Skip to contents

User commands


data_request_access(path_data = NULL, path_user = NULL, quiet = FALSE)

  path_data = NULL,
  path_user = NULL,
  test = TRUE,
  quiet = FALSE,
  cache = TRUE



Path to the data. If not given, then we look recursively down below the working directory for a ".cyphr" directory, and use that as the data directory.


Path to the directory with your user key. Usually this can be omitted. This argument is passed in as both pub and key to keypair_openssl(). Briefly, if this argument is not given we look at the environment variables USER_PUBKEY and USER_KEY - if set then these must refer to path of your public and private keys. If these environment variables are not set then we fall back on ~/.ssh/ and ~/.ssh/id_rsa, which should work in most environments. Alternatively, provide a path to a directory where the file and id_rsa can be found.


Suppress printing of informative messages.


Test that the encryption is working? (Recommended)


Cache the key within the session. This will be useful if you are using ssh keys that have passwords, as if the key is found within the cache, then you will not have to re-enter your password. Using cache = FALSE neither looks for the key in the cache, nor saves it.


# The workflow here does not really lend itself to an example,
# please see the vignette.

# Suppose that Alice has created a data directory:
path_alice <- tempfile()
cyphr::ssh_keygen(path_alice, password = FALSE)
path_data <- tempfile()
dir.create(path_data, FALSE, TRUE)
cyphr::data_admin_init(path_data, path_user = path_alice)
#> Generating data key
#> Authorising ourselves
#> Adding key 27:c3:86:ed:3a:2a:f3:de:30:33:24:99:41:db:8a:dc:a8:ea:18:90:46:9f:69:ba:f9:9a:db:45:ba:f5:ff:23
#>   user: root
#>   host: ac5bacf9b4a6
#>   date: 2024-06-12 05:16:57.261427
#> Verifying

# If Bob can also write to the data directory (e.g., it is a
# shared git repo, on a shared drive, etc), then he can request
# access
path_bob <- tempfile()
cyphr::ssh_keygen(path_bob, password = FALSE)
hash <- cyphr::data_request_access(path_data, path_user = path_bob)
#> A request has been added
#> Email someone with access to add you
#>     hash: 4b:0f:f0:68:9f:1a:c9:4c:dd:6b:c9:9e:c0:a9:fc:4c:a2:e1:b1:b4:ec:d3:34:1f:11:aa:f4:df:3f:79:27:27
#> If you are using git, you will need to commit and push first:
#>     git add .cyphr
#>     git commit -m "Please add me to the dataset"
#>     git push

# Alice can authorise Bob
cyphr::data_admin_authorise(path_data, path_user = path_alice, yes = TRUE)
#> There is 1 request for access
#> Adding key 4b:0f:f0:68:9f:1a:c9:4c:dd:6b:c9:9e:c0:a9:fc:4c:a2:e1:b1:b4:ec:d3:34:1f:11:aa:f4:df:3f:79:27:27
#>   user: root
#>   host: ac5bacf9b4a6
#>   date: 2024-06-12 05:16:57.585101
#> Added 1 key
#> If you are using git, you will need to commit and push:
#>     git add .cyphr
#>     git commit -m "Authorised root"
#>     git push

# After which Bob can get the data key
cyphr::data_key(path_data, path_user = path_bob)
#> <cyphr_key: sodium>

# See the vignette for more details.  This is not the best medium
# to explore this.

# Cleanup
unlink(path_alice, recursive = TRUE)
unlink(path_bob, recursive = TRUE)
unlink(path_data, recursive = TRUE)