command-line: line 0: Bad configuration option: PermitLocalCommand

The SSH issue [command-line: line 0]

Hi Eman,

The scp command is not work on server, can you please help us to fix that?

Here is the error message:

[root@server directory]# scp user@serverdomain:/directory/file .
command-line: line 0: Bad configuration option: PermitLocalCommand

Thanks.

-------------------------------------------------------------------------------------------
Hi Buddy,

I fixed this issue, the steps are as follows:

After I checked all the profiles and binary files of SSH, I found the issue is not about the profiles, is the binary files /usr/bin/ssh and /usr/sbin/sshd.

Maybe someone changed them, and gave them some special rights, such as can't be removed and deleted.
So I got rid of all the special rights of them, reinstalled all the SSH programs. Then it was OK.

After that, I checked some logs, tried to find some information if we were hacked by someone.

But I'm sorry I couldn't find any useful information. Now I think we'd better to change all the passwords of existing users, especially the users who can login this server.

[root@server ssh]# lsattr /usr/bin/ssh
-u--ia------- /usr/bin/ssh
[root@server ssh]# lsattr /usr/sbin/sshd
-u--ia------- /usr/sbin/sshd

[root@server ssh]# chattr -uia /usr/bin/ssh
[root@server ssh]# chattr -uia /usr/sbin/sshd

[root@server ssh]# lsattr /usr/bin/ssh
------------- /usr/bin/ssh
[root@server ssh]# lsattr /usr/sbin/sshd
------------- /usr/sbin/sshd

yum install openssh-server
yum install openssh-clients
yum install openssh

[root@server ssh]# rpm -qa | grep ssh
openssh-server-4.3p2-72.el5_6.3
openssh-clients-4.3p2-72.el5_6.3
openssh-4.3p2-72.el5_6.3

some reason for this:

http://www./content/350/solution-to-error-command-line-line-0-bad-configuration-option-permitlocalcommand

Sorry for the slightly geeky title but that’s the error I started receiving recently on two of our Ubuntu Linux servers whenever we tried to rcp, scp or sftp from the server to any other remote system.

A command such as this: sftp username@aserver.com would produce the error:

command-line: line 0: Bad configuration option: PermitLocalCommand
Couldn’t read packet: Connection reset by peer

Honestly, nothing on the server had changed, no installs, no upgrades, no configuration changes. The rcp command was used within a cron batch file that handled site backups. One week it was working, then it just failed… I know, you don’t believe me!

Anyway, after some time spent in Google, the problem seemed to be that our /usr/bin/ssh was incompatible with the sftp and scp commands.

Each time a command like ‘sftp’ is called, it automatically adds a hidden parameter ‘PermitLocalCommand=no’ and then calls ssh (usually /usr/bin/ssh). In our case, our /usr/bin/ssh command had no idea what ‘PermitLocalCommand’ meant and simply rejected it.

If you are having the same problem, try something like this directly to your ssh command:

ssh username@aserver.com -oPermitLocalCommand=no

If ssh returns an error, then you probably have the same issue as we had.

The fix

In our case, the fix was really simple. We just removed and re-installed the open-ssh client code as follows:

sudo apt-get remove openssh-client
sudo apt-get install openssh-client

Then, all returned to normal.