Unable to Remove Authorized SSH Keys from AirOS

Posted on December 16, 2020 by admin

For some reason I ran into an issue where I can not remove authorized SSH Keys in AirOS version 6.3. It redirects to a 404 page and then to the main page.

404 Error while attempting to remove SSH keys

Thankfully, we can still remove the authorized keys from the command line. For more information on making changes over SSH, refer to the following post.

Ubiquiti AirOS – applying changes over ssh

SSH into radio. Replace username and IP address with your radios user and IP.

ssh ubnt@192.168.1.20

Open up config file

vi /tmp/system.cfg

Search for the lines that contain

the sshd.auth.key and remove them

Save the file and write the configuration with

/usr/etc/rc.d/rc.softrestart save

Once the command completes, you should be good to go.

Ubiquiti – Renewing DHCP client lease from command line

Posted on December 25, 2019 by admin

AirOS uses udhcpc for the DHCP client on Ubiquiti Radios. To renew the DHCP address you can kill the udhcpc process and it’ll automatically restart and get a new address.

Renew DHCP lease

Kill udhcpc with the following command.

killall udhcpc

Other info

Print info about the DHCP lease. May need to change “info.br1” to “info.eth0” or some other interface.

cat /etc/udhcpc/info.eth0

Example output.

XW.v6.2.0# cat /etc/udhcpc/info.br1 
u_interface="br1"
u_broadcast=""
u_subnet="255.255.255.0"
u_ip="10.93.0.10"
u_router="10.93.0.1"
u_dns="8.8.8.8 1.1.1.1"
u_hostname=""
u_serverid="10.93.0.1"
u_domain=""
u_leasetime=600
u_timestamp="1143249941"
u_started=1142593
u_pid=936
XW.v6.2.0#

Command arguments that udhcp is run with. Info was collected by running the “ps | grep udhcp” command. Note that the interface “eth0” can be different if the device is in bridge mode.

/sbin/udhcpc -f -i eth0 -s /etc/udhcpc/udhcpc -p /var/run/udhcpc.eth0.pid -h device_name

udhcpc help output

XW.v6.2.0# udhcpc --help
BusyBox v1.24.2 (2019-07-03 11:13:35 EEST) multi-call binary.

Usage: udhcpc [-fbqvRB] [-t N] [-T SEC] [-A SEC/-n]
        [-i IFACE] [-s PROG] [-p PIDFILE]
        [-oC] [-r IP] [-V VENDOR] [-F NAME] [-x OPT:VAL]... [-O OPT]...

        -i,--interface IFACE    Interface to use (default eth0)
        -s,--script PROG        Run PROG at DHCP events (default /usr/share/udhcpc/default.script)
        -p,--pidfile FILE       Create pidfile
        -B,--broadcast          Request broadcast replies
        -t,--retries N          Send up to N discover packets (default 3)
        -T,--timeout SEC        Pause between packets (default 3)
        -A,--tryagain SEC       Wait if lease is not obtained (default 20)
        -n,--now                Exit if lease is not obtained
        -q,--quit               Exit after obtaining lease
        -R,--release            Release IP on exit
        -f,--foreground         Run in foreground
        -b,--background         Background if lease is not obtained
        -S,--syslog             Log to syslog too
        -r,--request IP         Request this IP address
        -o,--no-default-options Don't request any options (unless -O is given)
        -O,--request-option OPT Request option OPT from server (cumulative)
        -x OPT:VAL              Include option OPT in sent packets (cumulative)
                                Examples of string, numeric, and hex byte opts:
                                -x hostname:bbox - option 12
                                -x lease:3600 - option 51 (lease time)
                                -x 0x3d:0100BEEFC0FFEE - option 61 (client id)
        -F,--fqdn NAME          Ask server to update DNS mapping for NAME
        -V,--vendorclass VENDOR Vendor identifier (default 'udhcp VERSION')
        -C,--clientid-none      Don't send MAC as client identifier
        -v                      Verbose
Signals:
        USR1    Renew lease
        USR2    Release lease
XW.v6.2.0#

Note that you can also send a signal to the PID of udhcpc and have it renew the address. To do that use the following command, replacing pidofudhcpc to pid of udhcp.

kill -s USR1 pidofudhcpc

or use the following command to find the pid for you.

kill -s SIGUSR1 $(pgrep udhcpc)

Ubiquiti AirOS – applying changes over ssh

Posted on August 9, 2019 by admin

When applying changes over ssh you’ll need to “write” or “save” the changes. Usually you’ll edit the /tmp/system.cfg config file and then save the changes with one of the following commands.

/usr/etc/rc.d/rc.softrestart save
or
cfgmtd -f /tmp/system.cfg -w && reboot

rc.softrestart has some advantages. It does not require the radio to reboot when making changes to things like SNMP or the device name.

It does seem to have issues sometimes with certain changes. The following happened when attempting to replace the whole /tmp/system.cfg with a previous backup config.

XM.v6.1.8# XM.v6.1.8# /usr/etc/rc.d/rc.softrestart save
]--- /tmp/.running.cfg.972
+++ /tmp/.system.cfg.972
@@ -1,110 +1,256 @@
... more random stuff ...
Fast system script build Success.
Fast syslog script build Success.
Fast users script build Success.
Fast poepass script build Success.
Fast resolv script build Success.
do_radio_fast_script: rname wifi0
Unsuported change in radio.1.dfs.status for fast update
Fast radio script build failed
Fixup Startup_list …Done.
Welcome back!
[ubnt@localhost] >

If you have issues applying changes with the softrestart, you can try it with cfgmtd. Downside is the radio does reboot.

cfgmtd -f /tmp/system.cfg -w && reboot

You could potentially take the reboot off the end of the above command, but have had random issues in the past where the only way to fix it was a physical reboot. Having the radio reboot after applying the config seems to resolve the issue

Ubiquiti AirOS – “test” changes from command line

Posted on July 29, 2019 by admin

The following is a method to recover from a command that may inadvertenly make a radio go offline.

The idea is to launch a process in the background that sleeps for 5 minutes and then reboots the radio, so any changes not saved will be reverted. If the changes were successful, you’ll just need to log back in and kill the background process to keep the device from rebooting.

This can be helpful if your changing networking settings using ifconfig, trying to change routes, or something went wrong while trying to apply a system.cfg setting.

Commands

sleep 300 && reboot &

Execute whatever command you need to. i.e.

ifconfig 192.168.1.100

If your command worked you can log back into the device and search for the process id of the sleep command and kill it so the radio doesn’t reboot.

ps | grep sleep

Example output

2XC.v8.5.12# ps | grep sleep
   412 admin     1636 S    sleep 500
   414 admin     1640 S    grep sleep
 2XC.v8.5.12#

Kill the pid

kill 412

Configure AirOS SNMP settings over ssh

Posted on May 24, 2019 by admin

In this post we’ll see how we can configure AirOS SNMP settings from the command line.

ubntmod command with save without rebooting.

./ubntmod.sh -i 192.168.1.20 -s "private;monitor@incredigeek.com;[30.69636, -88.04811]" -X '/usr/etc/rc.d/rc.softrestart save'

Alternative manual method.

ssh ubnt@192.168.1.20

Open config file

vi /tmp/system.cfg

Find the SNMP settings and modify as needed. Example below

snmp.community=private
snmp.contact=monitor@incredigeek.com
snmp.location=[30.69636, -88.04811]

Save and exit file with :x

Apply settings

/usr/etc/rc.d/rc.softrestart save

Incredigeek

Tag Archives: airos

Unable to Remove Authorized SSH Keys from AirOS

Ubiquiti – Renewing DHCP client lease from command line

Ubiquiti AirOS – applying changes over ssh

Ubiquiti AirOS – “test” changes from command line

Configure AirOS SNMP settings over ssh