Ok you should change the b"c"*0x16 to b"3ZuWuB${<i6!$'*r"
I’ll make the script handle this in a moment.
simulacra@DESKTOP-EFF32PG:~$ python3 log.py
File "log.py", line 37
cipher = AES.new(b"3ZuWuB${<i6!$’*r", AES.MODE_ECB)
^
SyntaxError: bytes can only contain ASCII literal characters.
simulacra@DESKTOP-EFF32PG:~$
it has been copied incorrectly, checking
type it out instead of pasting - probably the ’ has got encoded by this website.
simulacra@DESKTOP-EFF32PG:~$ python3 log.py
Encoded aus-key as hex string line 1>10 10 45 30 69 72 69 6f 78 42 39 5a 60 5d 78 36
Encoded aus-key as hex string line 2>51 4e
Traceback (most recent call last):
File "log.py", line 37, in <module>
cipher = AES.new(b"3ZuWuB${<i6$'*r", AES.MODE_ECB)
File "/usr/lib/python3/dist-packages/Crypto/Cipher/AES.py", line 94, in new
return AESCipher(key, *args, **kwargs)
File "/usr/lib/python3/dist-packages/Crypto/Cipher/AES.py", line 59, in __init__
blockalgo.BlockAlgo.__init__(self, _AES, key, *args, **kwargs)
File "/usr/lib/python3/dist-packages/Crypto/Cipher/blockalgo.py", line 141, in __init__
self._cipher = factory.new(key, *args, **kwargs)
ValueError: AES key must be either 16, 24, or 32 bytes long
simulacra@DESKTOP-EFF32PG:~$
Ok, script has been updated to account for this. Hopefully will work now - let me know!
1 Like
you missed a char - the ! 
Updated guide works!
tuya-linux login: root
Password:
Tuya Linux version 1.0
Jan 1 00:00:32 login[120]: root login on 'console'
# pwd
/
#
Cool!
1 Like
It has at least mqtt client
# tail -f /tmp/tuya.log
[01-30 17:22:04:580 TUYA Debug][mqtt_client.c:1133] ping respond. update fail_cnt:0
[01-30 17:23:01:300 TUYA Debug][tuya_z3.c:19484] process monitor, g_tyz3Globals.permit:0.
[01-30 17:23:04:590 TUYA Debug][mqtt_client.c:156] mqtt_ping -->>
[01-30 17:23:04:590 TUYA Debug][mqtt_client.c:176] mqtt_ping <<--
[01-30 17:23:04:710 TUYA Debug][mqtt_client.c:1133] ping respond. update fail_cnt:0
[__CheckNcpPacketFreeBuff:5197] Packet free num: 236.
[01-30 17:24:01:330 TUYA Debug][tuya_z3.c:19484] process monitor, g_tyz3Globals.permit:0.
[01-30 17:24:04:720 TUYA Debug][mqtt_client.c:156] mqtt_ping -->>
[01-30 17:24:04:720 TUYA Debug][mqtt_client.c:176] mqtt_ping <<--
[01-30 17:24:04:840 TUYA Debug][mqtt_client.c:1133] ping respond. update fail_cnt:0
Thanks for your work Paul, I will now go and try and find one to buy, knowing that I can use it 
2 Likes
Because I’m having a hard time pairing devices with the Lidl gateway, I was looking at a way to change the default Zigbee channel the gateway is using (15).
It’s possible using the bellows script, which I believe comes with Home Assistant. However, since I run HA from Docker I tried to see if it was possible using the serial gateway, which it was.
!!! WARNING !!!: changing the Zigbee channel is a destructive operation, it creates an entirely new Zigbee network and you need to re-pair all Zigbee devices.
Install requirements (I did all this on macOS, YMMV):
- create a Python 3 virtual environment:
python3 -mvenv bellows-venv - activate it:
source ./bellows-venv/bin/activate - install
bellows:
pip install bellows
(using a virtual environment isn’t strictly necessary, but I would recommend it because it makes it really easy to discard any packages and executable once you’re done)
First, you need to tell the gateway to leave the current network:
bellows -d socket://192.168.1.123:8888 leave
(change the IP-address to your gateway’s IP address)
Next, you create a new network:
bellows -d socket://192.168.1.123:8888 form -D ./zigbee.db -c 22
(-c 22 sets the channel to 22)
I didn’t get any output from that command, so I Ctrl-C’d out of it.
