Create a pool of pre-bootstrapped keys

How to create pre-seeded keys beforehand and transfer these to devices in production

It is possible to pre-create qbee-keys for prodcution. In this tutorial we show you how to bootstrap devices beforehand and transfer the necessary files and keys to devices afterwards. This allows to pre-breed qbee keys that can be used in a production process that does not want to run the bootstrap procedure due to timing or no internet.

Steps and pre-requisites for creating qbee-keys:

• a defined bootstrap key that assigns devices to a group and allows auto-accept
• a device to create these keys on
• download the script to your device and run it
• trigger the bootstrap process on the production devices as indicated below

Please reach out to qbee support to receive the qbee-preseed.sh script:

Then you need to create a bootstrap key that has auto-accpet and a group assignment enabled.

Then run ./qbee-preseed.sh <bootstrap-key>.

This will create a client config structure that needs to be copied to the individual device. Each time you run it a new folder will be created that has a new unique ID. Thus you can initiate multiple of these runs below without overwriting the seeded keys and files.

On the device you need to run /opt/qbee/bin/qbee-bootstrap -F until you have the file /var/lib/qbee/inputs/promises.cf. Depending on the network this might need to be run in a loop.