All Products
Search
Document Center

The "Bad configuration options" error occurs when the SSH service is started.

Last Updated: Dec 31, 2020

Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.

Problem description

After you start the SSH service on an ECS instance of the Linux, similar information such as the following may be displayed in the command line or secure log.

/etc/ssh/sshd_config: line 2: Bad configuration options:\\ /etc/ssh/sshd_config: terminating, 1 bad configuration options

Cause

The configuration file has exceptions such as file encoding and configuration errors, resulting in service startup failure.

Solution

Alibaba Cloud reminds you that:

  • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
  • If you modify the configurations and data of instances including but not limited to ECS and RDS instances, we recommend that you create snapshots or enable RDS log backup.
  • If you have authorized or submitted security information such as the logon account and password in the Alibaba Cloud Management console, we recommend that you modify such information in a timely manner.

To solve this problem, see the following steps for troubleshooting and repair.

Modify the configuration file based on the error message.

If the error message clearly indicates the specific incorrect configuration, The corresponding entries in the /etc/ssh/sshd_config file can be modified directly through editors such as vi.

Note: find a normal ECS instance and compare it with the file /etc/ssh/sshd_config to modify the configuration.

Upload objects

If there are too many errors or the error message does not contain a clear description. You can try to restore the service by following these steps and referring to the external normal configuration.

  1. Upload the /etc/ssh/sshd_config file on a normal server to the target instance via FTP.
  2. Assume that the upload directory is /TMP. Run the following command to copy the files to a normal Directory:
    cp /tmp/sshd_config /etc/ssh/sshd_config
  3. Run the following command to modify file permissions, owner, and group.
    chmod 600 /etc/ssh/sshd_config
    chown root:root /etc/ssh/sshd_config
  4. If you cannot upload a normal external configuration file, you can directly edit and compose the configuration file according to the normal configuration file.
  5. Run the following command to restart the SSH service:
    service sshd start

Reinstall the SSH service

If the preceding operation is inconvenient, you can perform the following steps to fix the problem by reinstalling the SSH service.

  1. Run the following command to uninstall the SSH service:
    rpm -e openssh-server
  2. Run the following command to install the SSH service.
    yum install openssh-server
  3. Run the following command to start SSH.
    service sshd start

Restore a disk by rolling back the disk

If an instance is stopped but does not affect your business, you can roll back the historical snapshots of the system disk. For more information about how to roll back a disk snapshot, see roll back disks.

Note:

  • Snapshot rollback will cause data loss after the rollback point. Please confirm before performing this operation.
  • We recommend that you roll back the snapshots one by one from near to far until the SSH service runs properly. If the SSH service cannot run normally after the rollback, it indicates that the system has encountered an exception at the corresponding time point.

References

If the problem persists, seeguidelines for troubleshooting failure to remotely log on to a Linux instance through SSH for further troubleshooting and analysis.

Application scope

  • ECS