meshtastic/docs/configuration/remote-admin.mdx

---
id: remote-admin
title: Remote Node Administration
sidebar_label: Remote Nodes
sidebar_position: 3
description: An advanced feature which allows remote administration of a device through secure messages on the Mesh instead of via Bluetooth, Serial, or IPv4.
---

import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";

:::caution Disclaimer
This is an advanced feature that few users should need. Keep in mind that it is possible (if you are not careful) to assign settings to a remote node that cause it to completely drop off of your mesh. We advise network admins have a test node to test settings with before applying changes to a remote node to prevent this.
:::


This feature allows you to remotely administer Meshtastic nodes through the mesh.

By default, nodes will **only** respond to administrative commands via the local USB/Bluetooth/TCP interface. This is to provide basic security to prevent unauthorized access and is how normal administration and settings changes work. The only difference for the remote case is that we are sending those commands as Admin Messages over the mesh.

## Prerequisites

In order to send the Admin Messages over the mesh, a secure method of communication must be established.

For firmware versions 2.5 and later, this is achieved by storing the public key of the controlling node in one of the remote node's Security Config Admin Key fields. A node has up to three separate Admin Key fields, allowing some flexibility around remote node administration.

For firmware versions 2.4.x and earlier, this was achieved by setting up a channel with the name `admin` and a shared PSK. Admin Messages passed between nodes over this channel similar to the legacy DMs, encrypted only with the channel's PSK. Any node in the channel could manage any other node.

This `admin` channel method is still supported in firmware versions 2.5 and later, but must be specifically enabled via the "Legacy Admin channel" setting and is only for managing pre-2.5 nodes. A firmware version 2.5 and later node cannot be managed in this way.

:::info
Remote Admin is complemented by setting [Managed Mode](/docs/configuration/radio/security/#managed-mode) on the remote node, which restricts radio configurations on that node. It is not necessary to set Managed Mode for Remote Admin to function.
:::


## Remote Admin Config Client Availability

<Tabs
groupId="settings"
defaultValue="apple"
values={[
{label: 'Android', value: 'android'},
{label: 'Apple', value: 'apple'},
{label: 'CLI', value: 'cli'},
{label: 'Web', value: 'web'},
]}>
<TabItem value="android">

#### Android

:::info
All current and Legacy Remote Admin config options are available for Android.
:::

#### Setting up Remote Admin using the current method 

1. Connect to the node that will be used as the local controlling node.
2. The public key of a node is found in [Security Config](/docs/configuration/radio/security/#public-key).
3. Copy the public key of the controlling node to a note taking app, or manually send it to the remote node as a DM.
4. Connect to the node that will be used as the remote administered node.
5. The public key of the controlling node is added as an Admin Key in one of the fields in [Security Config](/docs/configuration/radio/security/#admin-key).
6. Up to 3 Admin Keys may be supplied, one per field, allowing up to 3 controlling nodes.

#### Setting up Remote Admin using the Legacy method

An Admin channel is set up by entering a secondary channel with the name `admin` using the method described in [Channels](/docs/configuration/radio/channels/)

Legacy admin is enabled using the Legacy Admin channel option in [Security Config](/docs/configuration/radio/security/#admin-channel-enabled).

#### Carrying out Remote Admin tasks

1. Open the Meshtastic App, connect to the local controlling node.
2. In the node list pane, select a node by tapping the Short Name in the colored bubble, then select More details.
3. In the more details screen, select Remote Administration, next to a gear icon.
4. From the Remote Administration screen, all Radio and Module configuration options are available.

</TabItem>
<TabItem value="apple">

#### Apple

:::info
All current and Legacy Remote Admin config options are available iOS, iPadOS and macOS
:::

#### Setting up Remote Admin using the current method 

1. Connect to the node that will be used as the local controlling node.
2. The public key of a node is found in [Security Config](/docs/configuration/radio/security/#public-key).
3. Copy the public key of the controlling node to a note taking app, or manually send it to the remote node as a DM.
4. Still in the local node, in Settings -> App Settings -> Turn on Administration.
5. Connect to the node that will be used as the remote administered node.
6. The public key of the controlling node is added as Admin Key in [Security Config](/docs/configuration/radio/security/#admin-key).
7. Up to 3 Admin Keys may be supplied, allowing up to 3 controlling nodes.
8. Still in the remote node, in Settings -> App Settings -> Turn on Administration.

