For some reason, restrictions are no longer being applied for SSH. I can login as any users and choose any authentication method. I have created a test user and test user is not in the allow list but can still login login as any users and with any authentication method.

Rules were enforced before but now have stopped. It's happening on an AlmaLinux 8 system.

Here's what is in place:

PermitRootLogin no
PubkeyAuthentication no
PasswordAuthentication no

Match User nagios
    PasswordAuthentication no
    PubkeyAuthentication yes

Match User meta
    PasswordAuthentication yes
    PubkeyAuthentication yes

Match User yubi Address 10.10.0.201/32
    PasswordAuthentication no
    PubkeyAuthentication yes
    AllowUsers yubi

Match Address 10.10.0.0/24
        AllowUsers meta

Match Address 22.22.22.22
        AllowUsers nagios

Problem is occurring on AlmaLinux 9 also. It seems user override no longer works.

## Custom SSH rules
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication no

#Match Address 192.168.68.0/22
#    AllowUsers autoit repository-admin

Match User autoit
    PasswordAuthentication yes
    PubkeyAuthentication no

Match User repository-admin
    PasswordAuthentication no
    PubkeyAuthentication yes

The main sshd_config is set to the default as below:

Include /etc/ssh/sshd_config.d/*.conf
Port 22
AuthorizedKeysFile      .ssh/authorized_keys
Subsystem       sftp    /usr/libexec/openssh/sftp-server

If I remove the user from the config file, they are unable to login. Once enabled, the user is able to access with all authentication method despite only granting them PubkeyAuthentication or PasswordAuthentication.