OK, I’ve tried to stay away from SSH and doing command line stuff with Unifi, but this latest release (they used to call it the Unifi Controller which in the olden days was a piece of software that was written in Java and ran on Mac, Windows, and Linux, and you can imagine how fragile it was) and then each access point had it’s own tiny version of Linux and it’s own firmware.
But, over the last five years, Ubiquiti has gotten its act together by building applications and separating the controller into four layers, the hardware (what they call the Unifi OS Console), the operating system (the so called OS Firmware), then there are set of applications that run the Network, Protect (security), Talk (VOIP) and Access (card key system). And finally, each device has it’s own firmware.
So, it can be pretty confusing when all this stuff updates. Add to that, they changed the user interface of the Unifi OS as well so you have both a classic and a beta version. Confused yet.
Disable the automatic update and enable SSH access for Access Points and other devices
It gets worse though because they will auto-update both the access points and the OS itself. So, the first thing you need to do is to remove that automatic update. There are two places where you do this. It is confusing also because the web UI and the mobile UI are *not* the same, but if you have the mobile applications, to disable what they call device firmware updates (that is the access points) and then also set the SSH Admin for each device. You need this because if you lose your Unifi OS, you can still re-adopt each device and don’t have to do a hardware reset
- Go to System Settings > Maintenance
- Then in Device Firmware Updates turn off Automatic Firmware Upgrades
- If you are nerdy go to r/Ubiquiti on Reddit and see if the updates are safe.
- Go to System Settings > Unifi Network Application Configuration
- Then at the Device SSH Authentication and click on Enable Device SSH Authorization (it may already be checked)
- And make sure to write down or stick into 1Password or somewhere the random admin name and password
Disable OS automatic updates and enable SSH access for the Unifi OS
OK, somewhat annoyingly, these settings are only available on the Web interface, so this is a little tricky, you go to the Unifi.ui.com and then when you click on the controller, you will see a big list of applications and then at the bottom you will see System Settings:
- Go to System Settings > Updates
- Here you will see the updates for all the Unifi Applications, Network, Access, Protect and Voice so you can do them manually
- You can also set the update channel from stable to beta (see below but you might want this to try 1.10 for instance
- But scroll all the way down and you will see Auto Update and you can turn off the Applications and the Unifi Dream Machine Pro update (or whatever Unifi OS Console you have).
- Now go to System Settings > Advanced and click on enable SSH and set the password for the
admin
account. This is really critical in case the UI crashes (see below).
Unifi OS 1.9.x Memory Leaks prevents the web interface from starting and Unifi Protect from working
None of this really affected me though until the latest 1.9 version where with complicated systems (I’m up to five APs, four cameras, a test phone, a test access point and probably 50 clients). But what is happening is that there is a memory leak in 1.9 that causes the user interface to not start. Everything else works but you can’t access it except via SSH. So, the first time this happened, I tried to do a restart and then the OS hung completely on start. Sigh. It is a long story, but I ended up doing a factory reset which is a terrible le idea
The easy fix by ssh and using unifi-os CLI
Turns out that for advanced users, there are bunch of commands that you can run by an ssh into your Unifi Dream Machine (which is called the Base version) and the Pro Version. The key ones are:
- ssh root@_ip_address_ of your dream machine and you will enter the password you set above
- Then unifi is actually running Linux and in Podman there is a huge module called unifi-os and you can run
unifi-os restart
and this will take a minute but will reboot the Unifi OS running on your console. - You can also do specific firmware updates.
- Also you can look at logs at cat /mnt/data/unifi-os/unifi/logs/server.log and system logs at cat /mnt/data/unifi-os/unifi-core/logs/system.log
- You can also update the Unifi-os and the Linux there with
ubnt-upgrade https://fw-download.ubnt.com/<insertfilepathhere>.bin
where you need to find the bin that lives up there.