IOCipher

How to mount a IOCipher vfs container file on Debian GNU/Linux and friends

You need to build libsqlfs from source (./configure && make). The virtual disk file and password is hard-coded to /tmp/fsdata in fuse_sqlfs.c. Then to mount it, run ./fuse_sqlfs command after its built from libsqlfs source. Here's the whole process:


sudo apt-get install libsqlcipher-dev
git clone https://github.com/guardianproject/libsqlfs
cd libsqlfs
./configure
make
cp /path/to/my/vfsfile.db /tmp/fsdata
mkdir /tmp/vfsfilemnt
echo mypassword | ./fuse_sqlfs /tmp/vfsfilemnt
kill `ps auxww | grep '[f]use_sqlfs ' | cut -b9-16` # unmount

If you want to do this as root, you can also mount it that way:

echo mypassword | sudo ./fuse_sqlfs -o allow_other /tmp/vfsfilemnt
sudo umount /tmp/vfsfilemnt

Either way, the contents will then be available under /tmp/vfsfilemnt. You can also use the included utilities sqlfscat and sqlfsls to access files inside the vfs container without mounting it. For those, you send the VFS password to stdin, e.g.:


echo mypassword | sqlfsls myvfs.db
echo mypassword | sqlfscat myvfs.db /secret.txt

If you are using CacheWord with IOCipher, then there is a level of indirection between the password you type, and the key that is provided to IOCipher. With CacheWord, the password unlocks the encryped key, and that key unlocks IOCipher.

Also available in: PDF HTML TXT