UniFi Switch: How to access the CLI & Config via SSH

By JC | November 22, 2017 | Comments 15 comments

In this article, I will show you how to access a UniFi switch’s CLI interface and configuration. As you know, UniFi Switches are controlled and configured through the UniFi Controller. When you SSH to the switch you only get a linux shell prompt rather than a command line interface.

Here is how to connect to the UniFi switch CLI

SSH to the switch & login.
The credentials can be found in your UniFi controller’s settings.
At the # prompt, telnet to 127.0.0.1
At the (UBNT) > prompt type “enable“
Type “show run” to output the running configuration of the switch

BusyBox v1.19.4 (2017-07-12 21:42:26 PDT) built-in shell (ash)
Enter 'help' for a list of built-in commands.

US.v3.8.6# telnet 127.0.0.1

Entering character mode
Escape character is '^]'.

Warning!
The changes may break controller settings and only be effective until reboot.

(UBNT) >enable

(UBNT) #show run

!Current Configuration:
!
!System Description "USW-48P-500, 3.8.6.6650, Linux 3.6.5"
!System Software Version "3.8.6.6650"
!System Up Time          "61 days 16 hrs 24 mins 2 secs"
!Additional Packages     QOS,IPv6 Management
!
....

Once you have reached the (UBNT) # prompt you are effectively configuring an EdgeSwitch, here is the EdgeSwitch CLI command reference.

If you want to backup the configuration file you can use one of the following commands.

# 
# Backup unifi switch config over FTP
(UBNT) # copy system:running-config ftp://user@192.168.1.20/unfi-switch.cfg

#
# Backup unifi switch config over TFTP
(UBNT) # copy system:running-config tftp://192.168.1.20/unfi-switch.cfg

#

To make changes to the switch configuration use the configure command to enter config mode. Here is an example of how to change the description for interface 0/1

(UBNT) #config

(UBNT) (Config)#interface  0/1

(UBNT) (Interface 0/1)#description "Port 1 Testing"

(UBNT) (Interface 0/1)#exit

(UBNT) (Config)#exit

(UBNT) #exit

Note: Configuration changes you make to the switch via the CLI will be overwritten by the UniFi controller when the switch is restarted.

15 Replies to “UniFi Switch: How to access the CLI & Config via SSH”

Thanks for this post. You helped me recover a switch when I accidentally put it on a vlan which was incompatible with its static IP config. logged in and ran a “no network mgmt_vlan” and it connected to unifi.

Thank you for this useful info.
The problem is that I tried on different versions of firmware for a Tough Switch and I did the following steps:

1. ssh
2. telnet localhost
SW.v1.3.2# telnet localhost

Entering character mode
Escape character is ‘^]’.

TOUGHSwitch PoE PRO login:

After telnet localhost I am prompted with login insteand of (UBNT)> which means that I can not send “enable” command.

If I pass used and password I go back to the linux shell.

Any ideas how can I manage to enter CLI menu ?

JC says:
July 26, 2018 at 6:25 am
Revised:
No such interface exists on the ToughSwitch. This CLI is only available on EdgeSwitch & UniFi Switches.
Reply

how to check Vlan configuratin in ToughSwitch (I found there is *Show Vlan* in edgeswitch) to check vlan!

JC says:
January 28, 2019 at 9:03 pm
Toughswitch is a very different device from a EdgeSwitch or UniFi Switch
To output vlan info on a toughswitch type…
bcmtool -c dump
VLANS TABLE ---------- VLAN: 1; TAGGED: 0 1 2 3 ; UNTAGGED: VLAN: 50; TAGGED: 1 2 ; UNTAGGED: VLAN: 107; TAGGED: 1 2 3 ; UNTAGGED: VLAN: 108; TAGGED: 1 2 3 4 5 6 ; UNTAGGED: VLAN: 109; TAGGED: 1 2 3 ; UNTAGGED: VLAN: 110; TAGGED: 1 2 ; UNTAGGED: VLAN: 201; TAGGED: 1 2 7 ; UNTAGGED: VLAN: 202; TAGGED: 1 2 8 ; UNTAGGED:
if you want to see the toughswitch configuration file…
cat /tmp/running.cfg
I hope that helps you out.
Reply

copy system:running config to ftp work only on edgeswitch not on USW. There are only nvram:factory-defaults and nvram:startup-config possibilitiess as a destination

Dear Bros,

How can I check all port duplex issue at Touchswitch POE Pro with CLI mode ??
Thanks

telnet is not available on newer unifi switches firmware…

yes telnet is still available from within a local SSH session..
ssh into switch then telnet local – commands still work working on unifi pro 48 Currently with normal switch cli commands..
application Start or stop an application.
>?
arp Purge a dynamic or gateway ARP entry.
boot Marks the given image as active for subsequent
re-boots.
cablestatus Isolate the problem in the cable attached to an
interface.
capture Enable CPU packets capturing.
clear Reset configuration to factory defaults.
configure Enter into Global Config Mode.
copy Uploads or Downloads file.
debug Configure debug flags.
delete Deletes the given image or the language pack file.
dir Display directory information.
disconnect Close remote console session(s).
dot1x Configure dot1x privileged exec parameters.
enable Set the password for the enable privilege level.
erase Erase configuration file.
exit To exit from the mode.
filedescr Sets text description for a given image.
help Display help for various special keys.
hostname Change the system hostname.
ip Configure IP parameters.
logout Exit this session. Any unsaved changes are lost.
network Configuration for inband connectivity.
quit Exit this session. Any unsaved changes are lost.
release To release IP Address.
reload Reset the switch.
renew To renew IP Address.
script Apply/Delete/List/Show/Validate Configuration Scripts.
set Set Router Parameters.
show Display Switch Options and Settings.
snmp-server Configure SNMP server parameters.
telnetcon Configure telnet connection parameters.
terminal Set terminal line parameters.
update Updates the bootloader on the node from the activated
image.
vlan Type ‘vlan database’ to enter into VLAN mode.
write Configures save options.

—– Just figured I’d update from the last comment

Hello.Do you know how to connect to unifi switch G2 ?
Model: USW-16-POE
Version: 4.3.20.11298

I can’t use telnet here i don’t know why is different.

Christophe says:
February 10, 2021 at 5:07 am
Hi Enrique,
I have the same issue here.
Model: USW-16-POE Gen 2
Version: 4.3.22.11330
No telnet client on the switch… :(
Did you get an answer?
Reply

Anyone knows how to make a config permanent? my unifi switches reset config after reboot. write config doesn’t help.
I’ve created a following shell script in the linux

#!/bin/sh
while true; do
{
echo enable
echo vlan database
echo vlan name XX “Data”
echo vlan name XY “Voice”
echo vlan name XZ “guest”
echo quit
} | telnet localhost
sleep 300; done

which supposed to add config and it adds it successfully however I’m unable to make it permanent.
tried editing /etc/inittab file and all the entries disappear after reboot.
I wish cloud key could allow executing or adding additional config to interfaces. I’m unable to achieve desired config using WUI of the cloud key.

Thank you,

Tom P says:
September 3, 2021 at 3:00 pm
Sergey,
I had the same question – it looks like instead of exiting, we need to “write memory” – I will try this this weekend.
This is the best post about the Unifi Switch Command Line – I have not been able to find a command line reference other than the help in the CLI
(UBNT) #write ?
memory To permanently save configuration changes to NVRAM.
Reply
1. Chris says:
  April 9, 2022 at 4:15 am
  maybe
  copy system:running-config nvram:factory-defaults
  Reply