sshd_config ignores MaxSessions?

[Scott]

Hello,

$ grep 'MaxSessions' /etc/ssh/sshd_config
MaxSessions 2

But I can log into a box with at least 5 sessions (I stopped trying at
that point).

Just above the entry for MaxSessions in the sshd_config manpage, I see:

"
     Match   Introduces a conditional block.  If all of the criteria on the
             Match line are satisfied, the keywords on the following lines
             override those set in the global section of the config file,
             until either another Match line or the end of the file.

             The arguments to Match are one or more criteria-pattern pairs.
             The available criteria are User, Group, Host, and Address.  The
             match patterns may consist of single entries or comma-separated
             lists and may use the wildcard and negation operators described
             in the PATTERNS section of ssh_config(5).

             The patterns in an Address criteria may additionally contain
             addresses to match in CIDR address/masklen format, e.g.
             ``192.0.2.0/24'' or ``3ffe:ffff::/32''.  Note that the mask
             length provided must be consistent with the address - it is an
             error to specify a mask length that is too long for the address
             or one with bits set in this host portion of the address.  For
             example, ``192.0.2.0/33'' and ``192.0.2.0/8'' respectively.

             Only a subset of keywords may be used on the lines following a
             Match keyword.  Available keywords are AllowAgentForwarding,
             AllowTcpForwarding, AuthorizedKeysFile, AuthorizedPrincipalsFile,
             Banner, ChrootDirectory, ForceCommand, GatewayPorts,
             GSSAPIAuthentication, HostbasedAuthentication,
             HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
             KerberosAuthentication, MaxAuthTries, MaxSessions,
             PasswordAuthentication, PermitEmptyPasswords, PermitOpen,
             PermitRootLogin, PermitTunnel, PubkeyAuthentication,
             RhostsRSAAuthentication, RSAAuthentication, X11DisplayOffset,
             X11Forwarding and X11UseLocalHost.
"

My question:
Is 'Match' used as a further refinement to any of the rules listed in
the keywords section (see last paragraph above), or is it required in
order to use one of those keywords? If the former is true, then I
don't understand why my setting doesn't seem to work. If it's the
latter, then I know I've omitted something.

Googling for 'MaxSessions' just yielded me a bunch of results that
looked like mine, as a single line entry without a Match construct.

Thank you!
-Scott