> ## Documentation Index
> Fetch the complete documentation index at: https://docs.factory.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Persistent, long-lived compute environments for Droid

Droid Computers are persistent compute environments that Droid can connect to and work on across sessions. Unlike ephemeral cloud templates that are destroyed after each session, computers **retain state** — installed packages, files, running services, and configuration all persist between sessions.

## Computer types

Factory supports two ways to use Droid Computers:

* **Bring Your Own Machine (BYOM)** — You register a machine you already manage, such as a VPS, workstation, or on-prem server
* **Managed Computers** — Factory provisions and manages the underlying cloud computer for you

Both types appear in **Settings → Droid Computers** and can be used as long-lived targets for Droid sessions.

## Using computers in sessions

### Web app

In the new session modal, select the **Computer** tab, pick an active computer, set a working directory (for example, `/home/factory-user/projects/my-app`), and start your session.

Connection status (connecting / connected / error) is shown in real time.

### Slack

Computers can also be selected when creating sessions via the Slack integration.

## Managing computers

From **Settings → Droid Computers**, you can:

* Configure your own local computer
* Browse available computers
* Rename a computer
* Delete a computer
* Open the detail page for status and connection information (Managed Computers only)

## Bring Your Own Machine (BYOM)

You can register any machine you own — VPS, cloud VM, on-prem server, etc. — as a Droid Computer. For the full BYOM setup flow, Remote Access guidance, and management notes, see [Bring Your Own Machine (BYOM)](/cli/features/droid-computers-byom).

## Managed Computers

The fastest way to get started is to create a computer directly from the Factory web app.

1. Navigate to **Settings → Droid Computers**.
2. Click **Create**.
3. Give your computer a name.

Factory provisions a cloud computer (4 CPU, 8GB RAM, 6GB swap) automatically. Provisioning progress is tracked live in the UI through the following steps:

1. **Creating computer** — allocating the cloud computer
2. **Setting up user** — creating the `factory-user` account with sudo access
3. **Configuring environment** — writing environment config, SSH keys, and service files
4. **Installing Droid** — downloading and installing the Droid binary
5. **Starting services** — launching the SSH and Droid daemon services

Once provisioning completes, the computer status changes to **Active** and it becomes available for use in sessions. Platform-managed computers auto-pause when idle and auto-resume when a new session targets them. They also expose provisioning details, resource metrics, and remote update flows.

## CLI commands

### General

| Command                     | Description                                                        |
| --------------------------- | ------------------------------------------------------------------ |
| `droid computer list`       | List all computers (shows name, ID, status; marks current machine) |
| `droid computer ssh <name>` | Open an interactive SSH session to any computer                    |

### BYOM setup

| Command                          | Description                                              |
| -------------------------------- | -------------------------------------------------------- |
| `droid computer register [name]` | Register the current machine as a BYOM computer          |
| `droid computer remove`          | Unregister the current machine and clean up local config |

### SSH options

The `ssh` subcommand supports the following flags:

* `--proxy` — Run as a stdio proxy (for use as a `ProxyCommand`)
* `--port <port>` — Target port on the remote machine (default: 22)
* `--debug` — Enable verbose connection logging

## Monitoring

Click on any computer in **Settings → Droid Computers** to open its detail page. For platform-managed computers, the detail page shows live resource metrics:

* **CPU usage** — percentage utilization over time
* **Memory usage** — used vs. total memory
* **Disk usage** — used vs. total disk space

The detail page also shows the current **daemon version** and connection status. Possible computer statuses are:

* **Provisioning** — initial setup in progress
* **Active** — ready for sessions
* **Error** — provisioning or runtime failure

## Updating the daemon

The computer detail page displays the running daemon version alongside the latest available version. When an update is available, an **Update** button appears. Clicking it triggers a remote update — the daemon downloads the new binary, restarts, and reconnects automatically.

## Git credentials

* **BYOM** — Droid uses whatever git credentials are already configured on the machine.
* **Managed Computers** — If you have a personal GitHub integration with Factory, credentials are added automatically for authenticated repository access. When you add new GitHub App installations or change repository access, credentials are refreshed automatically on the next session connection.

## SSH & IDE integration

`droid computer ssh <name>` establishes a secure WebSocket tunnel through the daemon — no direct SSH port exposure is required. Factory generates and manages a dedicated Ed25519 SSH key pair (stored in `~/.factory/.ssh/`), separate from your personal SSH keys. The public key is injected on each connection for passwordless authentication.

### VS Code Remote-SSH

You can use `droid computer ssh` as a `ProxyCommand` for VS Code Remote-SSH:

```
Host factory-mycomputer
  ProxyCommand droid computer ssh mycomputer --proxy
  User factory-user
  IdentityFile ~/.factory/.ssh/id_ed25519
  IdentitiesOnly yes
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
```

This lets you open a full VS Code remote session on your Droid Computer.

## Security

* **Firewall** — Platform-managed computers use iptables rules to restrict inbound traffic to the daemon port only; all other ports are blocked by default. Note that `factory-user` has passwordless sudo access and could modify these rules. For a hard network-level boundary, use relay mode, which blocks all public traffic at the infrastructure level.
* **SSH hardening** — Root login and password authentication are disabled.
* **Relay mode** — BYOM computers route all traffic through Factory's relay service, so no public ports are exposed. Platform-managed computers can also be configured to use relay mode at the organization level for stricter network isolation.
* **Git credentials** — Configured automatically per-user for authenticated repository access on platform-managed computers.