dkg at fifthhorseman
Jun 9, 2009, 6:26 AM
Post #2 of 2
(1338 views)
Permalink
|
On 06/09/2009 07:08 AM, Martin Schimandl wrote:
> But unfortunately the documentation of the Match-Statement refers to the
> PATTERN section, which is non existent :-(
I think it refers to PATTERNS (not PATTERN), and it seems to refer to
ssh_config(5), not sshd_config(5). What version of openSSH are you
using? With OpenSSH 5.1p1 (from debian testing), it looks like the
section is available in the referenced man page:
>> 0 dkg [at] pi:~$ man sshd_config | grep -C2 criteria
>> hmac-ripemd160,hmac-sha1-96,hmac-md5-96
>>
>> Match Introduces a conditional block. If all of the criteria on the
>> Match line are satisfied, the keywords on the following lines
>> override those set in the global section of the config file,
>> until either another Match line or the end of the file.
>>
>> The arguments to Match are one or more criteria-pattern pairs.
>> The available criteria are User, Group, Host, and Address. The
>> match patterns may consist of single entries or comma-separated
>> lists and may use the wildcard and negation operators described
>> in the PATTERNS section of ssh_config(5).
>>
>> The patterns in an Address criteria may additionally contain
>> addresses to match in CIDR address/masklen format, e.g.
>> “192.0.2.0/24” or “3ffe:ffff::/32”. Note that the mask length
>> 0 dkg [at] pi:~$ man ssh_config | grep -A3 ^PATTERNS
>> PATTERNS
>> A pattern consists of zero or more non-whitespace characters, ‘*’ (a
>> wildcard that matches zero or more characters), or ‘?’ (a wildcard that
>> matches exactly one character). For example, to specify a set of decla‐
>> 0 dkg [at] pi:~$
Have you tried looking in ssh_config(5) instead of sshd_config(5) ?
hth,
--dkg
|
signature.asc
