I was trying to view Windows OpenSSH Active Settings, while working on the configuration of OpenSSH on Windows.<\/p>\n\n\n\n
I found references to using the -T parameter to see what configuration settings were active, but it was giving an error. <\/p>\n\n\n\n
PS C:\\windows\\system32> C:\\windows\\System32\\OpenSSH\\sshd.exe -T\n'Match Group' in configuration but 'user' not in connection test specification.<\/pre>\n\n\n\nWhich did not make any sense, but I did some searching and found a suggestion of using another parameter with it<\/p>\n\n\n\n
PS C:\\windows\\system32> C:\\windows\\System32\\OpenSSH\\sshd.exe -T -C user=thowden<\/pre>\n\n\n\nWhich gave me the result I wanted with all or at least a lot of parameter settings displayed based on either the sshd_config settings or any defaults not already set. <\/p>\n\n\n\n
Of interest was that this function of -T not working is also addressed by the same issue that messes with the access control permissions. See Windows OpenSSH Allow Deny Settings<\/a> for related info. <\/p>\n\n\n\n
This setting is there by default with OpenSSH on Windows. It is the cause of this grief. Comment the lines out:<\/p>\n\n\n\n
#Match Group administrators\n# AuthorizedKeysFile __PROGRAMDATA__\/ssh\/administrators_authorized_keys<\/pre>\n\n\n\nRestart OpenSSH and this command<\/p>\n\n\n\n
PS C:\\windows\\system32> C:\\windows\\System32\\OpenSSH\\sshd.exe -T<\/pre>\n\n\n\nWill now work as expected without needing to add the -C etc…<\/p>\n\n\n\n
An update, only minutes later. It appears that the ‘Match’ setting is the issue, and not specifically the Match Group Administrators. Adding a different Match instruction to sshd_config triggered the same error:<\/p>\n\n\n\n
PS C:\\windows\\system32> C:\\windows\\System32\\OpenSSH\\sshd.exe -T\n'Match User' in configuration but 'user' not in connection test specification.<\/pre>\n\n\n\nThe Win32-OpenSSH at GitHub is the source of many questions and some answers with sorting out an installation of OpenSSH on Windows. <\/p>\n\n\n\n