How to verify the validity of an SSH server's configuration

Your SSH server needs to be restarted for any changes to take effect. If you're editing your sshd_config file from an SSH connection, any misconfiguration would mean you will be locked out from the server when the SSHd service fails to start. You will then not be able to fix the configuration issue further.

SSHd has an option to test and verify your config where it will only check the validity of your SSH server configuration file and immediately exit. It will display errors if there are any, and you can continue to make changes until there are no more errors before restarting SSHd service to enable the changes.

1. Open terminal application.
2. Open your sshd_config file using your favorite text editor.

   $ sudo vi /etc/ssh/sshd_config
   [sudo] password for user:

3. Make changes, save and exit editor.

   # Example of overriding settings on a per-user basis
   #Match User anoncvs
   #       X11Forwarding no
   #       AllowTcpForwarding no
   #       PermitTTY no
   #       ForceCommand cvs server
   PrintMotd not
   :wq

4. Test configuration file syntax using sshd.

   $ sudo sshd -t
   /etc/ssh/sshd_config line 124: unsupported option "not".

   -t      Test mode.  Only check the validity of the
           configuration file and sanity of the keys.
           This is useful for updating sshd reliably as
           configuration options may change.

   Use -f option to test alternate configuration file.

   $ sudo sshd -t -f /etc/ssh/sshd_config_test

5. Fix your sshd_config file for errors and continue testing.

   $ sudo sshd -t
   $

6. Restart SSHd service for the changes to take effect.

   $ sudo systemctl restart sshd

   Related: How to start, restart, and stop the SSH server service