Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 28 million developers.Sign up
We're incrementally releasing a packaged version of Autopsy for Linux. This is the first version of it based on the official 4.6.0 release.
The following need to be done at least once. They do not need to be repeated for each Autopsy release.
- Install testdisk for photorec functionality
% sudo apt-get install testdisk
- Install Oracle Java and set JAVA_HOME. Use the instructions here:
- Install the sleuthkit-java.deb file that is part of this Autopsy release. This is not an official package yet. This will install libewf, etc.
% sudo apt install ./sleuthkit-java_4.6.0-1_amd64.deb
- Make a directory for autopsy, for example:
% mkdir autopsy-4.6.0-linux1
- Move the ZIP file that is part of this release into the folder and extract the contents (note the ZIP file does not contain a single top-level folder).
- Run the unix_setup script to configure Autopsy
% sh unix_setup.sh
- In a terminal, change to the ‘bin’ directory in the folder you created.
- Run Autopsy
- Multi-user cases are not supported
- Local drives cannot be analyzed
- VMDK / VHDI images not supported
- Dead JAR issues if you ever run as ‘root’. Other users can’t overwrite one of the .so files. To fix it, have root delete the /tmp/libtsk_jni.so file.