SSH stands for Secure Shell and it is an encrypted protocol that allows users to log in and execute commands on a remote machine. This tutorial will teach you how to SSH into your Unifi AP so you can manage its settings from the web interface or by installing software like OpenVPN.
The “unifi ssh commands” is a command-line tool that allows users to SSH into Unifi AP.
A new (or second-hand) Ubiquiti Unifi Access Point (AP) can be an intimidating beast. Setting up Unifi APs is different from most other networking equipment you may come across. But don’t worry, learn how to SSH into Unifi AP (access point) in this tutorial.
Ready? Continue reading to get started!
Prerequisites
Hands-on demos are included in this lesson. Make sure you have the following in order to follow along.
- An access point for Unifi. The UAP-AC-Lite model, version 5.43.52, is used in this lesson.
- A client for SSH. On Windows 11 Build 22518, this article utilizes the Windows SSH client from a PowerShell prompt, although any SSH client will work.
Related: [Complete Guide] How to Set Up OpenSSH on a Windows Server
Ubiquiti’s Discovery Tool: How To Use It
Identifying an Access Point That Has Been Previously Adopted
Identifying an Access Point That Has Been Previously Adopted
To check the status of an AP, open your preferred browser and connect to the controller’s URL, then fill in the login and password boxes.
Then, on the left-hand side, click the AP symbol to bring up the device list.
Getting to the Ubiquiti Device Directory
Two APs are linked to a controller in the figure below. Another system claims the first AP (marked by a white status dot), while the controller claims the second AP (denoted by a green status dot).
Take note of the IP addresses of both APs, as shown below, since you’ll need them later to access both APs.
Try your DHCP server if you can’t see the AP on the controller’s devices page (or if you haven’t set up a controller yet). Your internet router’s AP should identify all of the devices on your network, along with their IP and MAC addresses.
You don’t need to know what a MAC address is; just know that it’s on a sticker labeled “MAC ID” on the bottom of the access point. Match your AP’s MAC address to an IP address on your network, and you’re ready to go.
Viewing the Device List for the Unifi Controller
The kind of username and password you use to connect to the access point is determined by the access point’s state. The SSH credentials for an unadopted access point or one that has just been reset will be (depending on the firmware):
- Password: ubnt | Username: root
- ubnt | ubnt | ubnt | ubnt | ubnt | ubnt | ubnt
However, the credentials for the unadopted access point used in this tutorial are ubnt for the username and ubnt for the password. Take note of the login and password, since you’ll need them in the next stage to access the unadopted AP.
The credentials will be root/your-SSO-account’s-password if the access point is adopted (account.ui.com).
Using an Access Point That Hasn’t Been Adopted
You can now access your access points once you know their status, but start with the unadopted one.
If the access point was previously adopted, the username and password may have been reset; go to the section “Accessing an Adopted Access Point.”
To SSH into the AP, open a terminal and type the command below. When asked, enter the password for the unadopted AP that you highlighted in the “Determining whether the AP has Been Adopted” section.
If the SSH session is successful, you’ll get a message similar to the one below from the BusyBox built-in shell (ash).
If the credentials don’t work, use your AP’s reset method to reset the access point.
A successful SSH connection is shown.
Changing the Password for a Previously Adopted Access Point
Changing the Password for a Previously Adopted Access Point
Downtime occurs when an AP is reset. So, unless you’re prepared to deal with some unhappy users, do this on an Access Point that isn’t presently in use.
To clear the Unifi access points config and reset the AP, use the set-default command below, which will take a few minutes. This command resets the AP in the same way as the device’s physical reset switch does.
Restoring the factory default settings of the AP.
Changing the Default Password of an Access Point
Changing the Default Password of an Access Point
At the shell prompt, type the passwd command, then enter and confirm a new password.
Changing the default password is a good idea.
How to SSH into a Unifi Access Point Using an Adopted Access Point
How do you go to an adopted AP if you have one? SSH into the AP using the username and password you put up during controller configuration.
SSH access will not function if you configure your controller to use your account.ui.com address and activate two-factor device authentication.
If you don’t know the AP username or password, you may either factory reset the AP (as described in the “Resetting the Access Point Default Password” section) or utilize the controller to get access to it.
The controller, on the other hand, may be used to reset the login and password worldwide. This step impacts all of your network’s adopted APs.
To reset the credentials for all of your network’s access points, follow these steps:
1. Select the settings (gear) icon on the controller.
2. Navigate to System Settings —> Controller Configuration.
“System Settings” has a section called “Controller Configuration.”
Change the Username and/or Password for Device SSH Authentication (or add SSH Keys for public-key authentication).
Avoid using “root” as a username since it is a special user on the access point’s Linux-based operating system.
Setting up SSH Authentication on a Device
Finally, save the changes by clicking the Apply Changes option.
Conclusion
Conclusion
You can also SSH into an AP to upgrade the firmware, which can be done automatically if you have a lot of devices, rather than going via the controller’s web GUI.
