SiriKali Original


Source (link to git-repo or to original if based on someone elses unmodified work): Add the source-code for this project on

Score 63.3%

SiriKali is a Qt/C++ GUI application that manages ecryptfs,cryfs,encfs,gocryptfs and securefs encrypted folders.

In a sense,it is a universal frontend to folder based encryption in linux.
Last changelog:

1.4.1 5 days ago

-- Add support for fscrypt backend. This backend will allow encrypting individual folders that reside in a
file system that supports encryption like ext4. More info about this backed is here:
-- Fix a bug with sshfs backend introducedin 1.4.0.
-- Various changes and improvements.


2 years ago

Hi, nice app, please add link for Gentoo linux system -->
Thanks :)




2 years ago


I have also added it to the official download page of the project at


1.4.1 5 days ago

-- Add support for fscrypt backend. This backend will allow encrypting individual folders that reside in a
file system that supports encryption like ext4. More info about this backed is here:
-- Fix a bug with sshfs backend introducedin 1.4.0.
-- Various changes and improvements.

1.4.0 20 days ago

-- Make it buildable again on Qt < 5.10.0(1.3.9 broke this promise because
it should be buildable in debian 8)
-- Add a config option to show favorites entries on the tray icon context menu
with an ability to mount/unmount volume from the menu.
-- Fix a bug that prevented favorite entries with cipher path that starts with a dot
from showing up in the GUI.
-- Add GUI options to enable HiDPI option to scale the GUI when running
in HiDPI displays.

1.3.9 2 months ago

-- Add ability to run a custom command on user specified time interval.
-- Add ability to set premount, postmount, preunmount and postunmount
commands to run per favorite entry.
-- Add support for creating and unlocking volumes using yubikey's
challenge-response feature.
-- Add ability to run user created custom backends/extensions.
This feature make it possible to configure SiriKali
to run any tool that deals with mounting file systems.
Documentation on how to create a custom backed is
-- Fix an occassional crash that happens when creating an internal wallet
when an internal version of lxqt_wallet is in use.

1.3.8 5 months ago

-- Remove backend timeout of 20 seconds because cryfs >= 0.10.0 may take a very long time to finish.
-- Show a warning that says working with cryfs >= 0.10.0 may take a very long time when creating/unlocking cryfs volumes.
-- Improves a window that manages favorites.

1.3.7 8 months ago

-- Add support for gocryptfs "idle" option.
-- Add ability to set a favorite volume that does not need a password. Useful when connecting to ssh server
with a private key that does not need a password or when getting credentials from external tools like keepass.
-- Add a config option to auto unmount volumes on logout(specifically, when SiriKali receive sighup or sigterm).
-- Add Russian translations.
-- Fix a bug that prevented mounting gocryptfs volumes on MACOS.
-- Translations now works on MACOS.
-- Add support for Cryfs backend on windows.
-- Add support for using a mount folder on windows(sshfs, encfs and cryfs supports both mount folders and drive letters)

1.3.6 1 year ago

-- Add ability to pass both fuse options and options specific to backends when unlocking a volume.
-- For example, this option will allow passing "--allow-filesystem-upgrade" option to cryfs backend when
unlocking a cryfs volume to automatically upgrade the volume's file system when necessary.
-- Add a GUI way to create and unlock gocryptfs and encfs volumes in reverse mode.
-- Fix a bug in windows that allowed more than once instance to run.
-- Create drive letters on Windows with a label equals to the name of the cipher folder when unlocking volumes.

1.3.5 1 year ago

-- Add "-DPOLKIT_SUPPORT=" compile time option to disable polkit support.
Suid root-less ecryptfs-simple backend will not work if this option is turned off.
-- Fix a bug on windows that prevented SiriKali from seeing 64 bit sshfs-win.
-- Add ability to edit favorites entries.
-- Fix a bug on windows when unlocking securefs volume with a custom config path.

1.3.4 1 year ago

-- Add support for Microsoft Windows operating system.
-- Add support for sshfs backend on Linux and Windows..
-- Add support for encfs backend on windows.

1.3.3 1 year ago

-- Invoke context menu with a left click in addition to the default right click.
-- Add a GUI windows to set ecryptfs volume creation options.
-- Add a GUI way to upgrade cryfs volume(cryfs > 0.9.8 required).
-- Make it possible to build the project with system provided "internal" libraries.

1.3.2 1 year ago

-- Drop support for Qt4.
-- Add ability to specify a command to run before a volume is umounted.The specified command must return 0 for the unmount attempt to be carried out.
-- Add a GUI window to manage program options.
-- Add a GUI window to set crypto options when creating a gocryptfs volume.
-- Add German translations.
-- Update French translations.

1.3.1 2 years ago

-- Add a config option on the menu list to set the app to start minimized.
-- Fix stability issues on MACOS.
-- Fix unlocked gocryptfs volumes not showing up on SiriKali GUI on MACOS

1.3.0 2 years ago

-- Add "~/bin" and "~/.bin" paths to list of folders to search for executables.
-- Fix random crashes on OSX.