#### Setting up Remote Admin using the Legacy method

An Admin channel is set up by entering a secondary channel with the name `admin` using the method described in [Channels](/docs/configuration/radio/channels/)

Legacy admin is enabled using the Legacy Admin channel option in [Security Config](/docs/configuration/radio/security/#admin-channel-enabled).

#### Carrying out Remote Admin tasks

1. Open the Meshtastic App, connect to the local controlling node.
2. In Settings -> App Settings -> Turn on Administration
3. Choose a node under Settings -> Configure Node
4. From the Settings screen, all Radio and Module configuration options are available for the remote node.
5. When finished, select your own node in Settings -> Configure Node, or disable Remote Admin under Settings -> App Settings -> Turn off Administration

</TabItem>
<TabItem value="cli">

#### CLI

:::info
All current and Legacy Remote Admin config options are available in the python CLI.
:::

Commands are issued using a `--dest '!28979058'` argument and node ID to identify the remote node.

:::info
The --dest argument value must be in single quotes for linux/mac: '!28979058', no quotes for Windows: !28979058.
:::

</TabItem>
<TabItem value="web">

#### Web

:::info
All current and Legacy Remote Admin config options are available in the Web UI.
:::

</TabItem>
</Tabs>
Device pages 2021-05-01 10:51:51 -07:00			`---`
revamp refinements 2022-11-03 17:10:08 -07:00			`id: remote-admin`
organizational improvments 2022-11-02 13:21:48 -07:00			`title: Remote Node Administration`
			`sidebar_label: Remote Nodes`
move rak gpio to 4631 page 2023-09-19 21:40:54 -07:00			`sidebar_position: 3`
oops 2024-10-30 15:38:54 -07:00			`description: An advanced feature which allows remote administration of a device through secure messages on the Mesh instead of via Bluetooth, Serial, or IPv4.`
Device pages 2021-05-01 10:51:51 -07:00			`---`

Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`import Tabs from "@theme/Tabs";`
			`import TabItem from "@theme/TabItem";`

cleanup and reformatting content 2022-11-07 20:53:52 -08:00			`:::caution Disclaimer`
			`This is an advanced feature that few users should need. Keep in mind that it is possible (if you are not careful) to assign settings to a remote node that cause it to completely drop off of your mesh. We advise network admins have a test node to test settings with before applying changes to a remote node to prevent this.`
			`:::`

Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00
cleanup and reformatting content 2022-11-07 20:53:52 -08:00			`This feature allows you to remotely administer Meshtastic nodes through the mesh.`

Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`By default, nodes will only respond to administrative commands via the local USB/Bluetooth/TCP interface. This is to provide basic security to prevent unauthorized access and is how normal administration and settings changes work. The only difference for the remote case is that we are sending those commands as Admin Messages over the mesh.`

cleanup and reformatting content 2022-11-07 20:53:52 -08:00			`## Prerequisites`

Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`In order to send the Admin Messages over the mesh, a secure method of communication must be established.`

Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			`For firmware versions 2.5 and later, this is achieved by storing the public key of the controlling node in one of the remote node's Security Config Admin Key fields. A node has up to three separate Admin Key fields, allowing some flexibility around remote node administration.`
cleanup and reformatting content 2022-11-07 20:53:52 -08:00
Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			For firmware versions 2.4.x and earlier, this was achieved by setting up a channel with the name `admin` and a shared PSK. Admin Messages passed between nodes over this channel similar to the legacy DMs, encrypted only with the channel's PSK. Any node in the channel could manage any other node.
Device pages 2021-05-01 10:51:51 -07:00
Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			This `admin` channel method is still supported in firmware versions 2.5 and later, but must be specifically enabled via the "Legacy Admin channel" setting and is only for managing pre-2.5 nodes. A firmware version 2.5 and later node cannot be managed in this way.
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00
			`:::info`
			`Remote Admin is complemented by setting [Managed Mode](/docs/configuration/radio/security/#managed-mode) on the remote node, which restricts radio configurations on that node. It is not necessary to set Managed Mode for Remote Admin to function.`
			`:::`
Device pages 2021-05-01 10:51:51 -07:00

Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`## Remote Admin Config Client Availability`
Fix build & use absolute paths across the board 2022-01-01 23:03:24 -08:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`<Tabs`
			`groupId="settings"`
			`defaultValue="apple"`
			`values={[`
			`{label: 'Android', value: 'android'},`
			`{label: 'Apple', value: 'apple'},`
			`{label: 'CLI', value: 'cli'},`
			`{label: 'Web', value: 'web'},`
			`]}>`
			`<TabItem value="android">`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`#### Android`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`:::info`
			`All current and Legacy Remote Admin config options are available for Android.`
Device pages 2021-05-01 10:51:51 -07:00			`:::`
Updated examples 2023-06-14 23:12:47 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`#### Setting up Remote Admin using the current method`

