Currently the assistant sets up dedicated ssh keys, that can just use
git-annex. This is ok. The problem is that the initial 2 connections to the
ssh server when setting up these keys involve a password prompt, which is
done at the console unless the system happens to have a working ssh agent
that can pop up a dialog. That can be confusing.

It would be nice to have the webapp prompt for the password. Can it be done
securely?

This might come down to a simple change to the webapp to prompt for the
password, and then rather a lot of pain to make the webapp use HTTPS so we
can be pretty sure noone is sniffing the (localhost) connection.