Replies: 11 comments 10 replies
-
|
Checkout https://github.com/rightup/pyMC_Repeater/wiki/Identity-Management |
Beta Was this translation helpful? Give feedback.
-
|
Thank you, one of the required parameters is knowing the private key in order to run that. I'm looking on how to locate the private key in order to use that script on a new install. Parameters: <64-byte-hex-key> - The 128 hex character private key from firmware (required) |
Beta Was this translation helpful? Give feedback.
-
|
If you follow the wiki on file locations for identity management it lists all the locations 👍
Sent from Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: VE7KOD ***@***.***>
Sent: Monday, February 23, 2026 8:35:15 PM
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
Thank you, one of the required parameters is knowing the private key in order to run that. I'm looking on how to locate the private key in order to use that script on a new install.
Parameters:
<64-byte-hex-key> - The 128 hex character private key from firmware (required)
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JJBMOYDIFCARUCGHQL4NNQAHAVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJQGE2TONA>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Bows head in shame... Not sure how I missed that 😔 Thank you |
Beta Was this translation helpful? Give feedback.
-
|
edit - attempted this on two different installs / repeaters with same results. Sorry.. me again - Brand new fresh install of pymc_console w/dev repeater and trying to set the priv key up inside /etc/pymc_repeater/identity.key but it doesn't load and generates the random key. Only thing in the .key file is the 64bit private key on a single line and rights to identity.key have been set:
Below is my config.yaml and output of the logs after a restart of the service. |
Beta Was this translation helpful? Give feedback.
-
|
Sorry the script should work regardless of what front end you are using, are you sure you are feeding on the private key not the pub key?
Sent from Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: VE7KOD ***@***.***>
Sent: Tuesday, February 24, 2026 5:53:47 AM
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
Sorry.. me again - Brand new fresh install of pymc_console w/dev repeater and trying to set the priv key up inside /etc/pymc_repeater/identity.key but it doesn't load and generates the random key. Only thing in the .key if is the 64bit private key on a single line and writes to identity.key have been set:
-rw------- 1 root root 129 Feb 23 21:39 /etc/pymc_repeater/identity.key
Below is my config.yaml and output of the logs after a restart of the service.
direct_tx_delay_factor: 0.5
tx_delay_factor: 1.0
duty_cycle:
enforcement_enabled: false
max_airtime_per_minute: 3600
identities:
room_servers: null
letsmesh:
broker_index: 0
disallowed_packet_types: []
email: ''
enabled: false
iata_code: Test
owner: ''
status_interval: 300
logging:
format: '%(asctime)s - %(name)s - %(levelname)s - %(message)s'
level: INFO
mesh:
global_flood_allow: true
mqtt:
base_topic: meshcore/repeater
broker: localhost
enabled: false
password: null
port: 1883
tls:
ca_cert: null
client_cert: null
client_key: null
enabled: false
insecure: false
use_websockets: false
username: null
radio:
bandwidth: 62500
coding_rate: 5
crc_enabled: true
frequency: 910525000
implicit_header: false
preamble_length: 17
spreading_factor: 7
sync_word: 13380
tx_power: 22
repeater:
allow_discovery: true
cache_ttl: 3600
identity_file: "/etc/pymc_repeater/identity.key"
latitude: 11111
longitude: -1111
node_name: KOD Test
score_threshold: 0.3
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,512 - RepeaterDaemon - INFO - Identity manager initialized
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,513 - RepeaterDaemon - INFO - Local identity set: e0
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,513 - RepeaterDaemon - INFO - Local node hash (from identity): 0xcc
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,513 - RepeaterDaemon - INFO - Identity manager loaded 0 total identities
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,546 - LoginHelper - INFO - Created ACL for repeater 'repeater': hash=0xCC
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,546 - LoginHelper - INFO - Registered repeater 'repeater' login handler: hash=0xCC
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,547 - TextHelper - INFO - Set repeater hash for CLI: 0xCC
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,547 - TextHelper - INFO - Initialized CLI handler for repeater commands with identity and storage
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,547 - TextHelper - INFO - Registered repeater 'repeater' text handler: hash=0xCC
Feb 23 21:46:08 meshcore-nebra1 pymc-repeater[1170]: 2026-02-23 21:46:08,547 - ProtocolRequestHelper - INFO - Registered protocol request handler for 'repeater': hash=0xCC
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JKI23SLU4Z4YSJD6ML4NPROXAVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJQGUYDSNA>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Yes it's the private key generated from here When I verify the key it does come back with 128 |
Beta Was this translation helpful? Give feedback.
-
|
The script will install the key for you
Sent from Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: VE7KOD ***@***.***>
Sent: Tuesday, February 24, 2026 5:02:43 PM
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
Yes it's the private key generated from here
https://gessaman.com/mc-keygen/
When I verify the key it does come back with 128
cat /etc/pymc_repeater/identity.key | wc -c
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JOTE7FLUP22MBBJ6WT4NR73HAVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJRGMZTKNY>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Ok.. so what I'm trying to do is use a prefix that isn't in use.and won't have conflicts in my area. From letsmesh I pick my prefix, go and generate my public and private key pair at the site I posted last reply. Generate the identity.key file Restart the service. So if I understand correctly (sorry), is there is no way to pick a key pair.. you must use random from the script? Could I use the script to generate the keys then modify the key that's inside the identity.key file? I thought I would be able to just generate my own keys and use them or bring them from an existing node to a new upgraded node |
Beta Was this translation helpful? Give feedback.
