Skip to content

Inspect your Device

To locally manage your device using Pantabox, it is necessary to remotely access it via SSH or any other means from your host computer, as Pantavisor offers management capabilities from the device itself.


Pantavisor needs to be build with the PANTAVISOR_DEBUG option to have access capabilities, as is the case with our initial devices. This option can be disabled for production images.


First network access depend whether the device is claimed and thus in remote mode or not. If the device is already claimed at this point, you can directly set your public key in Pantacor Hub. In the second case, if the device is not claimed, you can directly SSH the device using password authentication and then set a public key for further use.


Knowing your device IP is necesary to SSH it. You can get the IP connecting a keyboard and monitor to your device or with TTY. Another option is by using pvr.


The pvr-sdk container sets up a password-accessible SSH server by default. To login, just type this command using your device IP:

ssh root@

When prompted, login with the password pantabox.

Public Key

We will have to create an SSH public key and set it up in our user metadata. In Linux, you can create an SSH pair and print your public key with these commands:

ssh-keygen -t ed25519 -C ""
cat ~/.ssh/

Now, the process varies depending whether your device is claimed or not. In case it is, create a new user metadata pair with the SSH public key:

key: pvr-sdk.authorized_keys
value: <ssh pub id>

If device is not claimed, you can access your device with the password authentication and set the user metadata pair with the SSH public key using the pantabox-edit-sshkeys command.


It is important to remember that the device user metadata pair can only be set using pantabox-edit-sshkeys if the device is in not under remote control. In that case all the user metadata will be overloaded from the one that is stored in Pantacor Hub.

Once your SSH public key is stored in your device, the Dropbear SSH server should be accessible at port 8222 and the desired container name as user:

ssh -p 8222 alpine-hotspot@

Furthermore, you can directly reach Pantavisor with the "/" user (root):

ssh -p 8222 /@


An alternative to the network accessed option is to get into Pantavisor through a TTY shell. This can be achieved either with a cable (in case you are using a RPi3 or RPi4) or from the QEMU console (if you are emulating the image with QEMU from a your host).

After booting up, you will have two chances to stop the boot up and get a shell that will allow you to interact with the boot up process. First one will be before the bootloader loads the kernel and Pantavisor. If you press any key during when prompted, you will get to the bootloader shell:

U-Boot 2016.09-g15600e2 (Jan 15 2021 - 16:18:19 +0000)

Board: MIPS Malta CoreLV
DRAM:  128 MiB
Flash: 16 MiB
In:    serial@3f8
Out:   serial@3f8
Err:   serial@3f8
Net:   pcnet#0
Warning: pcnet#0 MAC addresses don't match:
Address in SROM is         02:b8:2a:7f:48:b6
Address in environment is  52:54:00:12:34:56
, pcnet#1
Hit any key to stop autoboot:  0 
malta #

After kernel and Pantavisor is loaded, you can also access Pantavisor user space from an ash shell. For that, just press d when prompted:

[    1.685794] Run /init as init process
Press [d] for debug ash shell... 5 d


Pantavisor will prevent reboot or poweroff while the debug shell is open. This will allow to debug faulty revisions that might need a rollback. To enable reboot and power off again, use exit command or press CTRL-d to close the shell.


The debug shell countdown can be disabled so it is always entered without waiting for user confirmation. See the key at Pantavisor configuration reference. Just remember to exit the console if you are waiting for a board reboot. It can also be disabled completely to speed up the bootup process. To do so, use the key.

Keyboard and Monitor

If you have a keyboard and monitor at hand and you can connect them to your device, you will get a similar workflow as with TTY access, with access to the bootloader menu and Pantavisor debug shell.


Once we are inside Pantavisor's root container (/) via SSH, keyboard and monitor or TTY, we can access the different containers using the pventer command. To get a session in the alpine-nginx container:

pventer -c alpine-nginx