diff --git a/.gitignore b/.gitignore
index 84e3fd7c85..279cb9427d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,6 +15,7 @@
 /conf/local/VERSION
 /conf/keys/device.pub
 /conf/keys/device.key
+/conf/keys/device.id
 
 # Impact Font
 /resources/font/impact.ttf
diff --git a/src/applications/almanac/management/AlmanacManagementRegisterWorkflow.php b/src/applications/almanac/management/AlmanacManagementRegisterWorkflow.php
index 022cbc645d..a9978bcff8 100644
--- a/src/applications/almanac/management/AlmanacManagementRegisterWorkflow.php
+++ b/src/applications/almanac/management/AlmanacManagementRegisterWorkflow.php
@@ -23,7 +23,15 @@ final class AlmanacManagementRegisterWorkflow
             'name' => 'allow-key-reuse',
             'help' => pht(
               'Register even if another host is already registered with this '.
-              'keypair.'),
+              'keypair. This is an advanced featuer which allows a pool of '.
+              'devices to share credentials.'),
+          ),
+          array(
+            'name' => 'identify-as',
+            'param' => 'name',
+            'help' => pht(
+              'Specify an alternate host identity. This is an advanced '.
+              'feature which allows a pool of devices to share credentials.'),
           ),
           array(
             'name' => 'force',
@@ -85,6 +93,7 @@ final class AlmanacManagementRegisterWorkflow
 
     $stored_public_path = AlmanacKeys::getKeyPath('device.pub');
     $stored_private_path = AlmanacKeys::getKeyPath('device.key');
+    $stored_device_path = AlmanacKeys::getKeyPath('device.id');
 
     if (!$args->getArg('force')) {
       if (Filesystem::pathExists($stored_public_path)) {
@@ -171,6 +180,24 @@ final class AlmanacManagementRegisterWorkflow
     Filesystem::writeFile($tmp_private, $raw_private_key);
     execx('mv -f %s %s', $tmp_private, $stored_private_path);
 
+    $raw_device = $device_name;
+    $identify_as = $args->getArg('identify-as');
+    if (strlen($identify_as)) {
+      $raw_device = $identify_as;
+    }
+
+    $console->writeOut(
+      "%s\n",
+      pht('Installing device ID...', $raw_device));
+
+    // The permissions on this file are more open because the webserver also
+    // needs to read it.
+    $tmp_device = new TempFile();
+    Filesystem::changePermissions($tmp_device, 0644);
+    execx('chown %s %s', $phd_user, $tmp_device);
+    Filesystem::writeFile($tmp_device, $raw_device);
+    execx('mv -f %s %s', $tmp_device, $stored_device_path);
+
     if (!$public_key->getID()) {
       $console->writeOut(
         "%s\n",
@@ -184,7 +211,7 @@ final class AlmanacManagementRegisterWorkflow
       pht(
         'This host has been registered as "%s" and a trusted keypair '.
         'has been installed.',
-        $device_name));
+        $raw_device));
   }
 
 }
diff --git a/src/applications/almanac/util/AlmanacKeys.php b/src/applications/almanac/util/AlmanacKeys.php
index b63cf0a98d..dec49a08a7 100644
--- a/src/applications/almanac/util/AlmanacKeys.php
+++ b/src/applications/almanac/util/AlmanacKeys.php
@@ -9,4 +9,14 @@ final class AlmanacKeys extends Phobject {
     return $keys.ltrim($key_name, '/');
   }
 
+  public static function getDeviceID() {
+    $device_id_path = self::getKeyPath('device.id');
+
+    if (Filesystem::pathExists($device_id_path)) {
+      return trim(Filesystem::readFile($device_id_path));
+    }
+
+    return null;
+  }
+
 }