I'm trying to use 'nrfutil ble-sniffer sniff --follow "${target} public" --port ${device} --output-pcap-file ${output} --coded --timeout 5000 --log-level info --log-output stdout --json' in a script to split up automated testing captures, where target is the mac address of my peripheral device. I capture data but cannot decode after the connection becomes encrypted. I've tried to enter the LTK in the GUI with the saved pcap file loaded, but it will not decrypt.
I can get wireshark to decrypt actively received data from their GUI after entering the LTK there. I've found no way to input the LTK after the fact for data captured using the above method.
How can I pass the LTK to the CLI launched sniffer process so I can decrypt these packets?
Jonathan Crockett
Sleepnumber Labs