:Resolve the 'fatal: Cannot bind any address' error when starting the SSH service on a Linux ECS instance

Problem description

Remote SSH connections to a Linux Elastic Compute Service (ECS) instance fail because the SSH service cannot start. The following error is logged to the /var/log/secure file:

FAILED.
fatal: Cannot bind any address.
address family must be specified before ListenAddress.

Cause

The issue occurs because the AddressFamily parameter in the SSH configuration file, /etc/ssh/sshd_config, is set to inet6, which forces the SSH service to listen only on IPv6 addresses. Because IPv6 is not enabled on the system, the sshd service cannot bind to an IPv6 address and fails to start.

Solution

To resolve this issue, connect to the instance over VNC to modify the SSH configuration file. After you modify the file, restart the service to ensure it starts correctly.

1. Log on to an ECS instance using a VNC connection.

   1. Go to ECS console - Instance. In the top navigation bar, select the target region and resource group.

   2. Go to the details page of the target instance. Click Connect and select VNC. Enter the username and password to log on to the ECS instance.

2. Edit the /etc/ssh/sshd_config file. Find the line AddressFamily inet6 and change it to:

   AddressFamily inet

3. Restart the sshd service.

   systemctl restart sshd.service

Recommendations

If your workload requires IPv6, you must first enable and configure IPv6 for the instance. After IPv6 is enabled, you can change the AddressFamily parameter back to inet6.