[Bug 1587] [man] sshd_config(5) provide examples of keyword 'Match'

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Apr 6 19:07:29 EST 2009


https://bugzilla.mindrot.org/show_bug.cgi?id=1587





--- Comment #1 from Jari Aalto <jari.aalto at cante.net>  2009-04-06 19:07:28 ---
Darren Tucker has posted informative message about the
use of "Match" keyword. Please include his examples to the
manual page.

http://archive.netbsd.se/?ml=openssh-unix-dev&a=2006-03&t=1883229

# allow anyone to authenticate normally from the local net
Match Address 192.168.0.0/24
    RequiredAuthentications default

# allow admins from the dmz with pubkey and password
Match Group admins Address 1.2.3.0/24
    RequiredAuthentications publickey,password

# deny untrusted and local users from any other net
Match Group untrusted,lusers
    RequiredAuthentications deny

# anyone else gets normal behaviour
Match all
    RequiredAuthentications default

There's also some potential for other things too:

Match User anoncvs
    PermitTcpForwarding no

Match Group nosftp
    Subsystem sftp /bin/false

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list