Insecure Zigbee2MQTT network key

I’ve recently moved away from Zigbee2MQTT and I’m now using ZHA.

When I restart HA I get this error:

Your network is using the insecure Zigbee2MQTT network key!
10:39:25 – (WARNING) /usr/local/lib/python3.9/site-packages/zigpy_znp/zigbee/application.py

Now I’m a complete novice when it comes to Linux, but I expected to go to the directory and edit the file application.py. However when I type ‘cd /usr/local/lib/python3.9/site-packages/zigpy_znp/zigbee’ at the terminal, I get a “No such directory” error.

Can you help me please?

You are using the default Zigbee network key ([1, 3, 5, 7, 9, 11, 13, 15, 0, 2, 4, 6, 8, 10, 12, 13]), that’s why you receive that warning.

Message comes off this code: zigpy-znp/zigpy_znp/zigbee/application.py at d37ac29ea7f164e43445c0a87b5b85dd0067de0d · zigpy/zigpy-znp · GitHub
And the checked default key is here: zigpy-znp/zigpy_znp/const.py at d37ac29ea7f164e43445c0a87b5b85dd0067de0d · zigpy/zigpy-znp · GitHub

Ok, thanks for that. Now how do I avoid it?

You can’t do anything about this now. If you change the network key after the Zigbee network has been established, you need to re-pair every device.

See Zigbee network | Zigbee2MQTT.

My issue is that, as far as I know, I have removed Zigbee2MQTT from my system; I have deleted the Mosquitto and Zigbee2mqtt Add-ons. Yet, I am still getting a warning regarding the Zigbee2mqtt password.

Maybe they share the same underlying framework, dunno.

I think it is stored in the NVRAM on the stick. Try to flash firmware, and after delete all nvram with the next script:

And prepare for re-pairing …

Any change of the Zigbee network key requires repairing all devices.