meshtastic/docs/configuration/remote-admin.mdx

---
id: remote-admin
title: Remote Node Administration
sidebar_label: Remote Nodes
sidebar_position: 3
description: An advanced feature which allows remote administration of a device through a secure messages on the Mesh instead of via Bluetooth, Serial, or IPv4.
---

import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";

:::caution Disclaimer
This is an advanced feature that few users should need. Keep in mind that it is possible (if you are not careful) to assign settings to a remote node that cause it to completely drop off of your mesh. We advise network admins have a test node to test settings with before applying changes to a remote node to prevent this.
:::


This feature allows you to remotely administer Meshtastic nodes through the mesh.

By default, nodes will **only** respond to administrative commands via the local USB/Bluetooth/TCP interface. This is to provide basic security to prevent unauthorized access and is how normal administration and settings changes work. The only difference for the remote case is that we are sending those commands as Admin Messages over the mesh.

## Prerequisites

In order to send the Admin Messages over the mesh, a secure method of communication must be established.

For firmware versions 2.5 and later, this is achieved by storing the public key of the controlling node in the remote node's Security Config. Up to three separate public keys can be stored in any node's settings, allowing some flexibility around remote node administration.

For firmware versions 2.4.x and earlier, this was achieved by setting up a channel with the name `admin` and a shared PSK. Commands were issued in various ways depending on the Client App, with the Admin Messages passed between nodes over this channel similar to the legacy DMs. Any node in the channel can manage any other node.

This `admin` channel method is still supported in firmware versions 2.5 and later, but must be specifically enabled via the "Legacy Admin channel" setting.

:::info
Remote Admin is complemented by setting [Managed Mode](/docs/configuration/radio/security/#managed-mode) on the remote node, which restricts radio configurations on that node. It is not necessary to set Managed Mode for Remote Admin to function.
:::


## Remote Admin Config Client Availability

<Tabs
groupId="settings"
defaultValue="apple"
values={[
{label: 'Android', value: 'android'},
{label: 'Apple', value: 'apple'},
{label: 'CLI', value: 'cli'},
{label: 'Web', value: 'web'},
]}>
<TabItem value="android">

#### Android

:::info
All current and Legacy Remote Admin config options are available for Android.
:::

#### Setting up Remote Admin using the current method 

1. Connect to the node that will be used as the local controlling node.
2. The public key of a node is found in [Security Config](/docs/configuration/radio/security/#public-key).
3. Copy the public key of the controlling node to a note taking app.
4. Connect to the node that will be used as the remote administered node.
5. The public key of the controlling node is added as Admin Key in [Security Config](/docs/configuration/radio/security/#admin-key).
6. Up to 3 Admin Keys may be supplied, allowing up to 3 controlling nodes.

#### Setting up Remote Admin using the Legacy method

An Admin channel is set up by entering a secondary channel with the name `admin` using the method described in [Channels](/docs/configuration/radio/channels/)

Legacy admin is enabled using the Legacy Admin channel option in [Security Config](/docs/configuration/radio/security/#admin-channel-enabled).

#### Carrying out Remote Admin tasks

1. Open the Meshtastic App, connect to the local controlling node.
2. In the node list pane, select a node by tapping the Short Name in the colored bubble, then select More details.
3. In the more details screen, select Remote Administration, next to a gear icon.
4. From the Remote Administration screen, all Radio and Module configuration options are available.

</TabItem>
<TabItem value="apple">

#### Apple

:::info
All current and Legacy Remote Admin config options are available iOS, iPadOS and macOS
:::

#### Setting up Remote Admin using the current method 

1. Connect to the node that will be used as the local controlling node.
2. The public key of a node is found in [Security Config](/docs/configuration/radio/security/#public-key).
3. Copy the public key of the controlling node to a note taking app.
4. Connect to the node that will be used as the remote administered node.
5. The public key of the controlling node is added as Admin Key in [Security Config](/docs/configuration/radio/security/#admin-key).
6. Up to 3 Admin Keys may be supplied, allowing up to 3 controlling nodes.

#### Setting up Remote Admin using the Legacy method

An Admin channel is set up by entering a secondary channel with the name `admin` using the method described in [Channels](/docs/configuration/radio/channels/)

Legacy admin is enabled using the Legacy Admin channel option in [Security Config](/docs/configuration/radio/security/#admin-channel-enabled).

#### Carrying out Remote Admin tasks

1. Open the Meshtastic App, connect to the local controlling node.
2. ???
3. ???
4. From the Remote Administration screen, all Radio and Module configuration options are available.

</TabItem>
<TabItem value="cli">

#### CLI

:::info
All current and Legacy Remote Admin config options are available in the python CLI.
:::

Commands are issued using a `--dest '!28979058'` argument and node ID to identify the remote node.

:::info
The --dest argument value must be in single quotes for linux/mac: '!28979058', no quotes for Windows: !28979058.
:::

</TabItem>
<TabItem value="web">

#### Web

:::info
All current and Legacy Remote Admin config options are available in the Web UI.
:::

</TabItem>
</Tabs>