-
|
Yes the script looks after the conversion for you
From with in the pymc_repeater folder
Using https://gessaman.com/mc-keygen/ get the PRIVATE KEY:
C80D647C2746791E7EE7F5E849F41F5300AA69D62500F232BB35B1E91A70D7579175DE70987A899865A4F5F71CF04C1A2D37213694481CE8CE33070552B918AE
# Usage: sudo ./convert_firmware_key.sh <64-byte-hex-key> [config-path]
# Example: sudo ./convert_firmware_key.sh C80D64...2B918AE
Thanks
Lloyd
…________________________________
From: VE7KOD ***@***.***>
Sent: 24 February 2026 17:15
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
Ok.. so what I'm trying to do is use a prefix that isn't in use.and won't have conflicts in my area. From letsmesh
https://analyzer.letsmesh.net/nodes/prefix-utilization
I pick my prefix, go and generate my public and private key pair at the site I posted last reply.
Generate the identity.key file
Add the identity key location in config.yaml
Restart the service.
So if I understand correctly (sorry), is there is no way to pick a key pair.. you must use random from the script?
Could I use the script to generate the keys then modify the key that's inside the identity.key file?
I thought I would be able to just generate my own keys and use them or bring them from an existing node to a new upgraded node
—
Reply to this email directly, view it on GitHub<#97 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JKNEZACB2WG2P224R34NSBLZAVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJRGM2DMNQ>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Sorry Lloyd - I really appreciate the time your taking here! What I'm trying to do is this |
Beta Was this translation helpful? Give feedback.
-
|
When using the identity.key it needs to be in encoded as base64
Thanks
Sent from Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: VE7KOD ***@***.***>
Sent: Tuesday, February 24, 2026 5:39:42 PM
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
Sorry Lloyd - I really appreciate the time your taking here!
I didn't use that script because I don't want to use config.yaml (mentioned previous), the wiki states this script is to insert the key in to the config.yaml and not identity.key. When I run the script like you're telling me, it of course generates the binary conversion and inserts that in the identity.key file (which I know is wrong).
What I'm trying to do is this
https://github.com/rightup/pyMC_Repeater/wiki/Identity-Management#method-1-using-identity_file-recommended
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JLFVGPGEURSEPRVWQL4NSEF5AVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJRGM3DMNI>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
OK.. I guess that's where my confusion is stemming from, the wiki states the identity.key should only contain the 128 hex key and later then gets you to confirm that it's it's 128 (or 129 with newline). I have tried it with the encoded base64 but confirming it is just the key, no other information? Cause it's still not working, this is what identity.key currently contains from the script. |
Beta Was this translation helpful? Give feedback.
-
|
Yes it only holds the secret seed
Sent from Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: VE7KOD ***@***.***>
Sent: Tuesday, February 24, 2026 7:06:44 PM
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
OK.. I guess that's where my confusion is stemming from, the wiki states the identity.key should only contain the 128 hex key
File Format:
The identity file should contain exactly 128 hex characters (64 bytes) representing the private key:
and later then gets you to confirm that it's it's 128 (or 129 with newline).
# Verify key format (should be exactly 128 hex characters)
cat /etc/pymc_repeater/identity.key | wc -c
# Should output: 128 (or 129 if newline is present)
I will try it with the encoded base64 but confirming it is just the key, no other information? this is what identity.key currently contains from the script.
mesh:
identity_key: !!binary |
mI2plRh2cqa+eZxGhtpJqNaqeWNPkvyX2.....Gl
LFlSXkcwHQ==
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JPA4EGVSY2EV6NJ3E34NSOMJAVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJRGQ2DGMI>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
thank you Not understanding the instructions on the wiki where the identity.key file needs to only hold the HEX key and should be 128 in length. The identity file should contain exactly 128 hex characters (64 bytes) representing the private key: my identity.key file now only contains the base64 as you instructed but is 90 bits (yes it's been shortened for these posts). and is still the old key info after service restart |
Beta Was this translation helpful? Give feedback.
-
|
So is it working for you now?
Sent from Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: VE7KOD ***@***.***>
Sent: Tuesday, February 24, 2026 7:19:06 PM
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
thank you
Not understanding the instructions on the wiki where the identity.key file needs to only hold the HEX key and should be 128 in length.
The identity file should contain exactly 128 hex characters (64 bytes) representing the private key:
my identity.key file now only contains the base64 as you instructed but is 90 bits (yes it's been shortened for these posts).
mI2plRh2cqa+eZxGhtpJqNaqeWNPkvyX2.....Gl
LFlSXkcwHQ==
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JI5BUKUEYUE76MWAAD4NSP2VAVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJRGQ2TMMI>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Nope.. Doesn't work with either the 128hex or the converted base64 info in the identity.key file. Identity file has been set in config.yaml |
Beta Was this translation helpful? Give feedback.
-
|
here is the contents of /etc/pymc_repeater/identity.key (I will generate a new key once I get this working).
Here is the script command I ran with all the keys
_ === MeshCore Firmware Key Import === Input (64-byte firmware key): Derived public key: f1fc76539833fc9d42589fe620afd986bc4da57bd7c8d90b8baa31de795f94c9 Created backup: /etc/pymc_repeater/identity.key.backup.1771959969075460626 Restart pymc-repeater service now? (yes/no): yes I then went in and edited the identity.key file to only contain the base64 info (first part of this reply). And restarted the daemon |
Beta Was this translation helpful? Give feedback.
-
|
I see the issue when using the identity.key file it was checking it was only allowing 32 and rejecting it unlike the yaml file.
I have updated the script and the code to now to allow this
***@***.***:~/pyMC_Repeater $ sudo ./convert_firmware_key.sh 988DA995187672A6BE799C4686DA49A8D6AA79634F92FC97DA862831A8861563E1C43308357A722BBC2DDE832F93E9E5D24E58E8FB60AF11A52C59525E47301D --output-format=identity
=== MeshCore Firmware Key Import ===
Output format: identity
Target file: /etc/pymc_repeater/identity.key
Input (64-byte firmware key):
988DA995187672A6BE799C4686DA49A8D6AA79634F92FC97DA862831A8861563E1C43308357A722BBC2DDE832F93E9E5D24E58E8FB60AF11A52C59525E47301D
Derived public key: f1fc76539833fc9d42589fe620afd986bc4da57bd7c8d90b8baa31de795f94c9
Node address: 0xf1
WARNING: Existing identity.key found at /etc/pymc_repeater/identity.key
Created backup: /etc/pymc_repeater/identity.key.backup
✓ Successfully saved to /etc/pymc_repeater/identity.key
✓ File permissions set to 0600 (owner read/write only)
✓ Config file already configured to use identity.key file
Identity key saved to file.
Restart pymc-repeater service now? (yes/no): yes
✓ Service restarted
Check logs for new identity:
sudo journalctl -u pymc-repeater -f | grep -i 'identity\|hash'
***@***.***:~/pyMC_Repeater $ sudo journalctl -u pymc-repeater -f | grep -i 'identity\|hash'
Feb 24 20:47:21 raspberrypi pymc-repeater[8262]: 2026-02-24 20:47:21,672 - ProtocolRequestHelper - INFO - Registered protocol request handler for 'repeater': hash=0xF1
You will need to use branch feat/newRadios to use this new change for now.
…________________________________
From: VE7KOD ***@***.***>
Sent: 24 February 2026 19:38
To: rightup/pyMC_Repeater ***@***.***>
Cc: Lloyd ***@***.***>; Comment ***@***.***>
Subject: Re: [rightup/pyMC_Repeater] Private keys to a new install (Discussion #97)
here is the contents of /etc/pymc_repeater/identity.key (I will generate a new key once I get this working).
mI2plRh2cqa+eZxGhtpJqNaqeWNPkvyX2oYoMaiGFWPhxDMINXpyK7wt3oMvk+nl0k5Y6PtgrxGlLFlSXkcwHQ==
Here is the script command I ran with all the keys
sudo ./convert_firmware_key.sh 988DA995187672A6BE799C4686DA49A8D6AA79634F92FC97DA862831A8861563E1C43308357A722BBC2DDE832F93E9E5D24E58E8FB60AF11A52C59525E47301D /etc/pymc_repeater/identity.key
_ === MeshCore Firmware Key Import ===
Input (64-byte firmware key):
988DA995187672A6BE799C4686DA49A8D6AA79634F92FC97DA862831A8861563E1C43308357A722BBC2DDE832F93E9E5D24E58E8FB60AF11A52C59525E47301D
Derived public key: f1fc76539833fc9d42589fe620afd986bc4da57bd7c8d90b8baa31de795f94c9
Node address: 0xf1
Created backup: /etc/pymc_repeater/identity.key.backup.1771959969075460626
✓ Successfully updated /etc/pymc_repeater/identity.key
Restart pymc-repeater service now? (yes/no): yes
✓ Service restarted _
I then went in and edited the identity.key file to only contact the base64 info (first part of this reply). And restarted the daemon
—
Reply to this email directly, view it on GitHub<#97 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACM32JICQVFXDIAK5WYCE7L4NSSE7AVCNFSM6AAAAACVYPOPMKVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKOJRGQ3TGMQ>.
You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Awesome.. thank you! |
Beta Was this translation helpful? Give feedback.
-
|
OK new install off the /feat/newRadios branch Run the new convert firmware script and and the service restarts Log in to the repeater and it's not that public key (above) and each time I restart with PS.. noticed the setup URL is missing /setup ------------- edit------- I'll play/test on a second Pihat I have at a later time |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Is there a way to copy the private key from a current install (pi 3 CM) that I want to move to a Pi 4.. It's a new install on a new SD card.
Beta Was this translation helpful? Give feedback.
All reactions