As far as I can tell, the
Duplicati-server.sqlite is encrypted using the “SQLite Encryption Extension” (SEE), which is actually a paid extension to SQLite. However, there is a freely available implementation in the
System.Data.SQLite .NET library, which is of course distributed with Duplicati. So I found the easiest way to query this database (assuming you don’t want to have Duplicati permanently unencrypt it) is to copy the file somewhere and use this Powershell code on Windows to decrypt that copy, which you can then open with your SQLite browser/tool of choice.
Here is the Powershell code to decrypt:
[Reflection.Assembly]::LoadFile("C:\Program Files\Duplicati 2\System.Data.SQLite.dll")
$oSQLiteDBConnection = New-Object System.Data.SQLite.SQLiteConnection
$oSQLiteDBConnection.ConnectionString = $sDatabaseConnectionString
Of course, you should replace the path in the
LoadFile line to correspond to your Duplicati install.
And replace the path in the value of
$sDatabasePath with the place where you’ve put the copy of the database.
Yes, the default password (unless you changed it) is “Duplicati_Key_42”
Credit: Got some example code from here: Powershell: Working with a SQLite Database
Ancient C# example: Encrypting, decrypting and attaching to encrypted databases - System.Data.SQLite
Code that does this in Duplicati: duplicati/SQLiteLoader.cs at de13cbcbd0f85492e8b8603def0ced7d7472a8e4 · duplicati/duplicati · GitHub
I guess the method was removed in later releases (see below)
Duplicati 22.214.171.124 is distributed with System.Data.SQLite 126.96.36.199
For historical auditing purposes, it seems that starting with System.Data.SQLite version 188.8.131.52, support for encryption was entirely removed in this checkin:
by modifying the file
/Targets/SQLite.NET.Settings.targets, and setting the value of
InteropCodec to false.
specifically the comment says “Merge all changes needed for the SQLite core library 3.32.0 release.”
Which reveals to us that the actual culprit is SQLite itself, where in release 3.32.0, they removed support for encryption as well, in this commit:
Where the comment says “simplify the code by removing the unsupported and undocumented SQLITE_HAS_CODEC compile-time option”
Neither the change in System.Data.SQLite nor in SQLite are documented in the release notes for these projects.