"Match User" rule in sshd_config does not match domain users

Solution Verified - Updated -


  • OpenSSH is currently configured to deny password authentication. PasswordAuthentication no
  • Need to allow domain user (Active Directory (AD) or Identity Management (IdM)) bob@example.com to login to SSH with password
  • Match User block has been appended to sshd_config

    Match User bob@example.com
      PasswordAuthentication yes
  • User is not able to login with password occasionally.


  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • OpenSSH

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In