sshd：从外部 LAN 禁用密码身份验证时出现问题

我有一台带有 2 个网卡的 CentOS 7 服务器，一个位于 LAN 内，具有专用 IP 192.168.1.1 (lan0)，另一个具有公共互联网 IP (ppp0)

对于源自 LAN 内部的连接，我希望密码或公钥身份验证可用。

对于来自互联网的连接，我只需要公钥。我在 /etc/ssh/sshd_config 中这样做了

PasswordAuthentication No

最后几行是：

Match address 192.168.1.0/24
    PasswordAuthentication yes

因此，为了进行测试，我登录到另一台我拥有的计算机（即互联网上的 VPS）并尝试通过 ssh 登录。正如预期的那样，我得到了以下结果：

Permission denied (publickey).

但我不明白的是为什么我的 /var/log/secure 充满了这样的暴力尝试：（IP 已更改）

Apr 22 09:57:36 linuxhost1 sshd[15149]: input_userauth_request: invalid user webmaster [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15149]: Received disconnect from a.b.c.d: 11: Bye Bye [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15151]: Invalid user webmaster from a.b.c.d
Apr 22 09:57:36 linuxhost1 sshd[15151]: input_userauth_request: invalid user webmaster [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15151]: Received disconnect from a.b.c.d: 11: Bye Bye [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15153]: Invalid user webpop from a.b.c.d
Apr 22 09:57:36 linuxhost1 sshd[15153]: input_userauth_request: invalid user webpop [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15153]: Received disconnect from a.b.c.d: 11: Bye Bye [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15155]: Invalid user web from a.b.c.d
Apr 22 09:57:36 linuxhost1 sshd[15155]: input_userauth_request: invalid user web [preauth]
Apr 22 09:57:36 linuxhost1 sshd[15155]: Received disconnect from a.b.c.d: 11: Bye Bye [preauth]
Apr 22 09:57:37 linuxhost1 sshd[15157]: Invalid user william from a.b.c.d
Apr 22 09:57:37 linuxhost1 sshd[15157]: input_userauth_request: invalid user william [preauth]
Apr 22 09:57:37 linuxhost1 sshd[15157]: Received disconnect from a.b.c.d: 11: Bye Bye [preauth]
Apr 22 09:57:37 linuxhost1 sshd[15159]: Invalid user windowserver from a.b.c.d
Apr 22 09:57:37 linuxhost1 sshd[15159]: input_userauth_request: invalid user windowserver [preauth]
Apr 22 09:57:37 linuxhost1 sshd[15159]: Received disconnect from a.b.c.d: 11: Bye Bye [preauth]

这些暴力攻击者是如何被允许输入 a 的username？