Change VLAN ID Ubiquiti Radio from SSH

First we’ll need to ssh into the device

ssh ubnt@

Next lets open up the config file

vi /tmp/system.cfg

Now search for vlan and replace the vlan id with the appropriate number

In VI you can search by hitting / and then type in vlan

After you have changed all the vlan ids, save the file with esc, wq, enter.

Now we can save the config with

cfgmtd -f /tmp/system.cfg -w && reboot

Change UniFi User Password from Command Line

  1. SSH into the UniFi server
  2. Connect to MongoDB
  3. Find user ObjectId
  4. Update user info with new Password

You will need a hash of the password to put into the database. We don’t cover that in this post. You could copy the password from a different user account or use a different UniFi instance to change the password and then check the DB to find the hash.

SSH into the UniFi Server

ssh unifiadmin@unifiserver

Connect to MongoDB

Connect to Mongo by typing in the following.

mongo -port 27117

Then select the ace database by typing

use ace

Find user ObjectId

The admins are in the admin collection/table. Use the following command to list all the users and their name, email, and password hash.

db.admin.find({ }, { name:"" , email : "", "x_shadow" : "" })

Update user info with new Password

The following looks complex. Fortunately though you should be able to copy and paste. You should only need to change the
– ObjectId to your User Id
– Password Hash to your password hash

db.admin.update({"_id" : ObjectId("223abc5489de0a93be758493")}, {$set: { "x_shadow" : "$6$nwpi7.q2$OuD9/UZGZt5cD739Dt7j8Gb1uPtfU99p0DeDSurSNBZVizieUrFVFbRufiZMgOk2IaaDZN9BVmL9yUwQ2mC8f."}});

Note: The hash above is password. Not recommended for use.

You should receive a confirmation that it succeeded. Test the new password by logging into the UniFi Controller.

For more MongoDB commands, check out this post.

Get list of IP DHCP Leases from Mikrotik RouterOS Command Line

Sometimes it is nice to have a list of just the IP addresses and the hostname or mac address. Can be especially helpful when you are trying to get a list of devices to do a bulk update in LibreNMS. Helpful LibreNMS links for renaming and showing down devices

we are going to run the command to pull the DHCP information and then use Unix utilities to parse the data out.

Replace dhcp8 with the correct dhcp server in the mikrotik.

First, SSH into your Mikrotik router.

ssh user@mikrotik

Next we’ll want to go to the ip dhcp-server lease directory

/ip dhcp-server lease

Now we can run the following command to loop through and pull out all the info we need.
You can change the info like “mac-address” for something like “status”. You can use Tab to see what options are available. Just delete mac-address and hit tab twice.

:foreach i in=[find] do={ :put ([get $i address].",".[get $i mac-address].",".[get $i server].",".[get $i host-name ])}

Found the above helpful info from the following pdf file.

Unable to Remove Authorized SSH Keys from AirOS

For some reason I ran into an issue where I can not remove authorized SSH Keys in AirOS version 6.3. It redirects to a 404 page and then to the main page.

Attempting to remove SSH keys in AirOS
404 Error while attempting to remove SSH keys

Thankfully, we can still remove the authorized keys from the command line. For more information on making changes over SSH, refer to the following post.

SSH into radio. Replace username and IP address with your radios user and IP.

ssh ubnt@

Open up config file

vi /tmp/system.cfg

Search for the lines that contain

the sshd.auth.key and remove them

Remove the sshd.auth.key lines

Save the file and write the configuration with

/usr/etc/rc.d/rc.softrestart save

Once the command completes, you should be good to go.

LibreNMS – Rename Host From Command Line

SSH into LibreNMS server

ssh user@librenms-server

cd into the LibreNMS directory

cd /opt/librenms

Rename host

sudo ./renamehost.php old-hostname new-hostname


Note you can use IP addresses if the device is using that as the host name

sudo ./renamehost.php 192.168.2

You may want to check out these posts

Reset UniFi to Factory Defaults – Command Line

SSH into the UniFi. Note that the UniFi username and password get updated from the controller. Refer to here to find username and password.

ssh ubnt@

run the script with the restore-default option restore-default

Once the device is reset, log in over ssh and reconfigure.

Note that the username and password will now be ubnt/ubnt

Cambium Routers Command Line Info

Helpful commands. Maybe?

