I'm trying to apply the same sshd
settings to multiple users.
According to the manual, it seems Match User
acts like an AND
:
Introduces a conditional block. If all of the criteria on the
Match
line are satisfied, the keywords on the following lines override those set in the global section of the config file
How do I state "for any of these users…", so in this example bob
, joe
, and phil
are allowed to use SSH as a proxy, but not allowed to log in:
Match User bob, User joe, User phil
PasswordAuthentication yes
AllowTCPForwarding yes
ForceCommand /bin/echo 'We talked about this guys. No SSH for you!'
Best Answer
Not having done this myself, I can only go on what the manuals say:
From the
sshd_config
manual:This means that you ought to be able to say
See also this answer on the Information Security forum: https://security.stackexchange.com/a/18038