SSH Configuration – Global Settings vs ‘Host *’

The SSH configuration documentation touches on this indirectly:

For each parameter, the first obtained value will be used. The configuration files contain sections separated by Host specifications, and that section is only applied for hosts that match one of the patterns given in the specification.

Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end.

So settings in the “top” level can’t be overridden, whereas settings in Host * will be overridden by any setting defined before that section (in the “top” level, or in a section matching the target host).

This answers “in which cases would each be preferred”: the “top” level should be used for settings which shouldn’t be overridden, and the Host * section, which should come last, should be used for default settings.