			`1. Connect to the node that will be used as the local controlling node.`
			`2. The public key of a node is found in [Security Config](/docs/configuration/radio/security/#public-key).`
Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			`3. Copy the public key of the controlling node to a note taking app, or manually send it to the remote node as a DM.`
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`4. Connect to the node that will be used as the remote administered node.`
Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			`5. The public key of the controlling node is added as an Admin Key in one of the fields in [Security Config](/docs/configuration/radio/security/#admin-key).`
			`6. Up to 3 Admin Keys may be supplied, one per field, allowing up to 3 controlling nodes.`
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00
			`#### Setting up Remote Admin using the Legacy method`

			An Admin channel is set up by entering a secondary channel with the name `admin` using the method described in [Channels](/docs/configuration/radio/channels/)

			`Legacy admin is enabled using the Legacy Admin channel option in [Security Config](/docs/configuration/radio/security/#admin-channel-enabled).`

			`#### Carrying out Remote Admin tasks`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`1. Open the Meshtastic App, connect to the local controlling node.`
			`2. In the node list pane, select a node by tapping the Short Name in the colored bubble, then select More details.`
			`3. In the more details screen, select Remote Administration, next to a gear icon.`
			`4. From the Remote Administration screen, all Radio and Module configuration options are available.`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`</TabItem>`
			`<TabItem value="apple">`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`#### Apple`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`:::info`
			`All current and Legacy Remote Admin config options are available iOS, iPadOS and macOS`
			`:::`

			`#### Setting up Remote Admin using the current method`

			`1. Connect to the node that will be used as the local controlling node.`
			`2. The public key of a node is found in [Security Config](/docs/configuration/radio/security/#public-key).`
Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			`3. Copy the public key of the controlling node to a note taking app, or manually send it to the remote node as a DM.`
			`4. Still in the local node, in Settings -> App Settings -> Turn on Administration.`
			`5. Connect to the node that will be used as the remote administered node.`
			`6. The public key of the controlling node is added as Admin Key in [Security Config](/docs/configuration/radio/security/#admin-key).`
			`7. Up to 3 Admin Keys may be supplied, allowing up to 3 controlling nodes.`
			`8. Still in the remote node, in Settings -> App Settings -> Turn on Administration.`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`#### Setting up Remote Admin using the Legacy method`
Fix build & use absolute paths across the board 2022-01-01 23:03:24 -08:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			An Admin channel is set up by entering a secondary channel with the name `admin` using the method described in [Channels](/docs/configuration/radio/channels/)
merge fix 2023-11-15 16:36:05 -08:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`Legacy admin is enabled using the Legacy Admin channel option in [Security Config](/docs/configuration/radio/security/#admin-channel-enabled).`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`#### Carrying out Remote Admin tasks`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`1. Open the Meshtastic App, connect to the local controlling node.`
Updates to text following @pdxlocations review. 2024-10-30 15:35:49 -07:00			`2. In Settings -> App Settings -> Turn on Administration`
			`3. Choose a node under Settings -> Configure Node`
			`4. From the Settings screen, all Radio and Module configuration options are available for the remote node.`
			`5. When finished, select your own node in Settings -> Configure Node, or disable Remote Admin under Settings -> App Settings -> Turn off Administration`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`</TabItem>`
			`<TabItem value="cli">`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			`#### CLI`

			`:::info`
			`All current and Legacy Remote Admin config options are available in the python CLI.`
			`:::`
Device pages 2021-05-01 10:51:51 -07:00
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00			Commands are issued using a `--dest '!28979058'` argument and node ID to identify the remote node.
Device pages 2021-05-01 10:51:51 -07:00
changed dest argument quotes/no quotes to info box 2023-06-14 23:22:11 -07:00			`:::info`
			`The --dest argument value must be in single quotes for linux/mac: '!28979058', no quotes for Windows: !28979058.`
			`:::`
Update remote-admin.mdx Update all content to match the current remote admin arrangement. 2024-10-29 17:31:24 -07:00
			`</TabItem>`
			`<TabItem value="web">`

			`#### Web`

			`:::info`
			`All current and Legacy Remote Admin config options are available in the Web UI.`
			`:::`

			`</TabItem>`
			`</Tabs>`