Pulling an encryption key from Duplicati-server.sqlite? Getting an error with a SQLite browser


I have not regularly used Duplicati in some time, but I’m finding myself needing to access an old encrypted backup I have stored on OneDrive. I have no encryption password or other method of retrieving the files in said backup due to the passage of time and a few failures in my backup and password storage methods that wound up happening. But I do have a copy of the Duplicati-server.sqlite file.

There were one or two posts on these boards discussing retrieving a password from this file, but when i attempt to open it using DB Browser for SQLite, I get an error messaging saying: “Could not open database file. Reason: file is not a database.” Anyone have an idea of why this is? When I try opening with the other program included with DB Browser (SQLCipher), I’m prompted for a password but I have no clue as to what it would be.

Getting into that database may be my only option at this point. For those who have read this far and are curious as to how I screwed this up, below is a quick summary of events:

  • Had files on local hard drive and moved to Documents on iCloud Drive.
  • Randomly notice recently that the files are completely missing.
  • By the time I notice, any Time Machine backups potentially containing these files have already aged out.
  • On OneDrive yesterday and realize I still have a complete Duplicati system backup sitting there from Feb 2019. This will definitely have the files, they weren’t cloud synced at this point.
  • Redownload and configure Duplicati on the target Mac, go to pull up my old encryption key from 1Password.
  • Aaaaaand its not there. I migrated to 1PW from LP exactly one week after that last Duplicati backup and for some reason, this entry did not carry over.
  • Go to pull up my original LP export file containing everything I imported into 1PW, and for some reason, its blank.
  • Before my premium LP account expired last November, I deleted every single item from under my account before deleting the account entirely out of an abundance of caution for my personal data.

That’s the story. Definitely learned some lessons.

Welcome to the forum!

Duplicati-server.sqlite is “encrypted” (on Windows platforms) but not in a way that is compatible with DB Browser SQLCipher, so it won’t work to open it with that tool.

Do you have Duplicati installed right now? If not, one option is to install it and then just place your Duplicati-server.sqlite file in the correct folder (default is %LocalAppData%\Duplicati) before you start Duplicati the first time. If you do this you will have easy access to all the config data in the standard Web UI. You should even have access to the job configuration, so you might be able to restore pretty quickly after rebuilding the local database.

Thanks! I’ll give that a shot and report back

Wound up being a dead end - looks like the database file I had was empty. Loading it per your instructions loaded a blank configuration but didn’t prompt me to create a UI password.

Thanks anyway!

Although the test result doesn’t look encouraging, I’m kind of puzzled about your Duplicati-server.sqlite.

I’m pretty sure these are only encrypted on Windows, yet you have a Mac. I don’t have a Mac to try, but copying an encrypted DB from Windows to Linux found Duplicati choking on it and not even starting up.

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Exception: A serious error occurred in Duplicati: System.Exception: Failed to create, open or upgrade the database.
Error message: File opened that is not a database file
file is encrypted or is not a database
  at Duplicati.Server.Program.GetDatabaseConnection (System.Collections.Generic.Dictionary`2[TKey,TValue] commandlineOptions) [0x00229] in <46c5953990b348c78a387f111e07fba5>:0 
  at Duplicati.Server.Program.RealMain (System.String[] _args) [0x001a7] in <46c5953990b348c78a387f111e07fba5>:0  ---> System.Exception: Failed to create, open or upgrade the database.

It might be worth looking at your DB raw, e.g. using less Duplicati-server.sqlite. Unencrypted starts with SQLite and has human-readable text if you page down. The encrypted DB looks like random gibberish.

This test would best be performed on a copy of your original Duplicati-server.sqlite just in case the DB showing blank configuration somehow got reinitialized from Windows’ state. FWIW my file was 56 KB, without any jobs or logs (configured a blank DB on on Windows, to do the Linux experiment).

See my post here about how to decrypt the database: Which tool can open encrypted DB - #17 by surlyhacker