SSH on the UniFi UXG-Pro

Published onby Iron

So, you've got yourself a UniFi UXG-Pro, and you're ready to dive into its capabilities. You've probably heard about SSH, and you're wondering, "What can I do with SSH on my UXG-Pro?" Well, buckle up, because we're about to take a fun and straightforward ride through the world of SSH on the UXG.

SSH, or Secure Shell, is like having a superpower for managing your network devices. It lets you dive into the command line interface (CLI) of your UXG-Pro, giving you direct control over various settings and configurations that aren't available through the web interface.

It’s like finding a secret level in a video game—exciting and a bit mysterious, but totally manageable if you know what you're doing.

Let's Dive In!

Table of Contents

Getting Started with SSH on UXG

Before you can start your SSH adventure, you need to enable SSH access on your UXG-Pro. Here’s how you can do that:

  1. Log into Your UniFi Controller: Head over to your UniFi Controller and navigate to the settings menu.

  2. Enable SSH Access: In Settings > System > Device Authentication, enable SSH access. Make sure to set a strong password.

  3. Note Your Device IP Address: You’ll need the IP address of your UXG-Pro to connect via SSH, which you can find in the UniFi Controller under Devices.

  4. Choose Your SSH Client: Use your terminal on Mac/Linux or something like PuTTY on Windows. Windows Terminal or PowerShell also works if you’re up for it.

Connecting to Your UXG-Pro via SSH

With SSH enabled, let's get connected. Open your terminal or SSH client and type:

ssh <username>@<UXG-IP-address>

Replace "" with "ubnt" (the default username) and "" with your UXG-Pro's IP. When prompted, enter your password.

If this is your first time, you might see a warning about the host's authenticity. Type "yes" and hit Enter. Now, you’re in the UXG’s CLI, ready to explore.

Exploring SSH Commands

Now that you’re connected, here are some fun commands to try:

  1. Checking Device Information:

    info
    
    Get a summary of your UXG-Pro’s status, including firmware version and uptime.
  2. Restarting Your UXG-Pro:

    reboot
    
    If things aren’t running smoothly, reboot your device right from the CLI.
  3. Managing Network Interfaces:

    ifconfig
    
    Check out the status of your network interfaces, including IP addresses.
  4. Viewing Logs:

    tail -f /var/log/messages
    
    Peek into the logs for troubleshooting insights.
  5. Running Ping Tests:

    ping <destination-IP>
    
    Test connectivity by pinging another device on your network.
  6. Updating Firmware:

    syswrapper.sh upgrade http://<firmware-url>
    
    Manually update your UXG-Pro’s firmware by specifying the URL of the update file.

Advanced SSH Fun

If you’re feeling adventurous, here are some advanced things you can do:

  1. Custom Scripts: Write and run scripts directly on your UXG-Pro to automate tasks or configure multiple settings.

  2. Remote Configuration: SSH allows you to manage your UXG-Pro remotely, perfect for network admins on the go.

  3. Automation with Cron Jobs: Set up cron jobs to automate routine tasks like backups or monitoring.

  4. Exploring the File System: Navigate through the UXG’s file system to view and edit configuration files:

    cd /etc
    ls -la
    
  5. Network Diagnostics: If you're troubleshooting network issues, SSH lets you access powerful diagnostic tools. Use "traceroute" to track the path packets take through the network:

    traceroute <destination-IP>
    
    This helps you pinpoint where the network might be slowing down or dropping packets.
  6. Real-time Traffic Monitoring: For a real-time view of traffic, use the "iftop" command (you might need to install it first). This command shows you bandwidth usage by each IP address:

    iftop
    
    It’s like a radar for your network traffic.
  7. Manual Device Adoption: Sometimes, you need to manually adopt a device to your UniFi controller. SSH is perfect for this. Just use the "set-inform" command to point your UXG-Pro to the correct controller:

    set-inform http://<controller-IP>:8080/inform
    
    This command is particularly useful if your device isn't showing up in the controller.
  8. Checking System Resources: You can check how your UXG-Pro is performing by looking at system resource usage. Use the "top" command to see CPU and memory usage in real-time:

    top
    
    This helps in diagnosing performance issues.
  9. Backup and Restore Configuration: It's a good practice to back up your UXG-Pro’s configuration. You can do this via SSH by copying the config files to a safe location:

    cp /path/to/config /backup/location
    
    You can restore these configurations if needed, ensuring your settings are always safe.

Security Considerations

SSH is powerful, but it needs to be used responsibly. Always use strong passwords, and consider setting up SSH keys for authentication. Restrict SSH access to trusted IP addresses to minimize security risks.

Another good practice is to change the default SSH port from 22 to something less common. This makes it harder for automated bots to find and target your SSH service. To change the SSH port, edit the sshd_config file:

nano /etc/ssh/sshd_config

Look for the line that says "Port 22" and change "22" to a port number of your choice (e.g., 2222). After saving the file, restart the SSH service:

service ssh restart

Now, whenever you connect via SSH, you'll need to specify the new port:

ssh -p 2222 <username>@<UXG-IP-address>

Troubleshooting SSH Issues

Even with the best setup, you might encounter some SSH issues:

  1. Connection Refused: Double-check that SSH is enabled and that you're using the correct IP address.

  2. Authentication Failure: Ensure you’re using the correct username and password. Reset credentials if necessary.

  3. Host Key Verification Failed: Clear the old host key from your SSH client:

    ssh-keygen -R <UXG-IP-address>
    
  4. Timeouts: Check your network connection and ensure your UXG-Pro isn’t overloaded.

  5. High Latency: If you're experiencing laggy SSH sessions, it could be due to network issues. Run a continuous ping test to check for packet loss or high latency:

    ping -t <destination-IP>
    
    This helps identify network bottlenecks that might be causing the problem.
  6. Device Not Responding: If your UXG-Pro becomes unresponsive via SSH, a power cycle (unplugging and plugging back in) might be necessary. Always try a soft reboot ("reboot" command) first, though.

When to Use SSH and When Not To

SSH is great for advanced troubleshooting, running custom scripts, and automating tasks. However, for routine configurations, monitoring, and updates, the web interface might be simpler and more visual.

Use SSH For:

  • Advanced troubleshooting
  • Running custom scripts
  • Configuring settings not available in the web UI
  • Automating repetitive tasks
  • Network diagnostics and real-time monitoring

Stick to the Web Interface For:

  • Routine configurations
  • Managing multiple devices
  • Monitoring network performance in a visual way
  • Firmware updates (if you're not comfortable using CLI)

Final Thoughts

SSH on the UXG-Pro gives you the power to manage, troubleshoot, and optimize your network like a pro. It’s a tool you’ll find yourself using more often as you become more comfortable with it.

Remember, with great power comes great responsibility. Use SSH wisely, and it will become one of your best tools for managing your UniFi network.

If you ever need a bit more support or want to simplify your network management, we at UniHosted are here to help. We offer cloud hosting for UniFi Controller, making network management easy. Plus, our team is always ready to assist with any SSH or UXG-related questions you might have.

If you would like me to personally walk you through UniHosted, you can schedule a call with me here.

We host UniFi Controllers in the Cloud

Are you ready to take your UniFi Network to the next level? Deploy a UniFi Cloud Controller in minutes and manage your network from anywhere.

Deploy Now

Free tier available

Get the best support

Join 1660+ customers

No credit card required