Solution to error “command-line: line 0: Bad configuration option: PermitLocalCommand”
Sorry for the slightly geeky title but that’s the error I started receiving recently on two of our Ubuntu Linux servers whenever we tried to rcp, scp or sftp from the server to any other remote system.
A command such as this: sftp username@aserver.com would produce the error:
command-line: line 0: Bad configuration option: PermitLocalCommand
Couldn’t read packet: Connection reset by peer
Honestly, nothing on the server had changed, no installs, no upgrades, no configuration changes. The rcp command was used within a cron batch file that handled site backups. One week it was working, then it just failed… I know, you don’t believe me!
Anyway, after some time spent in Google, the problem seemed to be that our /usr/bin/ssh was incompatible with the sftp and scp commands.
Each time a command like ‘sftp’ is called, it automatically adds a hidden parameter ‘PermitLocalCommand=no’ and then calls ssh (usually /usr/bin/ssh). In our case, our /usr/bin/ssh command had no idea what ‘PermitLocalCommand’ meant and simply rejected it.
If you are having the same problem, try something like this directly to your ssh command:
ssh username@aserver.com -oPermitLocalCommand=no
If ssh returns an error, then you probably have the same issue as we had.
The fix
In our case, the fix was really simple. We just removed and re-installed the open-ssh client code as follows:
sudo apt-get remove openssh-client
sudo apt-get install openssh-client
Then, all returned to normal.
Thanks a lot for this article! It helped me a lot when I have got this error today. Sometimes errors can be so weird and solutions so simple…
Comment by Manfred — September 17, 2009 @ 8:10 am
Another possibility is your SSH has been compromised.
http://masterdev.dyndns.dk/drslog/2009/10/ssh-pwnage-going-on.html
Comment by Anna Simmons — October 15, 2009 @ 4:47 am
Thanks for this tip! I just had the same thing happen on one of my servers.
Comment by David Bruce — August 16, 2010 @ 12:18 pm
This worked perfect for my issue. I encountered this when trying to copy files through scp.
Comment by Drakon — November 1, 2010 @ 10:52 pm
Thank you so much!
Just for my case. With a little remark:
> sudo apt-get remove openssh-client
> sudo apt-get install openssh-client
it’s ok, but i had to add ssh package:
> sudo apt-get install ssh
Comment by cucaracha — November 15, 2010 @ 2:18 pm
perfect worked a treat.. dont suppose you happen to know why this is required? why would this suddenly happen??
Cheers
Comment by simon — February 4, 2011 @ 4:38 pm
CAUTION:
Make sure you know what you’re doing when removing OpenSSH on a remove server. You may lose access to your server completely. Watch carefully for warnings such as:
The following packages will be REMOVED:
openssh-client openssh-server
And hit no if SSH access is the only way to access your server.
Comment by Joris Witteman — March 23, 2011 @ 10:11 am
If you are using Centos, RedHat
yum update openssh
Regards.
Comment by Jaime Covarrubias — April 20, 2011 @ 1:27 pm
[...] line 0: Bad configuration option: PermitLocalCommand lost connection I googled around and learned that this can be due to an incompatibility between scp and ssh and the solution is to [...]
Pingback by CentOS 5 -- ssh compromised? can't yum update... — July 1, 2011 @ 10:32 pm