Márk Csaba wrote: > Match Group admin > AllowTCPForwarding yes > X11Forwarding yes > ForceCommand bash > Is there a way to achieve the requirements above? Remove the admin ForceCommand. > Is there a way to create rules according to connection type? In theory there's a way, but it's unreliable and unsecured. It heuristics on plain text sent before any crypto is used. Such rules could be tricked with a telnet client. //Peter _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev