Your SSH server needs to be restarted for any changes to take effect. If you're editing your sshd_config file from an SSH connection, any misconfiguration would mean you will be locked out from the server as the SSHd service fails to start. You will then not be able to fix the configuration issue further.

SSHd has an option to test and verify your config where it will only check the validity of your SSH server configuration file and immediately exit. It will display errors if there are any, and you can continue to make changes until there are no more errors before restarting SSHd service to enable the changes.

Steps to test OpenSSH configuration file:

  1. Open terminal application.
  2. Open your sshd_config file using your favorite text editor.
    $ sudo vi /etc/ssh/sshd_config
    [sudo] password for user:
  3. Make changes, save and exit editor.
    # Example of overriding settings on a per-user basis
    #Match User anoncvs
    #       X11Forwarding no
    #       AllowTcpForwarding no
    #       PermitTTY no
    #       ForceCommand cvs server
    PrintMotd not
    :wq
  4. Test configuration file syntax using sshd.
    $ sudo sshd -t
    /etc/ssh/sshd_config line 124: unsupported option "not".
    -t      Test mode.  Only check the validity of the
            configuration file and sanity of the keys.
            This is useful for updating sshd reliably as
            configuration options may change.

    Use -f option to test alternate configuration file.

    $ sudo sshd -t -f /etc/ssh/sshd_config_test
  5. Fix your sshd_config file for errors and continue testing.
    $ sudo sshd -t
    $
  6. Restart SSHd service for the changes to take effect.
    $ sudo systemctl restart sshd
Discuss the article:

Comment anonymously. Login not required.

Share!