To check which channel is being used, you can use this command:
bellows -d socket://192.168.1.123:8888 info
Output:
…
[<EmberStatus.SUCCESS: 0>, <EmberNodeType.COORDINATOR: 1>, EmberNetworkParameters(extendedPanId=XXX, panId=XXX, radioTxPower=8, radioChannel=22, joinMethod=<EmberJoinMethod.USE_MAC_ASSOCIATION: 0>, nwkManagerId=0x0000, nwkUpdateId=0, channels=<Channels.ALL_CHANNELS: 134215680>)]
…
I don’t know if the next steps are required, but I did them anyway.
- Copy the file
zigbee.db, which was created by theformcommand, to your Home Assistant root directory (the one containingconfiguration.yaml). There’s probably already a file with the same name there, which you should overwrite (WARNING: if you have other ZHA integrations configured, you probably shouldn’t; I don’t know what the file contains specifically, so it may not be necessary to overwrite it) - Add the following to your HA configuration:
zha:
zigpy_config:
network:
channel: 22
FWIW, I’m still having pairing issues so it wasn’t resolved by changing the channel, but I thought I’d share this anyway 
4 Likes
which device are you trying to pair btw?
I’ve tried a couple of times to pair a Xiaomi Wireless Button but it didn’t work https://zigbee.blakadder.com/Xiaomi_WXKG01LM.html
And my Tuya zigbee door lock doesn’t pair either it only does if connected to Tuya App.
Some of Tuya devices are not compliant with “Zigbee Alliance” isn’t that gonna affect and be a problem??
On the hub I found this tool:
# tuya/tuya_user1/debugtool
*********************************
Build time: Oct 8 2019 14:53:25
Support cmd:
0: get net info.
1: update zigbee coo.
2: plugin counters printf.
3: set tx radio power.
4: start RF test mode.
5: stop RF test.
6: install code.
7: create a specified zigbee network.
q/Q: quit debug.
*********************************
******Input cmd:
@Sthope I tried these:
- Xiaomi Mijia motion sensor https://zigbee.blakadder.com/Xiaomi_RTCGQ01LM.html
- Aqara contact sensor https://zigbee.blakadder.com/Aqara_MCCGQ11LM.html
- Aqara cube https://zigbee.blakadder.com/Aqara_MFKZQ01LM.html
In the end I only managed to get the cube paired.
I was planning to take a closer look tomorrow (also with some other brands, I have a few IKEA and Innr bulbs I don’t use at the moment), with the aforementioned bellows it should be possible to manage the Zigbee network from the command line and the tool you found also looks very interesting. I’ll keep you posted.
1 Like
The hack works fine. Thank you, Paul!
I had only one temperature sensor linked to Tuya app and it has been migrated to ZHA automatically after I connected the hub to HA.
Then I successfully linked other devices to ZHA.
1 Like
Little update: I modified the bellows script to create a Zigbee network with more TX power. It uses 8 by default (hardcoded) and I modified it to 18, which is close to the maximum AFAIK. Also, I’m now using channel 11 because I remembered that perhaps Xiaomi devices only accept a fixed number of channels instead of the full range.
The result is that I managed to pair the Xiaomi Mijia motion sensor and the contact sensor.
Pairing needs to be done almost next to the gateway for it to succeed, but once a device is paired range seems to be quite acceptable: I’m sitting about 12m from the gateway, which is tucked away behind a door in a closet, and both sensors work just fine.
For those interested, the fix I made in the bellows script (part of [email protected]) is in the file bellows/zigbee/application.py line 199:
parameters.radioTxPower = t.uint8_t(8)
I changed this to:
parameters.radioTxPower = t.uint8_t(18)
After this I created a new network as per my previous post.
2 Likes
Hi !
Brillant ! I just got my gateway and I have dozen of Xiaomi sensors.
Perhap’s it will be a good Gateway V2 replacement !
Do you know how to dump the 25q127cs1g without unsoldering it ? (with realtek commands like u-boot and tftp)
Kind regards,
have you checked https://github.com/banksy-git/lidl-gateway-freedom/tree/master/scripts ?
The dump script toke me about 5 hours to complete btw
1 Like
Finally I just insoldered the VCC pin of the flash and dumped the content with my CH341A.
Now I wonder if we can build and install openwrt on it.
spoiler alert: “we can” 
2 Likes
OK, it seems that OpenWRT is not very well supported. At least an as open as possible firmware would be great.