Hi, hope I chose the correct category and tags for this, if not please direct me to the right place.
Setup:
I have a raspberry pi 4 running home assistant and recently added a aeotec z-stick 7 with a few devices. I always chose secure inclusion when adding a new device. However after that latest update (core-2021.10) I became aware that under device information in home assistant all devices said Secure: no. I know all devices support either s0 or s2, and the z-stick should support s2 as well. Now if I look at the z-stick device info, it also says Secure: no.
Question:
Have I done something wrong?
Are these devices not supposed to be secure after secure inclusion?
What exactly does “Secure: no” mean?
Is there a good way to see if s0 or s2 is used by a device?
PS: installed the z-wave js add-on to check the config, and there is a network key and s0 and s2 key.
You mean the secure property? But all other devices are also regarded as not secure. Have an aeotec multisensor 6 e.g. that should support secure inclusion.
Performance is not an issue, since I will only have very simple sensors with small amount of data transfere. I noticed when i stopped the add-on and checked the logs it claimed I am missing a network key (even though it was set during set) and suggested using the same as the s0 key. Did that and started again, the log said now both network and s0 keys are the same and ok! Will try to exclude and include a device again.
You would be surprised at how bad S0 is. It may work out fine in your case. However, if you do notice issues, that’s one of the first things to look at.
You will be required to use the Advanced Inclusion dialog to select Legacy security. The default inclusion method does not enable S0 for devices that it isn’t generally recommended for (only locks and other security actuator devices).
Ok now I captured the log message after stopping the add-on:
INFO: No 'network_key' detected, setting it to 's0_legacy_key' for backwards compatibility
Should i set a different network key or is this fine?
I did the advanced inclusion with s2 (since it said s0 is the fallback). However it seems i dont even get s0? Or does Secure: no mean s0?
That error message makes it sound like you are using an old version of the addon that doesn’t support S2 keys. Make sure you are up-to-date with version 0.1.45. There should be more key fields, like this from my test system:
“Fallback to Legacy” means it chooses legacy for security actuator devices that don’t support S2. It’s not going to enable S0 on a multisensor, because that isn’t recommended. You have to choose Legacy manually if you want to force it.
“Secure: No” means no security. “Secure: Yes” means S2 or S0, the UI doesn’t distinguish yet.
Ok now its starting to clear up.
I am on Current version: 0.1.45 and i see all those fields in the config as well.
However i do not seem to be able to force any device to use s0 nor s2.
Testing with a magnetic door sensor and a multisensor right now. Even when i choose legacy secure inclusion, i get Secure: no
I have tried that with both the Secure if possible and Secure legacy options. Still dosn’t show up as a secure device. Is the z-stick gen7 known have issues?
The reason i want to use secure is that i live in an apartment with lots of neighbors and offices close by. Any wireless device should be “secure” imo. Also planning on adding some actuator, but before investing in that it is good to know that my setup can support at least s0.
Correcting myself, this means the s0_legacy_key is set, and the network_key is not set. The addon will set network_key because there were issues with other addon releases.