OpenSSH: How to end a match block

It seems there is no way to explicitly end Match blocks. From the sshd_config manual page:

If all of the criteria on the Match line are satisfied, the keywords on the following lines override those set in the global section of the config file, until either another Match line or the end of the file.

So Match blocks need to be at the end of the sshd_config file.

To end up a match block with openssh 6.5p1 or above, use the line: Match all

Here is a piece of code, taken from my /etc/ssh/sshd_config file:

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no

Match host 192.168.1.12
    PasswordAuthentication yes
Match all

X11Forwarding yes
X11DisplayOffset 10

A line with a sole Match won't work. (It didn't work for me, sshd refused to start)

OpenSSH: How to end a match block

Tags:

Openssh

Debian

Related

Recent Posts