1" Vim syntax file
2" Language:	OpenSSH server configuration file (sshd_config)
3" Author:	David Necas (Yeti)
4" Maintainer:	Dominik Fischer <d dot f dot fischer at web dot de>
5" Contributor:	Thilo Six
6" Contributor:  Leonard Ehrenfried <[email protected]>
7" Contributor:  Karsten Hopp <[email protected]>
8" Originally:	2009-07-09
9" Last Change:	2017 Oct 25
10" SSH Version:	7.6p1
11"
12
13" Setup
14" quit when a syntax file was already loaded
15if exists("b:current_syntax")
16  finish
17endif
18
19setlocal iskeyword=_,-,a-z,A-Z,48-57
20
21
22" case on
23syn case match
24
25
26" Comments
27syn match sshdconfigComment "^#.*$" contains=sshdconfigTodo
28syn match sshdconfigComment "\s#.*$" contains=sshdconfigTodo
29
30syn keyword sshdconfigTodo TODO FIXME NOTE contained
31
32" Constants
33syn keyword sshdconfigYesNo yes no none
34
35syn keyword sshdconfigAddressFamily any inet inet6
36
37syn keyword sshdconfigPrivilegeSeparation sandbox
38
39syn keyword sshdconfigTcpForwarding local remote
40
41syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
42
43syn keyword sshdconfigCiphers 3des-cbc
44syn keyword sshdconfigCiphers blowfish-cbc
45syn keyword sshdconfigCiphers cast128-cbc
46syn keyword sshdconfigCiphers arcfour
47syn keyword sshdconfigCiphers arcfour128
48syn keyword sshdconfigCiphers arcfour256
49syn keyword sshdconfigCiphers aes128-cbc
50syn keyword sshdconfigCiphers aes192-cbc
51syn keyword sshdconfigCiphers aes256-cbc
52syn match sshdconfigCiphers "\<rijndael-cbc@lysator\.liu.se\>"
53syn keyword sshdconfigCiphers aes128-ctr
54syn keyword sshdconfigCiphers aes192-ctr
55syn keyword sshdconfigCiphers aes256-ctr
56syn match sshdconfigCiphers "\<aes128-gcm@openssh\.com\>"
57syn match sshdconfigCiphers "\<aes256-gcm@openssh\.com\>"
58syn match sshdconfigCiphers "\<chacha20-poly1305@openssh\.com\>"
59
60syn keyword sshdconfigMAC hmac-sha1
61syn keyword sshdconfigMAC mac-sha1-96
62syn keyword sshdconfigMAC mac-sha2-256
63syn keyword sshdconfigMAC mac-sha2-512
64syn keyword sshdconfigMAC mac-md5
65syn keyword sshdconfigMAC mac-md5-96
66syn keyword sshdconfigMAC mac-ripemd160
67syn match   sshdconfigMAC "\<hmac-ripemd160@openssh\.com\>"
68syn match   sshdconfigMAC "\<umac-64@openssh\.com\>"
69syn match   sshdconfigMAC "\<umac-128@openssh\.com\>"
70syn match   sshdconfigMAC "\<hmac-sha1-etm@openssh\.com\>"
71syn match   sshdconfigMAC "\<hmac-sha1-96-etm@openssh\.com\>"
72syn match   sshdconfigMAC "\<hmac-sha2-256-etm@openssh\.com\>"
73syn match   sshdconfigMAC "\<hmac-sha2-512-etm@openssh\.com\>"
74syn match   sshdconfigMAC "\<hmac-md5-etm@openssh\.com\>"
75syn match   sshdconfigMAC "\<hmac-md5-96-etm@openssh\.com\>"
76syn match   sshdconfigMAC "\<hmac-ripemd160-etm@openssh\.com\>"
77syn match   sshdconfigMAC "\<umac-64-etm@openssh\.com\>"
78syn match   sshdconfigMAC "\<umac-128-etm@openssh\.com\>"
79
80syn keyword sshdconfigHostKeyAlgo ssh-ed25519
81syn match sshdconfigHostKeyAlgo "\<ssh-ed25519-cert-v01@openssh\.com\>"
82syn keyword sshdconfigHostKeyAlgo ssh-rsa
83syn keyword sshdconfigHostKeyAlgo ssh-dss
84syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp256
85syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp384
86syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp521
87syn match sshdconfigHostKeyAlgo "\<ssh-rsa-cert-v01@openssh\.com\>"
88syn match sshdconfigHostKeyAlgo "\<ssh-dss-cert-v01@openssh\.com\>"
89syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp256-cert-v01@openssh\.com\>"
90syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp384-cert-v01@openssh\.com\>"
91syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp521-cert-v01@openssh\.com\>"
92
93syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
94
95syn keyword sshdconfigLogLevel QUIET FATAL ERROR INFO VERBOSE
96syn keyword sshdconfigLogLevel DEBUG DEBUG1 DEBUG2 DEBUG3
97syn keyword sshdconfigSysLogFacility DAEMON USER AUTH AUTHPRIV LOCAL0 LOCAL1
