OpenSSH Tip: Check Syntax Errors before Restarting Server

by on January 8, 2008 · 4 comments· LAST UPDATED January 8, 2008

in , ,

OpenSSH - SSHD Logo

OpenSSH / OpenBSD Secure Shell - is default secure shell for encrypted communication sessions over a computer network using the ssh protocol. Usually, you login using ssh and makes changes to its configuration file /etc/ssh/sshd_conf over a remote session. If there is an error in configuration, server may not start (i.e. no remote login allowed). This will result into a disaster; if you didn't have access to remote console. But how do you find out a syntax error for sshd_config file?

OpenSSH Test Mode

OpenSSH has test mode option. Use the -t option to check the validity of the configuration file and sanity of the keys. This is useful for updating sshd reliably as configuration options may change.After making changes to config file, type the following command run syntax check on configuration file, enter:
$ sudo /usr/sbin/sshd -t
# sshd -t

/etc/ssh/sshd_config: line 26: Bad configuration option: PermitRootLogins
/etc/ssh/sshd_config: terminating, 1 bad configuration options

If there is error, it will show on screen. Otherwise it will not display any message:
$ sudo /usr/sbin/sshd -t
$ echo $?



If there is error on line # 26, edit config file using vi text editor, enter:
$ sudo vi +26 /etc/ssh/sshd_config
Please note that test mode can be done while running the OpenSSH daemon (sshd). If there is no error, simply type a restart sshd command:
# service sshd restart
# /etc/init.d/ssh restart

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 4 comments… read them below or add one }

1 digen January 12, 2008 at 12:24 pm

Fantastic tip. Thank you !


2 Kalin Mandaliev March 14, 2013 at 10:12 am

Good one ! :) – It’s really helpful.


3 Leo Dirac May 20, 2013 at 5:24 pm

This is so crippling if you get it wrong on a remote machine I’m tempted to put something like this in my crontab:

wall `sshd -t`


4 Cosi Tenero July 22, 2014 at 5:35 pm

To restart the daemon – and read the modified configuration – type /etc/init.d/sshd restart (notice the “d” in “sshd”; there is no /etc/init.d/ssh file)


Leave a Comment

Tagged as: , , , , , , , , ,

Previous post:

Next post: