SiriKali is a Qt/C++ GUI application that manages ecryptfs,cryfs,encfs,gocryptfs and securefs encrypted folders.
In a sense,it is a universal frontend to folder based encryption in linux.
This project used to be known as "cryfs-gui".
1.2.6 4 days ago
-- Add a build time option(-DUSE_POLKIT=true) to support ecryptfs-simple backend
build without suid bit set. This option will generate a polkit prompt on program
start giving bad user experience. Enable it only if ecryptfs-simple backend is a
necessary backend to have and it has to be installed without suid bit.
-- Default to not using a passward manager when unlocking volumes from favorites list.
-- Add an option to lock all unlocked volumes and quit the application on success.
-- Add a config option to run arbitrary command on successful mount attempt(arguments
to the command will be cipher folder,plain folder and volume type).
-- All operations around locking and unlocking of volumes can now be done from CLI.
-- Add a plugin that allows generation of a key using a key+keyfile combination
through a user configured external application. A user for example can set gpg as an
external application so that they can extract a key from a gpg encrypted keyfile.
-- Add a config option to disable displaying of passwords.
-- Add ability to store passwords in OSX keychain.
1.2.3 3 months ago
-- Make it possible to unlock a volume from favorite list without using key storage system.
1.2.2 4 months ago
Add support for creating and unlocking ecryptfs volumes.
The above support is enabled by a backend called ecryptfs-simple.
1.2.1 5 months ago
-- Maintanance release.
-- FIX BUG: Dont generate an update warning prompt on startup when auto check for updates is set but the application
is started while the system has no internet connection.
-- FIX BUG: Dont auto delete mount folders when a volumes was unmounted outside of SiriKali.
-- FIX BUG: Populate $PATH variable properly before calling backends since some backends fails without it.
-- FIX BUG: The build process failed to build on Qt4
version 1.2.0 6 months ago
-- Add ability to add a favorite volume with mount options(external config file path,idle timeout,auto mount).
-- Add a GUI option to select what secure key storage backend to use when auto mounting volumes.
-- Add ability to automount favorites volumes on program start up time.
-- Add ability to automount favorites volumes when they become available ie,when the files systems the volume
resides in is mounted.
1.0.0 8 months ago
-- Initial release.
-- Can create and unlock Cryfs Volumes.
-- Can create and unlock Encfs Volumes.
-- Can create and unlock Gocryptfs Volumes.
-- Can create and unlock Securefs Volumes.
-- Can save and retrieve volumes keys from KDE wallet,GNOME's libsecret and an internal
secured storage system backed by libgcrypt.
-- Can save favorite volumes for easier access to frequently used volumes.
-- Can use keys derived from passphrases,keyfiles and a combination of a passphrase and a keyfile.
-- Can be build with Qt4(default) or with Qt5.
-- Can measure password strength when creating a new volume.
The support is added using libpwquality project: https://fedorahosted.org/libpwquality/
-- Add ability to unmount all volumes at the same time(Menu->UnmountAll)
-- Add ability to generate mounting dialog with a single action(Menu->Favorites->Mount All)
-- Add French translations.
-- Add ability to auto unlock a volume from CLI.An example of how to do this is:
sirikali -d /home/mtz/cryfs.volume -b "internal"
The "-b" option gives a passphrase storage backend to use to retrieve the password to unlock
the volume. Currently,only 3 backends are supported:
1. "internal" backend is always there and its backed by libgcrypt.
2. "kwallet" is backed by KDE wallet is a compile time dependency of the project.
3. "gnomewallet" is backed by GNOME's libsecret and is a compile time dependency of the project.
Set the backend to use a blank passphrase(not recommended) if you want to be able to unlock
your volumes without being prompt for a backend password.
-- Add support for unlocking volumes using an external config file.
-- Add a GUI ability to show cryfs file system space utilization.
-- Add a menu entry to set default mount point path prefix.
-- Add a convenient "HMAC+KeyFile" option to use a keyfile with an empty passphrase
as a volume password. "Key+KeyFile" option is to be used if volume passphrase is to be a combination
of a password and a keyfile. Both of these two options are better than using a "KeyFile" option
because keyfiles will most likely be trancated on the first new line character encountered and al the
contents of the keyfile may not be used leading to weak passphrase.