98syn keyword sshdconfigSysLogFacility LOCAL2 LOCAL3 LOCAL4 LOCAL5 LOCAL6 LOCAL7
99
100syn keyword sshdconfigCompression    delayed
101
102syn match   sshdconfigIPQoS	"af1[123]"
103syn match   sshdconfigIPQoS	"af2[123]"
104syn match   sshdconfigIPQoS	"af3[123]"
105syn match   sshdconfigIPQoS	"af4[123]"
106syn match   sshdconfigIPQoS	"cs[0-7]"
107syn keyword sshdconfigIPQoS	ef lowdelay throughput reliability
108
109syn keyword sshdconfigKexAlgo diffie-hellman-group1-sha1
110syn keyword sshdconfigKexAlgo diffie-hellman-group14-sha1
111syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha1
112syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha256
113syn keyword sshdconfigKexAlgo ecdh-sha2-nistp256
114syn keyword sshdconfigKexAlgo ecdh-sha2-nistp384
115syn keyword sshdconfigKexAlgo ecdh-sha2-nistp521
116syn match sshdconfigKexAlgo "\<curve25519-sha256@libssh\.org\>"
117
118syn keyword sshdconfigTunnel	point-to-point ethernet
119
120syn keyword sshdconfigSubsystem internal-sftp
121
122syn match sshdconfigVar	    "%[hu]\>"
123syn match sshdconfigVar	    "%%"
124
125syn match sshdconfigSpecial "[*?]"
126
127syn match sshdconfigNumber "\d\+"
128syn match sshdconfigHostPort "\<\(\d\{1,3}\.\)\{3}\d\{1,3}\(:\d\+\)\?\>"
129syn match sshdconfigHostPort "\<\([-a-zA-Z0-9]\+\.\)\+[-a-zA-Z0-9]\{2,}\(:\d\+\)\?\>"
130" FIXME: this matches quite a few things which are NOT valid IPv6 addresses
131syn match sshdconfigHostPort "\<\(\x\{,4}:\)\+\x\{,4}:\d\+\>"
132syn match sshdconfigTime "\<\(\d\+[sSmMhHdDwW]\)\+\>"
133
134
135" case off
136syn case ignore
137
138
139" Keywords
140syn keyword sshdconfigMatch Host User Group Address
141
142syn keyword sshdconfigKeyword AcceptEnv
143syn keyword sshdconfigKeyword AddressFamily
144syn keyword sshdconfigKeyword AllowAgentForwarding
145syn keyword sshdconfigKeyword AllowGroups
146syn keyword sshdconfigKeyword AllowStreamLocalForwarding
147syn keyword sshdconfigKeyword AllowTcpForwarding
148syn keyword sshdconfigKeyword AllowUsers
149syn keyword sshdconfigKeyword AuthenticationMethods
150syn keyword sshdconfigKeyword AuthorizedKeysFile
151syn keyword sshdconfigKeyword AuthorizedKeysCommand
152syn keyword sshdconfigKeyword AuthorizedKeysCommandUser
153syn keyword sshdconfigKeyword AuthorizedPrincipalsFile
154syn keyword sshdconfigKeyword Banner
155syn keyword sshdconfigKeyword ChallengeResponseAuthentication
156syn keyword sshdconfigKeyword ChrootDirectory
157syn keyword sshdconfigKeyword Ciphers
158syn keyword sshdconfigKeyword ClientAliveCountMax
159syn keyword sshdconfigKeyword ClientAliveInterval
160syn keyword sshdconfigKeyword Compression
161syn keyword sshdconfigKeyword DebianBanner
162syn keyword sshdconfigKeyword DenyGroups
163syn keyword sshdconfigKeyword DenyUsers
164syn keyword sshdconfigKeyword DisableForwarding
165syn keyword sshdconfigKeyword ForceCommand
166syn keyword sshdconfigKeyword GSSAPIAuthentication
167syn keyword sshdconfigKeyword GSSAPICleanupCredentials
168syn keyword sshdconfigKeyword GSSAPIKeyExchange
169syn keyword sshdconfigKeyword GSSAPIStoreCredentialsOnRekey
170syn keyword sshdconfigKeyword GSSAPIStrictAcceptorCheck
171syn keyword sshdconfigKeyword GatewayPorts
172syn keyword sshdconfigKeyword HostCertificate
173syn keyword sshdconfigKeyword HostKey
174syn keyword sshdconfigKeyword HostKeyAgent
175syn keyword sshdconfigKeyword HostKeyAlgorithms
176syn keyword sshdconfigKeyword HostbasedAcceptedKeyTypes
177syn keyword sshdconfigKeyword HostbasedAuthentication
178syn keyword sshdconfigKeyword HostbasedUsesNameFromPacketOnly
179syn keyword sshdconfigKeyword IPQoS
180syn keyword sshdconfigKeyword IgnoreRhosts
181syn keyword sshdconfigKeyword IgnoreUserKnownHosts
182syn keyword sshdconfigKeyword KbdInteractiveAuthentication
183syn keyword sshdconfigKeyword KerberosAuthentication
184syn keyword sshdconfigKeyword KerberosGetAFSToken
185syn keyword sshdconfigKeyword KerberosOrLocalPasswd
186syn keyword sshdconfigKeyword KerberosTicketCleanup
187syn keyword sshdconfigKeyword KexAlgorithms
188syn keyword sshdconfigKeyword KeyRegenerationInterval
189syn keyword sshdconfigKeyword ListenAddress
190syn keyword sshdconfigKeyword LogLevel
191syn keyword sshdconfigKeyword LoginGraceTime
192syn keyword sshdconfigKeyword MACs
193syn keyword sshdconfigKeyword Match
194syn keyword sshdconfigKeyword MaxAuthTries
195syn keyword sshdconfigKeyword MaxSessions
196syn keyword sshdconfigKeyword MaxStartups
197syn keyword sshdconfigKeyword PasswordAuthentication
198syn keyword sshdconfigKeyword PermitBlacklistedKeys
199syn keyword sshdconfigKeyword PermitEmptyPasswords
200syn keyword sshdconfigKeyword PermitOpen
201syn keyword sshdconfigKeyword PermitRootLogin
202syn keyword sshdconfigKeyword PermitTTY
203syn keyword sshdconfigKeyword PermitTunnel
204syn keyword sshdconfigKeyword PermitUserEnvironment
205syn keyword sshdconfigKeyword PermitUserRC
206syn keyword sshdconfigKeyword PidFile
207syn keyword sshdconfigKeyword Port
208syn keyword sshdconfigKeyword PrintLastLog
209syn keyword sshdconfigKeyword PrintMotd
210syn keyword sshdconfigKeyword Protocol
211syn keyword sshdconfigKeyword PubkeyAcceptedKeyTypes
212syn keyword sshdconfigKeyword PubkeyAuthentication
213syn keyword sshdconfigKeyword RSAAuthentication
214syn keyword sshdconfigKeyword RekeyLimit
215syn keyword sshdconfigKeyword RevokedKeys
216syn keyword sshdconfigKeyword RhostsRSAAuthentication
217syn keyword sshdconfigKeyword ServerKeyBits
218syn keyword sshdconfigKeyword ShowPatchLevel
219syn keyword sshdconfigKeyword StrictModes
220syn keyword sshdconfigKeyword Subsystem
221syn keyword sshdconfigKeyword SyslogFacility
222syn keyword sshdconfigKeyword TCPKeepAlive
223syn keyword sshdconfigKeyword TrustedUserCAKeys
224syn keyword sshdconfigKeyword UseDNS
225syn keyword sshdconfigKeyword UseLogin
226syn keyword sshdconfigKeyword UsePAM
227syn keyword sshdconfigKeyword VersionAddendum
228syn keyword sshdconfigKeyword X11DisplayOffset
229syn keyword sshdconfigKeyword X11Forwarding
230syn keyword sshdconfigKeyword X11UseLocalhost
231syn keyword sshdconfigKeyword XAuthLocation
232
233
234" Define the default highlighting
235
236hi def link sshdconfigComment              Comment
237hi def link sshdconfigTodo                 Todo
238hi def link sshdconfigHostPort             sshdconfigConstant
239hi def link sshdconfigTime                 sshdconfigConstant
240hi def link sshdconfigNumber               sshdconfigConstant
241hi def link sshdconfigConstant             Constant
242hi def link sshdconfigYesNo                sshdconfigEnum
243hi def link sshdconfigAddressFamily        sshdconfigEnum
244hi def link sshdconfigPrivilegeSeparation  sshdconfigEnum
245hi def link sshdconfigTcpForwarding        sshdconfigEnum
246hi def link sshdconfigRootLogin            sshdconfigEnum
247hi def link sshdconfigCiphers              sshdconfigEnum
248hi def link sshdconfigMAC                  sshdconfigEnum
249hi def link sshdconfigHostKeyAlgo          sshdconfigEnum
250hi def link sshdconfigRootLogin            sshdconfigEnum
251hi def link sshdconfigLogLevel             sshdconfigEnum
252hi def link sshdconfigSysLogFacility       sshdconfigEnum
253hi def link sshdconfigVar                  sshdconfigEnum
254hi def link sshdconfigCompression          sshdconfigEnum
255hi def link sshdconfigIPQoS                sshdconfigEnum
256hi def link sshdconfigKexAlgo              sshdconfigEnum
257hi def link sshdconfigTunnel               sshdconfigEnum
258hi def link sshdconfigSubsystem            sshdconfigEnum
259hi def link sshdconfigEnum                 Function
260hi def link sshdconfigSpecial              Special
261hi def link sshdconfigKeyword              Keyword
262hi def link sshdconfigMatch                Type
263
264let b:current_syntax = "sshdconfig"
265
266" vim:set ts=8 sw=2 sts=2:
267