Hello. >Even if delayed compression is only activated after authentication, >the the fact that delayed compression will be used has already been >negotiated before authentication and can't be changed retroactively. Couldn't the server simply abort a connection in the case that it sees that the negotiated compression algorithm doesn't fit, once the user is determined? Bailing out with some error message, before the client could have done anything. This is perhaps not the cleanest way, but in practise it should do quite well, and the same could possibly be done to allow many others of directives to be used inside Match, for which this is currently impossible. One could for example restrict certain authentication methods (or their options) to certain users/groups. Regards, Philippe _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
