Even though Unifi devices come with a great controller, sometimes you need to access your Unifi device through SSH. For example, to set up the initial connection, with the set-inform command. But what other SSH Commands are available for our Unifi devices?
Unifi SSH commands are not really documented, so most commands listed in this article come from different sources and own experience. If you have any other useful SSH commands, please add them in the commands below.
Unifi SSH Commands
We are going to start with the most commonly used Unifi SSH Commands, later on, I will organize them by device or function.
| Command | Example | Function |
|---|---|---|
| info | info | Displays device information |
| set-default | set-default | Factory reset device |
| set-inform | set-inform http://192.168.1.1:8080/inform | Set URL of the controller for adoption. More info |
| upgrade | upgrade https://<firmware-url>.bin | Upgrade firmware – More info |
| fwupdate | fwupdate --url https://<firmware-url>.bin | Update firmware |
| reboot | reboot | Reboot the device |
| poweroff | poweroff | Shutdown device |
| uptime | uptime | Shows device uptime |
Network related SSH Commands
The following Unifi SSh Commands can really help you with finding network-related issues with your Unifi Device.
| Command | Example | Function |
|---|---|---|
| ifconfig | ifconfig | Show network interface information |
| ip address add | ip address add 192.168.1.143/24 dev br0 | Set static IP Address |
| ip route | ip route | Display current gateway |
| ip router add | ip route add default via 192.168.1.1 | Set default gateway |
echo "nameserver 192.168.1.1" > /etc/resolv.conf | Set DNS Server | |
| ping | ping 1.1.1.1 | Check network connection to device |
| arp | arp -a | Show arp table |
| ip neigh | ip neigh | Show IPv6 neighbors |
Unifi OS SSH Commands
When you connect to your UDM Pro (or another controller that is running Unifi OS), then you will have a couple of other options:
| Command | Example | Function |
|---|---|---|
| ubnt-systool cputemp | ubnt-systool cputemp | Show CPU Temp |
| ubnt-systool cpuload | ubnt-systool cpuload | Show CPU load |
| ubnt-systool portstatus | ubnt-systool portstatus | Show port status |
| ubnt-systool hostname | ubnt-systool hostname <newname> | Set new hostname |
| ubnt-systool reboot | ubnt-systool reboot | Reboot device |
| ubnt-systool poweroff | ubnt-systool poweroff | Shutdown device |
| ubnt-systool reset2defaults | ubnt-systool reset2defaults | Factory reset device |
| ubnt-device-info summary | ubnt-device-info summary | Show system information |
| ubnt-tools ubnt-discover | ubnt-tools ubnt-discover | Show Unifi devices in the network |
| cat /mnt/data/udapi-config/dnsmasq.lease | cat /mnt/data/udapi-config/dnsmasq.lease | Show DHCP Leases |
| cat /mnt/data/udapi-config/unifi | cat /mnt/data/udapi-config/unifi | Show configuration |
| /etc/init.d/S95unifios restart | /etc/init.d/S95unifios restart | Restart Unifi OS Web interface |
Unifi Log files
There are a lot of log files that you can access to help you debug any Unifi related problem:
| Command | Function |
|---|---|
cat /var/log/messages | Output the error log |
tail -f /var/log/messages | Monitor log file |
cat /mnt/data/unifi-os/unifi-core/config/settings.yaml | Server settings |
cat /mnt/data/unifi-os/unifi-core/logs/discovery.log | Discovery log |
cat /mnt/data/unifi-os/unifi-core/logs/system.log | System log |
cat /mnt/data/unifi-os/unifi/logs/server.log | Server log |
cat /mnt/data/unifi-os/unifi-core/logs/errors.log | Http errors |
Wrapping Up
Unifi devices are running on a form of Linux, so most Linux commands will work on the devices. Pressing Tab twice will give you a list of all available SSH commands.
Keep in mind that the Unifi Controller will override most settings when you make changes directly in the device.
This is really useful, thanks Rudy. Just one note on the comments, where you suggest people check out a link (I think twice above) there is no link to follow.
Do you mean in the comments? I see that the links are not underlined indeed, making them hard to notice. I will change that.
passwd Changes the ADMIN password
Thanks for the great List. My ManagementConsole for the USG and my DNS-Server ist running on RaspberryPi and when there is an error i would like to change the DNS-Entry in the USG. Therefore i tried the Line: echo “nameserver 192.168.1.1” > /etc/resolv.conf but the answer were: -vbash: /etc/resolv.conf: Permission denied
What must i do for working? Thank you, Roland
Roland, did you do that with sudo – you need to put sudo in front of the command for raised privileges
Hi Rudy,
Cool list.
