MeshMonitor v2.12.1
This release introduces comprehensive security monitoring for your Meshtastic mesh network, along with improvements to push notification handling.
๐ Security Monitoring (New!)
MeshMonitor can now automatically detect and flag nodes with security vulnerabilities in your mesh network.
Features
Low-Entropy Public Key Detection
- Identifies nodes using 135 known weak encryption keys
- Real-time detection as nodes broadcast their public keys
- Keys sourced from documented Meshtastic firmware defaults and security databases
Duplicate Public Key Detection
- Background scanner runs every 24 hours (configurable)
- Detects multiple nodes sharing the same encryption key
- Indicates possible device cloning or key copying
Visual Security Warnings
- โ ๏ธ Warning icons displayed next to flagged nodes throughout the UI
- Red warning banner in Messages tab for nodes with security issues
- Detailed security information with clickable node references
Security Filter
- New filter in Filter Modal popup (Nodes and Messages tabs)
- Three modes: All Nodes, โ ๏ธ Flagged Only, Hide Flagged
- Helps manage security audits and focus on trusted devices
API Endpoints
POST /api/nodes/scan-duplicate-keys- Manual scan triggerGET /api/nodes/security-issues- Retrieve flagged nodes
Configuration
DUPLICATE_KEY_SCAN_INTERVAL_HOURSenvironment variable (default: 24)- Scan frequency adjustable from 1-168 hours
Documentation
Complete security monitoring documentation available at /features/security including:
- Detection methods and frequency
- Best practices for network administrators
- Troubleshooting guide
- Database schema details
๐ฌ Push Notification Improvements
Configurable TTL
PUSH_NOTIFICATION_TTLenvironment variable (default: 3600 seconds / 60 minutes)- Prevents notification flooding from old messages
- Range: 60-86400 seconds (1 minute to 24 hours)
- Messages older than TTL are not pushed
๐ Changes Since v2.12.0
Added
- #408 - Security monitoring with low-entropy and duplicate key detection
- #406 - Configurable TTL for push notifications to prevent flooding
- Security filter in Filter Modal popup with three modes
- Database columns:
keyIsLowEntropy,duplicateKeyDetected,keySecurityIssueDetails - Duplicate key scanner service with configurable interval
- Visual security warnings throughout UI (โ ๏ธ icons)
- Security-focused API endpoints
- Comprehensive security documentation
Changed
- #409 - Version bump to 2.12.1
- Documentation version references updated
Fixed
- API endpoint documentation consistency
- Enhanced hex validation with "0x" prefix support
๐ฆ Installation
Docker (Recommended)
docker pull ghcr.io/yeraze/meshmonitor:v2.12.1Helm
helm upgrade meshmonitor ./helm/meshmonitor --version 2.12.1๐ Pull Requests & Issues
- #409 - Bump version to 2.12.1
- #408 - Add security monitoring with low-entropy and duplicate key detection
- #406 - Add configurable TTL for push notifications to prevent flooding
๐ Documentation
- Security Features - Complete security monitoring guide
- Settings - Configuration and usage
- Production Deployment - Best practices
โ๏ธ Configuration
Security Monitoring
# Adjust duplicate key scan frequency (1-168 hours)
DUPLICATE_KEY_SCAN_INTERVAL_HOURS=24Push Notifications
# Set notification TTL (60-86400 seconds)
PUSH_NOTIFICATION_TTL=3600Full Changelog: v2.12.0...v2.12.1
๐ MeshMonitor v2.12.1
๐ฆ Installation
Docker (recommended):
docker run -d \
--name meshmonitor \
-p 8080:3001 \
-v meshmonitor-data:/data \
ghcr.io/Yeraze/meshmonitor:v2.12.1๐งช Testing
โ
All tests passed
โ
TypeScript checks passed
โ
Docker images built for linux/amd64, linux/arm64, linux/arm/v7
๐ Changes
See commit history for detailed changes.