Validate sshd changes without restarting the daemon
The -t
flag tests a configuration file without restarting the sshd
daemon. This is helpful if you are ssh
-ed into a server and need to change the sshd_config
file before updating your configuration management scripts - an error may prevent your server from accepting your next ssh
session, or kick you off the box.
The -f
option allows you to specify a file. Excluding it tests the current configuration file (i.e ./etc/ssh/sshd_config
).
$ sudo sshd -t -f /tmp/sshd_config
This command can also be used to test for installed ciphers when changing cryptographic options, as well as syntax errors.