https://devzone.nordicsemi.com/f/nordic-q-a/99432/unable-to-sniff-le-secure-connections-in-debug-mode-using-nrf52840-dongleTest bed setup Master device - RPI4 Model B Rev 1.2, raspbian/ debian version 11 (bullseye) Slave device - Custom Bluetooth 5.2 device with BLE application running Sniffer device - nrf52840 dongle with sniffer_nrf52840dongle_nrf52840_4.1.1 firmwareen-USTelligent Community 13Mon, 08 May 2023 12:37:11 GMThttps://devzone.nordicsemi.com/thread/424276?ContentTypeID=1Mon, 08 May 2023 12:37:11 GMT137ad170-7792-4731-bb38-c0d22fbe4515:65a733cd-21ac-40f2-866e-64626c0ea94eEinar Thorsrud<p>Hi,</p> <p>The nRF sniffer will automatically be able to&nbsp;decrypt&nbsp;packets after listening on on a&nbsp;LESC&nbsp;pairing&nbsp;procedure if one or both of the peers use the debug key and the sniffer was able to sniff all the relevant packets during the pairing procedure (see <a href="https://infocenter.nordicsemi.com/topic/ug_sniffer_ble/UG/sniffer_ble/action_paired.html">Sniffing the pairing procedure of a connection</a>).</p> <p>I see from the sniffer trace that the debug key is not used in #3735 (as this is not the debug public key&nbsp;you can see in your snippet from the spec or&nbsp;as <a href="https://github.com/nrfconnect/sdk-zephyr/blob/4b5d5aa9ca8c414338f91f0c27f0e8426d2a6da0/subsys/bluetooth/host/ecc.c#L24">debug_public_key in ecc.c</a>), but the commands you show seems to indicate that it should be in use (it is listed under &quot;current settings&quot;). I do not immediately see what could be the cause of this, but&nbsp;perhaps you can bypass the issue by testing with debug keys on the nRF side? This is done by building with <a href="https://developer.nordicsemi.com/nRF_Connect_SDK/doc/2.3.0/kconfig/index.html#CONFIG_BT_USE_DEBUG_KEYS">CONFIG_BT_USE_DEBUG_KEYS</a><code>=y</code>.</p><div style="clear:both;"></div>