/etc/init.d/S95unifios restart is not working on my UDM PRO SE. Would tyou know any other way to restart the web interface?
Thanks
With controller outside the LAN and a simple setup at a client site – 2 Unifi access points both wired to a verizon router. And too far apart to mesh:
1 access point shows as isolated in controller (AND /BUT last seen a few seconds ago), meaning it meshed with the other access point? That wouldn’t be possible because of distance between them. User says that access point does get them on the internet.
I turned off wireless connectivity monitoring for this site in the controller
I can start the debug terminal on the working access point.
I can’t ping the problem access point (if it wants to mesh, does it turn off the wired ethernet port?)
I was hoping to ssh from working access point to the problem access point to reset it / see what it says the controller is. Is that possible? SSH from 1 to another access point?
Is there an SSH command to ping an IP range to show what IPs are live to see if I can see if the problem access point is on the network / has a new IP address?
No, you can’t ping an IP Range with a command.
Hi Adam, you can ping in a for loop – like this. You need to use sudo otherwise the -c wont work. The -c only does a single ping otherwise it will continuously do it.
> for i in {1..10}; do sudo ping -c 1 192.168.1.$i; done
An example of another useful command to power cycle PoE devices is:
swctrl poe restart id 1-6,18,24
Is there a way I can initially ssh into a U6-Pro that’s been set up with out a controller? I obviously do not have my public key stored on the device, yet.
Yes, check this article.
what command can i use to check the arp timeout period of my ubiquiti switch
I have a UNVR that I needed to restore with a backup file that I have. The restore failed on restoring the Users but was successful restoring all the other config and cameras. I’m still able to SSH into it, but when I try to use the SSON access, I’m not able to access it. Is there anyway to add a user and password using SSH?
Check this article from Hostify
‘syswrapper.sh restore-default’ and ‘mca-cli’ are both missing from the list but ‘syswrapper’ is common IMO. Also what is the difference between ‘set-default’ & ‘syswrapper.sh restore-default’? Any examples would be helpful as I’m new to UniFi. TIA!
Hello Ruud, thanks for your very useful post.
I have a UC-CK controller in OFFLINE status (seen from network.unifi.ui.com).
But i can succesfuly ssh to the controller itself, the ifconfig configuration in OK and i can ping local and remote IPs and remote FQDN (so DNS is working fine).
I have already rebooted the controller but no luck.
Can you help me?
Has the controller ever connected successfully to the cloud? If the UCK is behind a firewall, make sure that ports Ports 80/tcp, 3478/udp, 8543/tcp and 11143/tcp are open in the firewall.
ping6 to ping ipv6 of a site
cat /var/proc/cpu to get hardware spec of the CPU for the device similarly for memory
most of these don’t work on my UDMP…. for example there is no ubnt-tools in the unifi-os context… ?
If you type help then the command ubnt-systool won’t be listed. But when you run the command ubnt-systool cpuload, you will see the CPU load on the next line. The can be a bit unclear because depending the on terminal that you are using, you might see a # behind the output.
Really minor… under Network related SSH Commands above, you show an example of arp – but your example has a typo: ‘apr -a’ instead of ‘arp -a’ 🙂
Thanks
Is there a command to change the GUI admin password? This would be helpful if the GUI password is lost but you still have root SSH access.
GUI password from the Unifi Network Controller? Depends if you are using SSON with unifi.ui.com or local access only.
I believe the command to reset a device to default is: syswrapper.sh restore-default
Older firmware versions like v2.2.x, don’t support the new set-default cmd. These days you can basically always use set-default.
Thanks for the list above, only one to add is:
Unifi OS shutdown command = ubnt-systool poweroff
Thanks, I have added it to the list.
I’ve got a USG-4 and almost none of these commands work.
Does one need to “enable” or similar command to get the additional commands to work?
I’m trying to determine which IPs are connecting through a port forwarding rule I have set up. I want to lock it down.
The USG runs on EdgeOS, check out this article for more information.
Thank you, a lot! This solved my problem!
Thank you, Rudy. I’ll let you know how it pans out.
I ran through to add the IP, gateway and DNS. Everything works until I reboot.
What exactly doesn’t work after reboot?
Love it! Thank you. BTW, I’ve been unable to find the most important one to me. With the older APs no longer supported, I set them up as standalone which has a mind of its own and never takes my SSID, renaming or security settings. Do you know the CLI command to change the SSID via CLI? Love your site. Thanks, again.
I don’t know if there is an SSH command for it, but you can try to modify the system.cfg file:
cat /tmp/system.cfg | grep OLDSSIDDon’t know if it will work, you will have to try it out