Setup & Login

Remote access lets you reach your carryOn sessions from anywhere - no tunnels, no port forwarding, no VPN. Just log in and connect.

Prerequisites

The carryOn CLI is installed and working.
An internet connection on the machine you want to access remotely.

Log in

Run the login command:

carryon remote login

carryOn will display a URL and a short code. Open the URL in a browser, enter the code, and authenticate with one of the supported providers:

GitHub
Google
Microsoft

Once you complete authentication in the browser, the CLI finishes setup automatically.

What happens behind the scenes

When you log in, carryOn:

Generates an X25519 device keypair unique to this machine.
Registers this device with the carryOn signaling service.
Stores credentials locally so the daemon can connect on startup.

Device naming

Your machine’s hostname is used as the device name by default. You can change it during the login flow if you prefer a different label. Device names help you identify which machine is which when connecting from elsewhere.

Stored credentials

File	Permissions	Purpose
`device.key`	`0600`	X25519 private key - never leaves this machine
`device.pub`	`0644`	X25519 public key - shared with the signaling service
`token.json`	`0600`	Device authentication token

The private key and token are readable only by your user. They are never transmitted to any server.

Verify

Confirm that remote access is working:

carryon remote status

This shows your device name, account, and connection state.

Log out

To remove this device’s remote access:

carryon remote logout

This removes local credentials and deregisters the device from your account. The device will no longer appear in your device list or be able to connect remotely.