Correct, device to device (bypassing the hub), it is called direct associations and is a Zwave feature. When you have a flexible hub it is rare that you need associations but some people are dead set on using them anyway so just wanted to warn you in case you were one of those people. There are a few use cases with Hubitat where the associations are needed or work better than a hub rule but its not often.
Awesome. Thanks for the clarification!
Except for door locks, I never employ S2.
But I do wish the Z-Wave Inclusion process for Add Devices would ask beforehand whether the user wants S2 security if offered by the new device.
Can't tell you how many times my screen timed out because I did not see the "Use S2?" prompt further down the page, during which I thought I had to wait for the countdown to reach 0.
Use Smart Start, scan the code, tap on the device entry to set the security. Then turn the device on. Thats it.
Doesn't it still look like this (I haven't had to include a Z-Wave device in ages so I don't know if it has changed), on a computer, with the security question/buttons right at the top? Or are you maybe talking about the screens/flow on a phone?
That is the non SmartStart way. If the device has a qr code SmartStart is a option. It is common on zwave 700 devices, but not before.
Yes, and I've included devices without security every time.
Even my 200 series (500 series) Homeseer dimmers have a QR code and support S2.
My main point in all of this really is I want to do the cleanest initial setup I can. I already have about 40 devices moved over from HS4. I'd much rather factory default the Hubitat and start over if it was the better thing to do long-term than start out wrong.
I had initially setup all devices that could use S2 with it. Then started having issues. I have A LOT of devices, which probably made the issue worst.
I later removed all my Z-Wave devices that were paired with S2, and re-paired them without security, and havenāt had issues since.
My recommendation would be to avoid using security unless it is absolutely required.
2 Likes
So, is this message..
Z-Wave device id: 25 failed S2 bootstrapping - KEX_FAIL_KEX_KEY: Key failure indicating that no match exists between requested/granted keys in the network. - the device needs to be excluded then included
Not really an error...just something that happens when you add a S2 capable device w/out S2...or is it actually a real problem?
Correct, except on my 55" TV, which I use as a NUC monitor, things cut off just below the countdown unless I remember to scroll. By then I'm so nervous about whether I have tapped the Inclusion sequence correctly, I spazz.
1 Like
Did you select security and then not enter the DSK when asked? Thatās what that error looks like to me. Otherwise it would not even try S2
Noā¦I get the option to add without security and select that. This message shows in my log for almost every device Iāve added.
Iām am never prompted for the DSK.
Hence the concernā¦and Itās not just my HomeSeer switchesā¦
I am using a 3rd party driver since the default one doesnāt let you control the annoying default 3 second ramp rate. No idea yet if things like that matter.
Could be something with those devices trying S2 anyway, as long as they paired and work itās fine. Those logs might be normal I have not paired anything in a while.
I am one of the pro-S2 people. I use S2 on any device that supports it with both HE and ST.
Biggest plus for me is that S2 enables full CRC checksums on all data. Without S2, only 100kbs links use CRCs. To me that solved the random errant sensor data or switch doing something weird.
One con is that updating firmware with S2 can be slow(er) or tricky to do. The built in zwave firmware update app still doesn't work with S2 devices (no warning either, it just doesn't work) so you need to use another method. I usually update firmware using PC controller as a workaround.
I don't care about the actual "security" (ie encryption) aspects of S2. The increased reliability of message transfer is worth it to me.
4 Likes
Agree with everything @coreystup said... Firmware updates were the one thing that previously held me back with S2, since I'm a Mac guy at home and I simply have no appetite for jumping through the hoops of getting a z-stick set up (I know it's not rocket surgery, but it's more hassle than I want to deal with).
If you don't have or don't want to use a z-stick, these steps work for GBL and OTA files (which cover Zooz, Leviton, and Aeotec). Admittedly, these steps aren't as convenient as the built-in updater, but they work well.
2 Likes
It is very common on Zwave 700, may even be a requirement for certification. I believe it started with Zwave 500 devices, and some of them do have the QR code but far from most.
I will have to try this out. I removed my Zen25 as i have had occasional issue with a specific zwave device not responding after a while. I thought it may be related to the Zen25, but it still happens.
The issue with the firmware updates is a known one. I think the It is recommended to exclude and re-include the device without security for firmware updates. The documentation from Zooz for instance always suggests this procedure after a firmware update.
1 Like
"Currently, Hubitat's built-in ZW updater tool doesn't work with S2-paired devices."
Can someone please confirm that since I'm NOT connected with S2 currently, I should be able to update and firmware I want first, exclude everything, and the add them back in S2? IE - If they are not connected S2 it's fine.
I have run the upgrade already one of my 300 series Homeseer dimmers and it
seemed fine.
Thanks
Yes the firmware updater works for no security devices. On S2 it gets to the very end and then fails but the device rejects it so no harm is done. There is an older driver based updater which does work on S2 devices.
@mavrrick58 on the Zen25 I am working on a driver for it, mainly for Zen20 people but testing it on my Zen25. Itās almost fully functional at this point.
1 Like
Thanks for the clarification!
