// guide · meshcore

MeshCore backup & key security

Guide · updated June 2026

On MeshCore, your private key is your node’s identity — your Public ID is derived from it. Lose it, or carelessly re-flash, and your node comes back as a stranger. Here’s how to back up safely and keep that key locked down.

Why the key is everything

Every MeshCore node has a unique private key. Your Public ID — how the whole network recognizes you — comes straight from it. Whoever holds your private key effectively is your node: they can impersonate it and read its traffic.

The catch that bites people: a factory reset or full erase wipes everything — passwords, location, and the private key — and the node boots with a brand-new key. A new key means a new Public ID, which means you’re a different node to everyone else: a repeater needs re-adopting, references break, and you show up fresh on MeshMapper. The fix is simple — back up the key before you flash, and treat it like a master password.

// back it up

Build a “rebuild kit”

The goal: enough saved that you can restore a node identical after a reflash or board swap. There’s no export button — you read the values from the console and store them yourself.

Connect to the node over USB serial and read its secrets:

# on the node's serial console
> get prv.key        # your PRIVATE key — the crown jewel
> get public.key     # public key / Public ID, for reference
> get guest.password

Then save a kit per node — in a password manager or encrypted vault, never a plain note — with:

  • Private key (from get prv.key) — the one value that matters most
  • Public key / Public ID (for reference)
  • Node name, region/preset, and frequency
  • Path-hash mode (1-byte companion, 3-byte repeater — see the IDs guide)
  • Repeater admin & guest passwords
  • Any channel / group names + keys
  • Location (for a fixed repeater)

Treat get prv.key output like a master password. Only read it where nobody’s looking, and never paste it into a chat, screenshot, or a website you don’t fully trust. Anyone who gets it can become your node.

// restore

Bring a node back after a wipe

Re-flashed, reset, or swapped the board? Restore the identity over USB serial — importing a key is serial-only by design, so no one can change your identity remotely:

# restore identity (serial only), then reboot
> set prv.key <your-saved-hex-key>
> reboot

Then re-apply the rest from your kit — region/preset, path-hash mode, passwords, channels — and confirm it’s really you with get public.key (it should match your saved Public ID).

Before any factory reset or full erase: run get prv.key and stash it first. The reset will generate a new one, and without your backup that old identity is gone for good.

// repeaters & channels

Lock down the rest

  • Repeater passwords. Set a strong admin password (password <new>) and a guest password (set guest.password <pw>) — never leave defaults on something mounted in public. The admin password is what stops a stranger reconfiguring your repeater. Back both up.
  • Channel / group keys. A channel key is a shared secret — only share it over a secure channel, and rotate it if it ever leaks.
  • Physical security. Anyone with the device and a USB cable can read its console — including get prv.key. Keep mounted hardware out of easy reach, and don’t hand out unlocked spares.

Not sure on a step? Key handling is worth getting right — ask in #meshcore on the RF Lab Discord before you reset anything you can’t easily reach.

// links

Tools & sources

MeshCore Docs — CLI Commandsofficial get/set prv.key & password reference MeshCoremeshcore.io Web Flasherwhere re-flashes happen — back up first Set up a MeshCore repeaterwhere those passwords get set MeshCore IDs & collisionshow the Public ID ties to your key Set up a companion nodestart here if you’re new

Back it up before you need it.

Five minutes with a password manager beats rebuilding a node’s identity from scratch.

Join the Discord MeshCore CLI docs →