1.2.9 2 years ago

-- Fix a crash on exit in OSX.
-- Show all crypto options when creating Cryfs volume.

1.2.8 2 years ago

-- Add a GUI way to set options when creating a securefs volume.
-- Add a GUI way to set options when creating a cryfs volume.
-- Agg a GUI way to display gocryptfs volume properties.
-- Better mount/unmount events monitoring on OSX.
-- Set it as a run time option(off by default) to support ecryptfs-simple backend that does not have suid bit set. A user
will be asked to allow polkit support on first attempt.

1.2.7 2 years ago

-- Add ability to add mount options to a favorite entry.

1.2.6 2 years ago

-- Add a build time option(-DUSE_POLKIT=true) to support ecryptfs-simple backend
build without suid bit set. This option will generate a polkit prompt on program
start giving bad user experience. Enable it only if ecryptfs-simple backend is a
necessary backend to have and it has to be installed without suid bit.
-- Default to not using a passward manager when unlocking volumes from favorites list.
-- Add an option to lock all unlocked volumes and quit the application on success.
-- Add a config option to run arbitrary command on successful mount attempt(arguments
to the command will be cipher folder,plain folder and volume type).
-- All operations around locking and unlocking of volumes can now be done from CLI.
-- Add a plugin that allows generation of a key using a key+keyfile combination
through a user configured external application. A user for example can set gpg as an
external application so that they can extract a key from a gpg encrypted keyfile.
-- Add a config option to disable displaying of passwords.
-- Add ability to store passwords in OSX keychain.

1.2.3 2 years ago

-- Make it possible to unlock a volume from favorite list without using key storage system.

1.2.2 2 years ago

Add support for creating and unlocking ecryptfs volumes.

The above support is enabled by a backend called ecryptfs-simple[1].


1.2.1 2 years ago

-- Maintanance release.
-- FIX BUG: Dont generate an update warning prompt on startup when auto check for updates is set but the application
is started while the system has no internet connection.
-- FIX BUG: Dont auto delete mount folders when a volumes was unmounted outside of SiriKali.
-- FIX BUG: Populate $PATH variable properly before calling backends since some backends fails without it.
-- FIX BUG: The build process failed to build on Qt4

version 1.2.0 3 years ago

version 1.2.0
-- Add ability to add a favorite volume with mount options(external config file path,idle timeout,auto mount).
-- Add a GUI option to select what secure key storage backend to use when auto mounting volumes.

version 1.1.0
-- Add ability to automount favorites volumes on program start up time.
-- Add ability to automount favorites volumes when they become available ie,when the files systems the volume
resides in is mounted.

1.0.0 3 years ago

-- Initial release.
-- Can create and unlock Cryfs Volumes.
-- Can create and unlock Encfs Volumes.
-- Can create and unlock Gocryptfs Volumes.
-- Can create and unlock Securefs Volumes.
-- Can save and retrieve volumes keys from KDE wallet,GNOME's libsecret and an internal
secured storage system backed by libgcrypt.
-- Can save favorite volumes for easier access to frequently used volumes.
-- Can use keys derived from passphrases,keyfiles and a combination of a passphrase and a keyfile.
-- Can be build with Qt4(default) or with Qt5.
-- Can measure password strength when creating a new volume.
The support is added using libpwquality project:

-- Add ability to unmount all volumes at the same time(Menu->UnmountAll)
-- Add ability to generate mounting dialog with a single action(Menu->Favorites->Mount All)

-- Add French translations.

-- Add ability to auto unlock a volume from CLI.An example of how to do this is:

sirikali -d /home/mtz/cryfs.volume -b "internal"

The "-b" option gives a passphrase storage backend to use to retrieve the password to unlock
the volume. Currently,only 3 backends are supported:
1. "internal" backend is always there and its backed by libgcrypt.
2. "kwallet" is backed by KDE wallet is a compile time dependency of the project.
3. "gnomewallet" is backed by GNOME's libsecret and is a compile time dependency of the project.

Set the backend to use a blank passphrase(not recommended) if you want to be able to unlock
your volumes without being prompt for a backend password.

-- Add support for unlocking volumes using an external config file.
-- Add a GUI ability to show cryfs file system space utilization.
-- Add a menu entry to set default mount point path prefix.
-- Add a convenient "HMAC+KeyFile" option to use a keyfile with an empty passphrase
as a volume password. "Key+KeyFile" option is to be used if volume passphrase is to be a combination
of a password and a keyfile. Both of these two options are better than using a "KeyFile" option
because keyfiles will most likely be trancated on the first new line character encountered and al the
contents of the keyfile may not be used leading to weak passphrase.

product-maker Baemir May 14 2017 9 excellent
product-maker dequire Sep 30 2016 9 excellent
product-maker Base: 4 x 5.0 Ratings
File (click to download) Version Description PackagetypeArchitectureRelease Channel Downloads Date Filesize DL OCS-Install MD5SUM
*Needs ocs-url or ocs-store to install things
0 Affiliates
GPLv2 or later
updated Oct 15 2019
added Aug 12 2016
downloads 24h
page views 24h 6