How to Safely Restart SSH on Ubuntu

Modifying your SSH configuration on Ubuntu Linux can lock you out of your server if there are syntax errors or incorrect settings. This article provides a quick, step-by-step guide on how to safely test your SSH configuration file for errors, apply the changes using the system controller, and verify your connection without losing access to your remote server.

Step 1: Test the SSH Configuration for Errors

Before applying any changes, always validate the syntax of your configuration file (/etc/ssh/sshd_config). Running a test ensures that a typo won’t prevent the SSH service from starting up.

Run the following command to test the configuration:

sudo sshd -t

If the command returns no output, your configuration is valid. If there are errors, it will output the specific line numbers and problems that need to be corrected before proceeding.

Step 2: Reload the SSH Daemon

Instead of restarting the SSH service, it is safer to “reload” it. Reloading applies the changes by reading the new configuration file without terminating active SSH connections.

To reload the SSH daemon on Ubuntu, run:

sudo systemctl reload ssh

If you must perform a full restart, use the following command instead:

sudo systemctl restart ssh

Step 3: Verify the Changes

After reloading or restarting the daemon, do not close your current terminal window. Keeping your active session open ensures you have a way to revert changes if something goes wrong.

Open a new, separate terminal window and attempt to log in to your server:

ssh username@your_server_ip

If you can log in successfully, your changes are safely applied. If the connection fails, use your still-open original session to fix the errors in /etc/ssh/sshd_config and reload the service again.