# As "ledger-provider" - perform ( mac-specific ): ``` brew install go jq pkg-config hwloc git clone https://github.com/filecoin-project/lotus cd lotus make lotus-shed lotus-wallet ``` - run: `./lotus-shed ledger list` - Returns a list of 20 addresses on your ledger. Should be of the form: ``` f1a..... m/44'/461'/0'/0/0 f1b..... m/44'/461'/0'/0/1 ... ``` - run: `./lotus-shed ledger key-info "m/44'/461'/0'/0/X"` # quotes are critical, to escape the internal single quotes. - Give this result (the entire line) to the node operator - Note - despite what the output JSON says: this is NOT actually your private key. There is no way to extract it from the ledger (this is its entire point). - actually start the signing server: `./lotus-wallet run --ledger` - Make `lotus-wallet` available to the person who will be using it ( you are a *server* ) `ssh -R1777:localhost:1777 {{someuser}}@{{whateverip}}` # As "lotus-node operator" - Make sure this is enabled in `.lotus/config.toml`: ``` [Wallet] RemoteBackend = "http://127.0.0.1:1777" ``` - Run `lotus wallet import --format json-lotus` and paste the JSON line that was given to you - That's it: as long as the ssh reverse-tunnel is alive, the ledger on the other side will require operator to confirm txns whenever the lotus node makes them.