bugzilla-daemon at bugzilla.mindrot.org
2009-Apr-06 06:15 UTC
[Bug 1587] New: [man] sshd_config(5) provide examples of keyword 'Match'
https://bugzilla.mindrot.org/show_bug.cgi?id=1587 Summary: [man] sshd_config(5) provide examples of keyword 'Match' Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Other Status: NEW Severity: enhancement Priority: P2 Component: Documentation AssignedTo: unassigned-bugs at mindrot.org ReportedBy: jari.aalto at cante.net The manual page reads: Match Introduces a conditional block. If all of the criteria on the Match line are satisfied, the keywords on the following lines override those set in the global section of the config file, until either another Match line or the end of the file. ... This looks like a useful feature, but from the description is hard to understand how it is used. Please provide 2-3 examples how to use this keyword in the manual page. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Apr-06 09:07 UTC
[Bug 1587] [man] sshd_config(5) provide examples of keyword 'Match'
https://bugzilla.mindrot.org/show_bug.cgi?id=1587 --- Comment #1 from Jari Aalto <jari.aalto at cante.net> 2009-04-06 19:07:28 --- Darren Tucker has posted informative message about the use of "Match" keyword. Please include his examples to the manual page. http://archive.netbsd.se/?ml=openssh-unix-dev&a=2006-03&t=1883229 # allow anyone to authenticate normally from the local net Match Address 192.168.0.0/24 RequiredAuthentications default # allow admins from the dmz with pubkey and password Match Group admins Address 1.2.3.0/24 RequiredAuthentications publickey,password # deny untrusted and local users from any other net Match Group untrusted,lusers RequiredAuthentications deny # anyone else gets normal behaviour Match all RequiredAuthentications default There's also some potential for other things too: Match User anoncvs PermitTcpForwarding no Match Group nosftp Subsystem sftp /bin/false -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jan-15 00:35 UTC
[Bug 1587] [man] sshd_config(5) provide examples of keyword 'Match'
https://bugzilla.mindrot.org/show_bug.cgi?id=1587 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #2 from Darren Tucker <dtucker at zip.com.au> 2010-01-15 11:35:23 EST --- There's an example in the sample sshd_config file: # Example of overriding settings on a per-user basis #Match User anoncvs #>......X11Forwarding no #>......AllowTcpForwarding no #>......ForceCommand cvs server (Most of the samples you quoted do not exist in the current code.) -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Possibly Parallel Threads
- sshd config parser
- [Bug 1846] New: wishlist: [PATCH] sshd_config - reformat for easier reading
- Bug#322036: logcheck: [manual] typo in SYNOPSIS (TIOS => OPTIONS)
- Bug#301175: logcheck-databas: SSH rules for debug level
- Bug#269315: logcheck: /etc/logcheck/ignore.d.server (add bind9 messages)