Quick Start Guide

Purpose of this page is to provide a quick start guide to users, If you are looking for detailed instructions, please refer Start-up Guide

  1. Prepare SD Card
    • Download image (Registration is mandatory to download images)
    • Use Etcher.io to flash image onto SD card (at least 4GB)
      • No need to decompress file, Etcher accepts compressed formats
  2. Hardware Setup
    • Network connection (Ethernet) is mandatory
    • Keyboard/Monitor (HDMI)/Serial cable is optional
    • Use Z-Wave dongle if trying Z-Wave compatible devices with OpenHabian or Hassbian images.
    • Insert Micro-SD Card and power on RPI3
  3. Connect to RPI3 WiFi
    • RPI3 Provides a Wi-Fi access point after boot-up. Connection to RPI3 WiFi is required for configuring the device.
    • User: D4-secure-<serialnum>
    • Passwd: CHANGE-THIS-KEY-<serialnum>
      • It is recommended is to change the default password (/etc/hostapd/hostapd.conf) in Router cell.
      • Please note that once you change the password, you will be disconnected and will need to reconnect with new credentials.
  4. Remote login to RPI3 (using ssh)
    • Access RPI3 from Wifi
      • Luci: (username: root / password: root)
      • OpenHabian (If using OpenHabian demo):
      • Hassbian (if using Hassbian demo):
      • For KODI configuration, please check  KODI Configuration
    • Alternatively, ssh root@ to connect to Router (OpenWRT / LEDE) Cell.
      • Windows users can use putty , or similar ssh client.
      • From Router (LEDE) Cell, connect to other cells by
        • ssh-demux.sh <pi/openhabian>  (Will open tmux session for all 3 cells, pi /raspberry for Raspbian/Hassbian demo, openhabian/openhabian for OpenHabian demo)
        • ssh pi@ (for Driver / App cell – Raspbian / Hassbian demos)  / ssh openhabian@  (for Driver / App Cell – Openhabian demo)
        • ssh root@ ( for DIT/VPN cell)
  5. Generate VPN certificates (VPN Cell)
    • Run generate_client_keys.sh from VPN Cell to generate certificate
    • Copy the certificate (/etc/ipsec.d/certs/<cert name>.p12) to your client device
  6. Configure your device for remote access
    • Install Certs + IpSec application (StrongSwan)
    • Connect to “untrusted” interface. e.g. if you using eth0 as untrusted,  then you need to access to eth0_ext  (Check network diagram if not sure)
    • StrongSwan configuration
      • Server: <IP Address of RPI3>
        • When connecting from inside private network through ethernet (eth0),  type ifconfig in Router cell and check IP address assigned to eth0_ext, alternatively, login to luci ( to figure out IP address.
        • When connecting from public network, you need to ensure that RPI3 is accessible, it can be done by either assigning a static IP or configuring your home router to port forward traffic to RPI3. If unsure on steps, please check your network administrator.
      • IKEV2 Certificate: Choose certificate extracted from RPI3
      • Server Identity : vpn.d4-secure
    • Access RPI3 remotely
      • Luci:
      • OpenHabian (If using OpenHabian demo):
      • Hassbian (if using Hassbian demo):