This topic describes the cause of and solutions to the following issue: An error message that contains "bad configuration options" appears when you start the SSH service on a Linux Elastic Compute Service (ECS) instance.
Problem description
When you start the SSH service on a Linux ECS instance, an error message similar to the following one appears in the CLI or secure logs:
/etc/ssh/sshd_config: line 2: Bad configuration options:\\ /etc/ssh/sshd_config: terminating, 1 bad configuration optionsCause
Exceptions, such as file coding and configuration errors, exist in the SSH configuration file /etc/ssh/sshd_config on the ECS instance. As a result, the SSH service cannot start.
Solutions
To resolve the preceding issue, use one of the following solutions based on your business requirements:
Modify the SSH configuration file based on the error message
If the error message indicates a specific configuration error, you can correct the configuration based on the error message.
Connect to the ECS instance by using Virtual Network Computing (VNC).
For more information, see Connection method overview.
Run the following command to open the
sshd_configfile:vim /etc/ssh/sshd_configPress the
Ikey to enter Insert mode.Correct the corresponding configuration based on the error message.
NoteYou can correct the configuration based on the
/etc/ssh/sshd_configfile of a healthy ECS instance.Run sshd in test mode.
/usr/sbin/sshd -tIf no information is returned, the sshd configuration is correct.
Run the following command to restart the SSH service:
service sshd start
Upload the sshd_config file of a healthy ECS instance to the faulty ECS instance
If a number of errors occur or the error message does not indicate a specific error, you can upload the /etc/ssh/sshd_config file of a healthy ECS instance to the faulty ECS instance.
Use methods such as FTP to upload the
/etc/ssh/sshd_configfile of a healthy ECS instance to the faulty ECS instance.Run the following command to copy the file from the directory to which the file is uploaded to a regular directory. In this example, the file is uploaded to the
/tmpdirectory.cp /tmp/sshd_config /etc/ssh/sshd_configRun the following commands to modify the file permissions and change the owner and group of the file:
chmod 600 /etc/ssh/sshd_config chown root:root /etc/ssh/sshd_configNoteIf the SSH configuration file of a healthy instance cannot be uploaded, you can edit and compile the SSH configuration file on the faulty ECS instance based on the SSH configuration file of the healthy instance.
Run the following command to restart the SSH service:
service sshd start
Re-install the SSH service
If you do not want to perform the preceding operations to resolve the issue, you can perform the following steps to re-install the SSH service:
Connect to the ECS instance by using VNC.
For more information, see Connection method overview.
Run the following command to uninstall the SSH service:
rpm -e openssh-serverRun the following command to install the SSH service:
yum install openssh-serverRun the following command to start the SSH service:
systemctl start sshd.service
Roll back the system disk
If none of the preceding solutions can resolve the issue, you can use a snapshot to roll back the system disk of the faulty ECS instance. For more information, see Roll back a disk by using a snapshot.
After a disk is rolled back by using a snapshot, all data changes that were made from when the snapshot was created to when the disk was rolled back are lost. Exercise caution when you perform the rollback operation.
We recommend that you select snapshots in reverse chronological order to roll back the system disk until the SSH service can run as expected. If the SSH service fails to start after you use a snapshot to roll back the system disk, an exception occurred at the point in time when the snapshot was created. You can use an earlier snapshot to roll back the system disk.