All Products
Search

This Product

    :What do I do if the "could not set limit for 'nofile': Operation not permitted" error message appears when I connect to a Linux ECS instance by using SSH?

    Document Center

    :What do I do if the "could not set limit for 'nofile': Operation not permitted" error message appears when I connect to a Linux ECS instance by using SSH?

    Last Updated:Mar 12, 2025

    This topic describes the cause of and solution to the issue that the "could not set limit for 'nofile': Operation not permitted" error message appears when you connect to a Linux Elastic Compute Service (ECS) instance by using SSH.

    Problem description

    When you connect to a Linux ECS instance by using SSH, the following error message appears: 

    -bash: fork: retry: Resource temporarily unavailable.
pam_limits(sshd:session): could not sent limit for 'nofile':operation not permitted.
Permission denied.

    Cause

    The nofile value in the resource limit configuration file named /etc/security/limits.conf in the Linux kernel is too large and exceeds the maximum number of files that the kernel can open. As a result, you cannot use SSH to connect to the Linux ECS instance.

    Solution

    You can modify the /etc/sysctl.conf or /etc/security/limits.conf configuration file based on your business requirements to resolve the preceding issue.

    1. Connect to the Linux ECS instance by using Virtual Network Computing (VNC).

      For more information, see Methods for connecting to an ECS instance.

    2. Run the following commands to view the values of the fs.file-max and fs.nr_open parameters.

      • If the values of the fs.file-max and fs.nr_open parameters are less than or equal to 65536, proceed to Step 3.

      • If the values of the fs.file-max and fs.nr_open parameters are greater than 65536, proceed to Step 4.

        cat /proc/sys/fs/file-max 
cat /proc/sys/fs/nr_open

    3. Modify the /etc/sysctl.conf configuration file.

      1. Open the /etc/sysctl.conf configuration file. 

        vim /etc/sysctl.conf

      2. Press the I key to enter Insert mode.

      3. Change the values of the fs.file-max and fs.nr_open parameters.

        We recommend that you change the values of the fs.file-max and fs.nr_open parameters to a value that is greater than 65536.

          Note

          • fs.file-max: The number of files that can be opened by all processes in the kernel.

          • fs.nr_open: The number of files that can be opened by a single process in the kernel. 

        fs.file-max = 655360
fs.nr_open = 655360

    4. Modify the /etc/security/limits.conf configuration file.

      1. Open the /etc/security/limits.conf configuration file. 

        vim /etc/security/limits.conf

      2. Press the I key to enter Insert mode.

      3. Change the values of the * soft nofile and * hard nofile parameters.

        For example, change the values of the * soft nofile and * hard nofile parameters to values that are greater than 65535. 

        * soft nofile 655350
* hard nofile 655350

    5. Restart the ECS instance.

      For more information, see Start an instance.

    6. Run the following commands in sequence to check whether the values of the fs.file-max and fs.nr_open parameters are changed:

      cat /proc/sys/fs/file-max
cat /proc/sys/fs/nr_open

    Reference

    What do I do if I cannot connect to a Linux instance?