Now, how do you intend to put your acquired information to use? Perhaps utilize SSH to automate updates by integrating the AP with a configuration management system like Salt or Ansible?
Ready? Continue reading to get started!
Prerequisites
Hands-on demos are included in this lesson. Make sure you have the following in order to follow along.
- An access point for Unifi. The UAP-AC-Lite model, version 5.43.52, is used in this lesson.
- A client for SSH. On Windows 11 Build 22518, this article utilizes the Windows SSH client from a PowerShell prompt, although any SSH client will work.
Related: [Complete Guide] How to Set Up OpenSSH on a Windows Server
Ubiquiti’s Discovery Tool: How To Use It
Identifying an Access Point That Has Been Previously Adopted
Identifying an Access Point That Has Been Previously Adopted
To check the status of an AP, open your preferred browser and connect to the controller’s URL, then fill in the login and password boxes.
Then, on the left-hand side, click the AP symbol to bring up the device list.
Getting to the Ubiquiti Device Directory
Two APs are linked to a controller in the figure below. Another system claims the first AP (marked by a white status dot), while the controller claims the second AP (denoted by a green status dot).
Take note of the IP addresses of both APs, as shown below, since you’ll need them later to access both APs.
Try your DHCP server if you can’t see the AP on the controller’s devices page (or if you haven’t set up a controller yet). Your internet router’s AP should identify all of the devices on your network, along with their IP and MAC addresses.
You don’t need to know what a MAC address is; just know that it’s on a sticker labeled “MAC ID” on the bottom of the access point. Match your AP’s MAC address to an IP address on your network, and you’re ready to go.
Viewing the Device List for the Unifi Controller
The kind of username and password you use to connect to the access point is determined by the access point’s state. The SSH credentials for an unadopted access point or one that has just been reset will be (depending on the firmware):
- Password: ubnt | Username: root
- ubnt | ubnt | ubnt | ubnt | ubnt | ubnt | ubnt
However, the credentials for the unadopted access point used in this tutorial are ubnt for the username and ubnt for the password. Take note of the login and password, since you’ll need them in the next stage to access the unadopted AP.
The credentials will be root/your-SSO-account’s-password if the access point is adopted (account.ui.com).
Using an Access Point That Hasn’t Been Adopted
You can now access your access points once you know their status, but start with the unadopted one.
If the access point was previously adopted, the username and password may have been reset; go to the section “Accessing an Adopted Access Point.”
To SSH into the AP, open a terminal and type the command below. When asked, enter the password for the unadopted AP that you highlighted in the “Determining whether the AP has Been Adopted” section.
If the SSH session is successful, you’ll get a message similar to the one below from the BusyBox built-in shell (ash).
If the credentials don’t work, use your AP’s reset method to reset the access point.
A successful SSH connection is shown.
Changing the Password for a Previously Adopted Access Point
Changing the Password for a Previously Adopted Access Point
Downtime occurs when an AP is reset. So, unless you’re prepared to deal with some unhappy users, do this on an Access Point that isn’t presently in use.
To clear the Unifi access points config and reset the AP, use the set-default command below, which will take a few minutes. This command resets the AP in the same way as the device’s physical reset switch does.
Restoring the factory default settings of the AP.
Changing the Default Password of an Access Point
Changing the Default Password of an Access Point
At the shell prompt, type the passwd command, then enter and confirm a new password.
Changing the default password is a good idea.
How to SSH into a Unifi Access Point Using an Adopted Access Point
How do you go to an adopted AP if you have one? SSH into the AP using the username and password you put up during controller configuration.
SSH access will not function if you configure your controller to use your account.ui.com address and activate two-factor device authentication.
If you don’t know the AP username or password, you may either factory reset the AP (as described in the “Resetting the Access Point Default Password” section) or utilize the controller to get access to it.
The controller, on the other hand, may be used to reset the login and password worldwide. This step impacts all of your network’s adopted APs.
To reset the credentials for all of your network’s access points, follow these steps:
1. Select the settings (gear) icon on the controller.
2. Navigate to System Settings —> Controller Configuration.
“System Settings” has a section called “Controller Configuration.”
Change the Username and/or Password for Device SSH Authentication (or add SSH Keys for public-key authentication).
Avoid using “root” as a username since it is a special user on the access point’s Linux-based operating system.
Setting up SSH Authentication on a Device
Finally, save the changes by clicking the Apply Changes option.
Conclusion
Conclusion
You can also SSH into an AP to upgrade the firmware, which can be done automatically if you have a lot of devices, rather than going via the controller’s web GUI.
Now, how do you intend to put your acquired information to use? Perhaps utilize SSH to automate updates by integrating the AP with a configuration management system like Salt or Ansible?
The “ssh into unifi ap set-inform” is a command that will allow you to SSH into an Unifi AP.
Related Tags
- unifi ssh password
- can’t ssh into unifi ap
- how to ssh into unifi ap windows
- unifi ssh username
- unifi ap ssh password after adoption