Fix SSH Service Failed to Start on Ubuntu
If you recently modified your SSH configuration file
(/etc/ssh/sshd_config) on Ubuntu and the SSH service now
fails to start, you are likely dealing with a syntax error, an invalid
directive, or a port conflict. This guide provides a straightforward,
step-by-step troubleshooting workflow to identify the exact cause of the
failure, test your configuration for errors, and successfully restore
your SSH service.
1. Test the SSH Configuration Syntax
Before trying to restart the service repeatedly, use the built-in SSH test command. This is the fastest way to find syntax errors in your configuration file without affecting the running service.
Run the following command in your terminal:
sudo sshd -t- If there is an error: The command will output the exact line number and the nature of the error (e.g., “Unsupported option” or “Bad configuration option”).
- If there is no output: Your configuration syntax is correct, and the issue lies elsewhere (such as port conflicts or directory permissions).
2. Check the SSH Service Status
To see the systemd error messages associated with the failed startup, check the status of the SSH daemon:
sudo systemctl status sshLook at the last few lines of the output. It will often display the specific error message that caused the service to fail, such as a binding error if another service is already using the configured SSH port.
3. Inspect System Logs for Detailed Errors
If the status command does not provide enough detail, query the systemd journal logs specifically for the SSH service:
sudo journalctl -xeu sshScroll to the bottom of the log output to find the most recent startup attempt. This log provides a highly detailed account of what happened immediately before the service terminated.
4. Common SSH Configuration Errors to Fix
If you find errors during your investigation, open the configuration file to correct them:
sudo nano /etc/ssh/sshd_configLook out for these common issues: * Port Conflicts:
If you changed the default port (Port 22), ensure the new port is not
being used by another service and is allowed through your firewall
(sudo ufw allow <new_port>/tcp). *
Typographical Errors: Ensure directives are spelled
correctly (e.g., PermitRootLogin instead of
PermitRoot). * Missing Host Keys: If the
log complains about missing host keys, regenerate them using:
bash sudo ssh-keygen -A
5. Apply Changes and Restart SSH
Once you have identified and fixed the errors in the configuration file, save the file and run the syntax check once more:
sudo sshd -tIf the test runs clean with no output, restart the SSH service to apply the changes:
sudo systemctl restart sshVerify that the service is active and running:
sudo systemctl status ssh