  1. nvram_set
  2. nvram_get
  3. nvram_get 2860 Password

Looks like most of the configuration scripts are in /sbin

Web from the /etc_ro/web/admin/managment.php

                                                                                                                                                                                     <fieldset>                                                                                                                                                                                                                                           <legend><script type="text/javascript">Capture(management.Web_Access)</script></legend>                                                                                                                                                      <table class="setting_block">                                                                                                                                                                                                                        <tr>                                                                                                                                                                                                                                                 <td class="head" id="remoteWebLogin"><script>Capture(management.Remote_Web_Login)</script></td>                                                                                                                                              <td>                                                                                                                                                                                                                                                 <select name="remote_web_login">                                                                                                                                                                                                             <option value="0" <% getCfgSelected("DBID_LAN_LOGIN_ONLY", "1"); %>><script>Capture(share.disable)</script></option>                                                                                                                         <option value="1" <% getCfgSelected("DBID_LAN_LOGIN_ONLY", "0"); %>><script>Capture(share.enable)</script></option>                                                                                                                          </select>                                                                                                                                                                                                                            </td>                                                                                                                                                                                                                                </tr>                                                                                                                                                                                                                                        <tr id="WirelessHostLogin_tr">                                                                                                                                                                                                                       <td class="head" id="WirelessHostLogin"><script>Capture(management.wireless_access_web)</script></td>                                                                                                                                        <td>                                                                                                                                                                                                                                                 <select name="wireless_access_web">                                                                                                                                                                                                          <option value="0" <% getCfgSelected("wireless_access_web", "0"); %>><script>Capture(share.disable)</script></option>                                                                                    <option value="1" <% getCfgSelected("wireless_access_web", "1"); %>><script>Capture(share.enable)</script></option>                                                                                                                          </select>                                                                                                                                                                                                                            </td>                                                                                                                                                                                                                                </tr>                                                                                                                                                                                                                                        <tr  id="web_login_access">                                                                            <td class="head" id="WebLoginWay"><script>Capture(management.way_access_web)</script></td>                                                                                                                                                   <td>                                                                                                                                                                                                                                                 <select name="way_access_web">                                                                                    <!--                                                                                    <option value="https" selected = "selected" <% getCfgSelected("way_access_web", "https"); %>><script>Capture(management.https)</script></option>                                                                                             -->                                                                                                                                                                                                                                          <option value="http" <% getCfgSelected("way_access_web", "http"); %>><script>Capture(management.http)</script></option>                                                                                                                      <option value="http&https" <% gethttphttpsSelected("way_access_web", "http&https"); %>><script>Capture(management.http_https)</script></option>                                                                                              </select>                                                                                                                                                                                                                            </td>                                                                                                                                                                                                                                </tr>                                                                                                                                                                                                                                        <tr id="localport_tr">                                                                                                                                                                                                                               <td class="head"><script>Capture(management.localWeb_Port)</script></td>      

 nvram_get  nvram_set
   nvram_get  [] []
   rt2860_nvram_show - display rt2860 values in nvram
   rtdev_nvram_show   - display 2nd ralink device values in nvram
   show    - display values in nvram for 
   gen     - generate config file from nvram for 
   renew   - replace nvram values for  with 
   clear   - clear all entries in nvram for 
   2860    - rt2860
   rtdev    - 2nd ralink device
           - file name for renew command
 nvram_get show
 nvram_get show 2860

Trying to read data

nvram_get gen file tmp.txt
         nvram_get 2860 lan_ipaddr
 nvram_get 2860 lan_ipaddr
 nvram_get 2860 http_wanport
 nvram_get 2860 http
 nvram_get 2860 httpd
 nvram_get 2860 remote_mgt_https
 nvram_get 2860 remote_mgt
 nvram_get 2860 telnet
 nvram_get 2860 remote_mgt
 nvram_get 2860 remote_ip
 nvram_get 2860 wan_ip

grep “nvram_get 2860” * | grep -i web

grep "nvram_get 2860" * | grep -i web 2860 DBID_WEB_PORT  local webport=nvram_get 2860 DBID_WEB_PORT  local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORT  local web_remote_ip=nvram_get 2860 WebRemoteLegalIP  wireless_access_web=nvram_get 2860 wireless_access_web  wanwebport=nvram_get 2860 DBID_WEB_PORT  local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORT  lanwebport=nvram_get 2860 lan_webport  local webport=nvram_get 2860 DBID_WEB_PORT  local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORT  local web_remote_ip=nvram_get 2860 WebRemoteLegalIP            local teluserpwd=nvram_get 2860 DBID_SUPER_WEB_PASSWORD 2860 WebInit    pass=nvram_get 2860 DBID_SUPER_WEB_PASSWORD 2860 lan_gateway #for debug, so remote host can access web route from another device in lan port 2860 DBID_WEB_PORT       local pinglegaip=nvram_get 2860 WebAclList     admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORD     admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORD     admPW=nvram_get 2860 DBID_NORMAL_WEB_PASSWORD             admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORD             admPW=nvram_get 2860 DBID_NORMAL_WEB_PASSWORD         url=nvram_get 2860 websURLFilters         host=nvram_get 2860 websHostFilters


Not exactly sure if this does work, but seems like it should.


Default status



After running above command

Commit changes

nvram_get commit



Change password

Seems like I am missing a step. Seems to change the password in the nvram, but does not actually change it permanently

Get current password

nvram_get 2860 Password

Set Password

nvram_set Password newpassword

Commit Changes and reboot

nvram_set commit

Helpful links

Uses some of the commands (i.e. nvram_get 2860 HostName )

Ubiquiti set DHCP from command line

Edit the “/tmp/system.cfg”

Change the line that contains “dhcpc.status=disabled” to


add the following lines


Save and exit and save changes

/usr/etc/rc.d/rc.softrestart save

Log into the GUI and verify everything looks correct. Under the network tab it was still showing that it had a static address, although it pulled a DHCP IP.

Ubiquiti AirMax – Set radio to use DHCP from command line

Gain access to radio via ssh

ssh ubnt@

open up the /tmp/system.cfg

vi /tmp/system.cfg

Delete the following line. To move the cursor to the following line and type “dd” and vi will delete the whole line.


Add the following 5 lines. Hit “i” to enter vi insert mode.
br0 should be correct interface in most scenarios.


Save the file by hitting esc and then “:wq” followed by Return/Enter

Save the config changes and reboot the radio so it pulls an address.

/usr/etc/rc.d/rc.softrestart save && reboot