Booting Linux From a Flash Drive For File Recovery

After a long time we are back to talk about some more cool tech stuff you can do with a USB flash drive. Today's topic will focus on booting the Linux OS from a USB stick. The purpose for booting Linux from a USB drive, at least the purpose of this guide, is to recover files from a broken install of the windows OS or any other OS for that matter. We can also run virus scans from the Linux distro securely without infecting other PC's or having to boot the infected PC.

What you will need:

* A USB stick anywhere from 512mb to 2GB (depending on the distro)
* A main board capable of booting from a usb device.
* and about 15 minutes plus download time.

Software to be used:

* Latest stable version of UNetbootin

Step # 1: Prepare the USB Drive

Once you have all your materials together go ahead and plug the USB drive in and backup all files you may have on the disk.

Step # 2: Installing to The USB

Start up UNetbootin and select the following:

1. Use the first radio button "Distribution". This will download and install, automatically, the distro we want.
2. Pick SystemRescueCD. We are going with this because it is easy the ntfs file system driver comes prepackaged so no additional customization is required.
3. Next select your flash drive.
NOTE: Be sure to select your flash drive and not your windows partition or primary partition, 'cause if you do then you will destroy the currently installed OS.
4. Finally click "Ok".

UNetbootin options to select are shown in an image in the source article located at the link at the bottom of this article.

Step # 3: Configuring Bios

We will need to setup your computer to boot from the USB stick. To do so first you mother board will need to support this feature and second you will need to do some configuration.

1. Reboot your computer and hit "F2 or" del "depending on your mother board to enter BIOS config.
2. Search for the section labeled boot sequence, or named similarly. This will sometimes be filed under a separate section like advanced BIOS features, or similar.
3. Move removable or USB to the top of the list. If you do not see these options listed your mother board most likely does not support USB boot. Consult Google for more info on this.
4. Reboot the computer with the drive plugged in.

Step # 4: Booting Linux

We are going to boot into command line for this guide. There are options to load a GUI for those of you who tremble in the face of CLI. I must warm you though Command Line is by far easier and faster.

1. Once your computer passes post you will see the boot loader screen. Navigate to "VMLinuz64" and hit enter.

After a bunch of OK's on the screen and most likely 1 red FAIL you will be at the prompt "root @ sysresccd / root%". This would indicate a success.

Step # 5: Copying files from a windows partition onto an external hard disk.

For this you will need an external medium on which to move your files have this ready to receive your data. You can also use the usb stick which you booted from, if of course there is enough space on it.

1. First we will need to identify our drives. I will assume you have two storage devices plugged in one being the flash drive and the other your windows hard drive. Execute the command below:

fdisk -l | less This command will show you all the storage devices on your system. Use the down and up arrows to navigate the output as it may be larger than your screen. My output for this command is shown below:
Disk / dev / sda: 160.0 GB, 16000000000 bytes 255 heads, 63 sectors / track, 19452 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Disk identifier: 0xd0f4738c Device Boot Start End Blocks Id System / dev / sda1 * 1 19451 156240126 7 HPFS / NTFS Disk / dev / sdb: 2085 MB, 2085617664 bytes 2 heads, 63 sectors / track, 32329 cylinders Units = cylinders of 126 * 512 = 64512 bytes Disk identifier: 0x00502bcd Device Boot Start End Blocks Id System / dev / sdb1 * 1 32330 2036720 6 FAT16 My device is 160GB NTFS partition. Knowing those two bits of info we can take an educated guess and say / dev / sda is our windows device.

NOTE: To exit this output screen press "q".

2. Mount the windows drive so that we can access the files on it. Run the mount command below:

mount / dev / sda / mnt / windows NOTE: you will need to replace "/ dev / sda" with your device found from the output of fdisk -l. It is likely that they will be the same.

3. Lets find out if we mounted the right device now. Run:

ls / mnt / windows This command will list the files and folders in a directory. If you see the tell program Program Files and WINDOWS directories it was successfully mounted.

4. Time to get our backup device out. Plug it in and wait a few seconds then run the fdisk command again:

fdisk -l Egypt
cat / proc / partitions You should see both devices you saw last time and now a new one should be there. Match the size of the device to yours and note the device location most likely / dev / sdc.

Mount this device to the pre-made backup folder using the mount command again:

mount / dev / sdc / mnt / backup 5. Now it is time to copy things from the old windows drive to the backup disk.

If you want to copy your entire windows drive to your back up drive run this command:

cp -R / mnt / windows / * / mnt / backup / YOUR_FOLDER_NAME If you plan on copy single files type the full file path and then the full destination path.

Additional Useful Commands:

* Sometimes a virus can infect the very first bit of code that is executed on your system the MBR (Master Boot Record). Luckily we can clean this up with relative ease in linux. Execute:

dd if = / dev / zero of = / dev / sdb bs = 512 count = 1 Remember to replace "/ dev / sdb" with your device cause if you miss and clean the wrong one you may have some issues.

* Maybe you do not have an external device to back stuff up but you have another computer with a network share. Well lets mount that network share so we can copy files to it. Create a mount point:

mkdir / mnt / network Mount the share:
mount -t smbfs // computername / folder / mnt / network -o username = user1, password = mypasshere Now you can copy and move files to the network share just like any other directory.

To mount a share without a password use:

mount -t smbfs // computername / folder / mnt / network Until Next Time.











0 comments