Devices

Each machine running carryOn is a device with its own cryptographic identity. Devices are registered when you run carryon remote login and appear in your account from that point on.

Viewing your devices

You can see all registered devices in two ways:

• Web dashboard - visit carryon.dev and sign in to view your devices.
• CLI - device information is shown in carryon remote status output.

Device types

Persistent devices

CLI daemons and desktop apps are persistent devices. Their keys are stored on disk and survive restarts. As long as the credentials remain in ~/.carryon/remote/, the device reconnects automatically when the daemon starts.

Ephemeral devices

Web browser sessions are ephemeral devices. Their keys exist only in memory for the duration of the browser session. When you close the tab or the session ends, the keys are cleaned up and the device is removed.

Device identity

Each device has an X25519 public key that the signaling service uses to encrypt session data specifically for that device. This means only your devices can decrypt the list of available sessions - the server never sees it in plaintext.

Device names

Device names are labels that help you tell your machines apart when connecting remotely. For example, you might see “work-laptop” and “home-desktop” in your device list. Names are set during login (defaulting to the hostname) and can be updated later.

Revoking a device

If you lose a device, sell a machine, or simply want to clean up, you can revoke it. Revoking a device:

• Removes it from your account’s device list.
• Stops it from appearing as a recipient for encrypted session lists.
• Prevents it from connecting remotely, even if the local credentials still exist.

Revocation takes effect immediately. The revoked device will not be able to re-register without going through carryon remote login again.