forum/Manual local pairing without webapp?git-annexhttp://git-annex.branchable.com/forum/Manual_local_pairing_without_webapp__63__/git-annexikiwiki2022-03-04T20:27:30Zcomment 1http://git-annex.branchable.com/forum/Manual_local_pairing_without_webapp__63__/comment_1_1f280e38bf5fa81d3a8cc4887f32e590/joey2021-04-08T17:22:34Z2021-04-08T17:02:04Z
<p>The assistant's local pairing uses a custom method to discover
other assistants on the LAN, but then all it does is exchange ssh public
keys, and each configures ssh to let the other's ssh public key in,
limiting it to running <code>git-annex-shell</code> and limiting git-annex-shell
to access the one repository.</p>
<p>It's pretty easy to set up the same kind of ssh public
key configuration yourself manually. Just generate a public key, and on the
other host add it to <code>.ssh/authorized_keys</code>. The git-annex-shell man page
has an example of what to put in <code>authorized_keys</code> to fully lock it down.</p>
<p>There could be room in <code>git-annex p2p</code> to implement something like the
assistant's local pairing. But I don't know if it's called for since
setting up a locked down ssh key is straightforward, at least
compared with its current use case of setting up a tor hidden service
and limiting who can access it.</p>
comment 2http://git-annex.branchable.com/forum/Manual_local_pairing_without_webapp__63__/comment_2_d83cc10b2359eb3578c6c4dd299cf308/Atemu2022-03-04T20:27:30Z2022-03-04T20:27:30Z
<p>Setting up locked-down ssh keys may seem trivial to you since you've thoroughly investigated the topic for implementing them for the assistant's pairing mechanism but I'm pretty sure your average git-annex user doesn't know how to do that or would do it wrong. I certainly wouldn't trust myself doing that on my own.</p>
<p>Support for pairing on the CLI via P2P was implemented not too long ago (which is great!) but I'd like to stick with regular IP as it's more efficient and I've got my network set up for remote access pretty well already.</p>