Install the CLI and sign in
This page covers getting the sealrepo command onto a machine and signing in to your free account. Do this once per machine — laptops, desktops, CI runners, anywhere you need to lock or unlock.
sealrepo init, lock, and unlock all require a signed-in CLI — a vault (your encrypted repo) is bound to the account that created it. The account is free with no card; the only command that works signed out is sealrepo unlock --recovery, the offline recovery-code path.Install from npm
Sealrepo is published as a single npm package. It needs Node.js 18 or newer.
Any shell, any OS$npm install -g sealrepo# Sanity check: should print the version$sealrepo --version0.2.0Don't have npm?Install Node.js from nodejs.org. npm comes with it. Bothsealrepoand the shorter aliasscare installed.Pair the CLI with your account
sealrepo loginprints a pairing URL and offers to open it — press ENTER and your browser lands on sealrepo.dev, where you click Approve once. The CLI gets a long-lived bearer token saved to~/.sealrepo/credentials.jsonwith mode0600. No password is ever stored on disk.In your shell$sealrepo loginOpen this URL in your browser to approve this device:https://sealrepo.dev/app/cli/pair?code=BX72-PQ4MPress ENTER to open in the browser...Waiting for approval ⠋✓Paired as [email protected]✓Saved token to ~/.sealrepo/credentials.jsonIn the browser tab you'll see the device-code page with a one-tap Approvebutton. No account yet? That page walks you through creating one first — free, no card. We only approve the exact code shown in your terminal — random visitors can't pair without your active terminal session.
Confirm everything works
Sanity check$sealrepo whoamiSigned in as [email protected]device: macbook-pro · darwin-arm64 · cli 0.2.0server: https://sealrepo.devIf you ever want to undo this on a specific machine — say the laptop got stolen — run
sealrepo signouton a machine that still works, or revoke the device from Settings → CLI devices on the dashboard.