-
Notifications
You must be signed in to change notification settings - Fork 21
Upgrade Process from V1.x to V2.x
This document describes my experience while moving from V1.x (with podman containers) to V2.x (running on bare metal).
I moved on January 30, 2023 from EA 1.12.37 to EA 1.12.38, then to EA 2.4.27.
✅ Running with valid LE certificate. To my surprise, this was not touched during the upgrade.
The installation and renewal process from ubios-cert works well for 2.4.27.
❕ Host key has changed. Not fatal, and no surprise.
Fix: Remove the offending host key from ~/.ssh/known_hosts. But then...
❗ Too many authentication failures
Actually that is good news: UI is now finally using ED25519 instead of RSA. So let's get used to it. Plus, the SSH key has been removed from the root account.
Fix:
Use ssh 192.168.1.1 -l root -o IdentitiesOnly=yes to not have your SSH demon look at the identities files
If that does not work, try to
- Go To UniFiOS -> System (i.e. on the "console", not the network app
- Disable SSH access
- Enable SSH access and sell your soul by accepting the disclaimers, set new password
We will then be greeted by
# ssh 192.168.1.1 -l root -o IdentitiesOnly=yes
[email protected]'s password:
Linux UDM-Pro-Munchen 4.19.152-ui-alpine #4.19.152 SMP Thu Jan 19 14:13:14 CST 2023 aarch64
Firmware version: v2.4.27
___ ___ .__________.__
| | |____ |__\_ ____/__|
| | / \| || __) | | (c) 2010-2022
| | | | \ || \ | | Ubiquiti Inc.
|______|___| /__||__/ |__|
|_/ https://www.ui.com
Welcome to UniFi Dream Machine Pro!
********************************* NOTICE **********************************
* By logging in to, accessing, or using any Ubiquiti product, you are *
* signifying that you have read our Terms of Service (ToS) and End User *
* License Agreement (EULA), understand their terms, and agree to be *
* fully bound to them. The use of CLI (Command Line Interface) can *
* potentially harm Ubiquiti devices and result in lost access to them and *
* their data. By proceeding, you acknowledge that the use of CLI to *
* modify device(s) outside of their normal operational scope, or in any *
* manner inconsistent with the ToS or EULA, will permanently and *
* irrevocably void any applicable warranty. *
***************************************************************************
# ssh -V
OpenSSH_7.4p1 Debian-10+deb9u7, OpenSSL 1.0.2u 20 Dec 2019
ssh has been moved away from dropbear 2018.76. Not to a most recent version, but at least this one can deal with ED25519 SSH keys.
How to install and access with keys?
Create directory .ssh with rights 0755 in home of root, drop the public key in authorized_keys file.
And... 🥁 drumroll ... it survives reboots. Not sure about firmware upgrades, yet.
Disclaimers are great, mainly for lawyers.
So, let's take the engineers approach and grab some more relevant information.
Approach #1 is to re-install unifios-utilities, which is generally a good idea, and put the below script in a file like /data/on_boot.d/11-shell-profile.sh and make the executable with chmod +x 11-shell-profile.sh
Poor man's solution #2 is to add this script to ~/.bashrc:
#!/bin/sh
## Configure shell profile
device_info() {
echo $(/usr/bin/ubnt-device-info "$1")
}
# Modify login banner (motd)
cat > /etc/motd <<EOF
Welcome to UniFi Dream Machine!
(c) 2010-$(date +%Y) Ubiquiti Inc. | http://www.ui.com
Model: $(device_info model)
Version: $(device_info firmware)
MAC Address: $(device_info mac)
EOF
While at it, we can also fix the prompt by running
# Extend UbiOS prompt to include useful information
cat > /etc/profile.d/prompt.sh <<'EOF'
UDM_NAME="$(grep -m 1 '^name:' /data/unifi-core/config/settings.yaml | awk -F: '{ gsub(/^[ \t]+|[ \t]+$/, "", $2); print tolower($2) }')"
PROMPT_MAIN="\u@${UDM_NAME}:\w"
export PS1="[UDM] ${PROMPT_MAIN}${PS1}"
EOF
With that, our next login looks like this:
# ssh 192.168.1.1 -l root -o IdentitiesOnly=yes
[email protected]'s password:
Linux UDM-Pro-Munchen 4.19.152-ui-alpine #4.19.152 SMP Thu Jan 19 14:13:14 CST 2023 aarch64
Firmware version: v2.4.27
Welcome to UniFi Dream Machine!
(c) 2010-2023 Ubiquiti Inc. | http://www.ui.com
Model: UniFi Dream Machine Pro
Version: 2.4.27
MAC Address: 74:aa:bb:dd:55:ff
Last login: Mon Jan 30 16:46:10 2023 from 192.168.1.6
root@UDM-Pro-Munchen:~#
🎉 good news is: seems like the standard values for PWM and temperature setpoints now are pretty close to what we did in ubnt-auto-fan-speed
# cat /sys/class/hwmon/hwmon0/device/pwm2
89
# cat /sys/class/hwmon/hwmon0/device/pwm1
114
# cat /sys/class/hwmon/hwmon0/device/pwm2_auto_point1_pwm
85
# cat /sys/class/hwmon/hwmon0/device/pwm1_auto_point1_pwm
45
❓ Great goodness: they still left the setting for auto fan control on manual
# cat /sys/class/hwmon/hwmon0/device/pwm2_enable
1
# cat /sys/class/hwmon/hwmon0/device/pwm1_enable
1
If that would be set to automatic, we would read a number 2 here. But at least, no huge noise in the default settings. Let's wait for summer. Why use automation if you can 🤷?