in encryption keys on both ends or some similar form of manual authentication there's really no good way to prevent a MITM attack (at least not from a modern "end to end" perspective). On Tue, May 6, 2025 at 10:40 AM michaelof--- via Clonezilla-live <clonezilla-live@lists.sourceforge.net <mailto:clonezilla-live@lists.sourceforge.net>> wrote: Hi all, haven't found anything in avail. docs and mailing list archives: If I do a remote cloning via Clonezilla live, one machine as remote-dest, one as remote-source, which type of network communication is this using. Is there any encryption between these two machines? Thanks, Michael _______________________________________________ Clonezilla-live mailing list Clonezilla-live@lists.sourceforge.net <mailto:Clonezilla-live@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/clonezilla-live <https://lists.sourceforge.net/lists/listinfo/clonezilla-live>
_______________________________________________ Clonezilla-live mailing list Clonezilla-live@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/clonezilla-live
