SSH into UniFi APs : A Complete Guide

Published onby Iron

If you've been using UniFi Access Points (APs) for a while, you're probably familiar with their sleek and user-friendly web interface. It's where most of the magic happens, from setting up your Wi-Fi network to monitoring connected devices.

But did you know there's a whole other layer of control hidden beneath the surface? Enter SSH, or Secure Shell—a powerful tool that allows you to access your UniFi APs through the command line.

Let's Dive In!

Table of Contents

Why Use SSH?

SSH is like the Swiss Army knife of network management. It gives you a direct, secure line to your device, allowing you to perform tasks that might not be possible through the web interface. Here’s why you might want to use SSH:

  • Advanced Troubleshooting: Access logs and system details in real-time to diagnose issues. Logs can reveal problems that the web interface might not show, like network conflicts or software bugs.

  • Deep Configuration: Modify settings that aren't available through the standard web UI, such as custom firewall rules or specific network tweaks that require command-line access.

  • Direct Management: Restart services, update firmware, or reboot devices with simple commands. This is particularly useful in large deployments where manual resets would be time-consuming.

Getting Set Up: Preparing for SSH Access

Before you can start SSHing into your UniFi AP, there are a few things you need to prepare:

1. Enable SSH on Your UniFi Controller

First things first, SSH needs to be enabled on your APs. You’ll do this through your UniFi Controller:

  1. Log into your UniFi Controller.

  2. Navigate to Settings > Site.

  3. Under Device Authentication, set your SSH Username and SSH Password.

These credentials are what you’ll use to gain SSH access, so keep them secure. Enabling SSH is usually done by default, but it’s good to double-check.

2. Find the IP Address of Your AP

You’ll also need to know the IP address of the AP you want to connect to. Here’s how to find it:

  1. Go to Devices in your UniFi Controller.

  2. Find your AP in the list and click on it.
  3. Look for the IP address in the device details section.

This IP address is your target—write it down or keep it handy for the next steps.

Connecting via SSH

With SSH enabled and your AP’s IP address in hand, you’re ready to log in:

  1. Open your terminal (or use an SSH client like PuTTY if you’re on Windows).

  2. Type the following command:
    ssh <username>@<AP-IP-Address>
    

    Replace "" with your SSH username and "" with your AP’s IP address.

  3. Enter your SSH password when prompted.

If all goes well, you should now have access to your AP’s command line. Welcome to the world behind the scenes!

What You Can Do with SSH

SSH opens up a whole new world of possibilities for managing your UniFi APs. Here are some commands and actions you might find useful:

1. Check AP Status

Want to get a quick overview of what’s going on with your AP? Use the "info" command:

info

This command will return details like uptime, load averages, firmware version, and network configuration. It’s a great way to check if everything is running smoothly.

2. Reboot the AP

If your AP is acting up and needs a quick restart, just type:

reboot

This will reboot the AP, and you can monitor its progress right from the command line. This command is particularly useful if the AP is not responding as expected from the web interface.

3. Update Firmware

Sometimes, you might need to manually update your AP’s firmware. You can do this directly through SSH:

  1. First, download the firmware from the Ubiquiti website.
  2. Then, upload it to a web server or directly to your local machine.
  3. Use the following command to start the update:
    upgrade https://<firmware-url>
    

    Replace "" with the link to your firmware file. Firmware updates are crucial for security and performance improvements, so keeping your devices up to date is a good practice.

4. Reset to Factory Settings

If you need to start over with a clean slate, you can reset your AP to factory settings:

syswrapper.sh restore-default

This command wipes all configurations and resets the AP to its factory state. Use this with caution, especially if you don’t have a backup of your current settings.

5. Use the Set-Inform Command

The "set-inform" command is particularly useful if you’re moving APs between controllers or re-adopting a device. This command tells the AP where to find its controller:

set-inform http://<controller-IP>:8080/inform

Replace "" with the IP address of your UniFi Controller. This is essential when setting up devices in environments with multiple controllers.

Troubleshooting with SSH

One of the biggest advantages of SSH is the ability to troubleshoot issues directly on your AP. Here are some commands that can help you diagnose and fix problems:

1. Viewing Logs

Logs are essential for troubleshooting. You can view the system log on your AP with this command:

cat /var/log/messages

Scroll through the log to find any errors or unusual activity that might explain the issue you’re facing. Logs can be extensive, so using "grep" to filter by keywords can be helpful.

2. Checking Network Status

If your AP isn’t connecting to the network, you can check the status of its network interfaces:

ifconfig

This will show you the status of all network interfaces on the AP. Look for your Ethernet interface (usually "eth0") to ensure it’s properly configured and connected. You might also want to check for IP address conflicts or misconfigurations.

3. Pinging Other Devices

To test connectivity to other devices on your network, use the "ping" command:

ping <IP-Address>

Replace "" with the IP of the device you want to reach. This will help you determine if the network is functioning correctly, and whether the AP has proper access to other network resources.

Advanced SSH Tips and Tricks

Once you’re comfortable with the basics, you can start exploring some advanced SSH features to make your life even easier:

1. Automating Tasks with Scripts

If you find yourself running the same commands over and over, consider writing a simple bash script to automate the process. For example, you can create a script to update firmware across multiple APs or to back up configurations. Automating these tasks can save you time, especially in larger deployments.

2. Using SSH Keys for Passwordless Login

Tired of typing in your password every time you log in? You can set up SSH keys for passwordless authentication. Here’s how:

  1. Generate a key pair on your local machine:

    ssh-keygen -t rsa -b 2048
    
  2. Copy the public key to your AP:

    ssh-copy-id <username>@<AP-IP-Address>
    
  3. Now, you can log in without a password! This is a huge time-saver and also improves security by eliminating password-based attacks.

3. Secure Your SSH Access

Security is always a priority. To keep your SSH access secure, consider changing the default SSH port from 22 to something less common. You can do this by editing the SSH configuration file:

vi /etc/ssh/sshd_config

Look for the line that says "Port 22" and change "22" to a port number of your choice. Don’t forget to restart the SSH service after making changes.

Final Thoughts

SSH might seem intimidating at first, but once you get the hang of it, it’s an incredibly powerful tool for managing your UniFi APs. Whether you’re troubleshooting a network issue, updating firmware, or just poking around to see what’s under the hood, SSH gives you the control you need.

So, why not give it a try? Open up your terminal and start exploring what your UniFi APs can really do. And remember, if you’re managing multiple UniFi devices and UniFi Controller, using a service like ours at UniHosted can save you a ton of time and hassle.

We host UniFi Controllers in the Cloud

Are you ready to take your UniFi Network to the next level? Deploy a UniFi Cloud Controller in minutes and manage your network from anywhere.

Deploy Now

Free tier available

Get the best support

Join 1660+ customers

No credit card required