1" Vim syntax file
2" Language:	OpenSSH server configuration file (sshd_config)
3" Author:	David Necas (Yeti)
4" Maintainer:	Dominik Fischer <d dot f dot fischer at web dot de>
5" Contributor:	Thilo Six
6" Contributor:  Leonard Ehrenfried <[email protected]>
7" Contributor:  Karsten Hopp <[email protected]>
8" Originally:	2009-07-09
9" Last Change:	2016 Mar 1
10" SSH Version:	7.2
11"
12
13" Setup
14" quit when a syntax file was already loaded
15if exists("b:current_syntax")
16  finish
17endif
18
19setlocal iskeyword=_,-,a-z,A-Z,48-57
20
21
22" case on
23syn case match
24
25
26" Comments
27syn match sshdconfigComment "^#.*$" contains=sshdconfigTodo
28syn match sshdconfigComment "\s#.*$" contains=sshdconfigTodo
29
30syn keyword sshdconfigTodo TODO FIXME NOTE contained
31
32" Constants
33syn keyword sshdconfigYesNo yes no none
34
35syn keyword sshdconfigAddressFamily any inet inet6
36
37syn keyword sshdconfigPrivilegeSeparation sandbox
38
39syn keyword sshdconfigTcpForwarding local remote
40
41syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
42
43syn keyword sshdconfigCiphers 3des-cbc
44syn keyword sshdconfigCiphers blowfish-cbc
45syn keyword sshdconfigCiphers cast128-cbc
46syn keyword sshdconfigCiphers arcfour
47syn keyword sshdconfigCiphers arcfour128
48syn keyword sshdconfigCiphers arcfour256
49syn keyword sshdconfigCiphers aes128-cbc
50syn keyword sshdconfigCiphers aes192-cbc
51syn keyword sshdconfigCiphers aes256-cbc
52syn match sshdconfigCiphers "\<rijndael-cbc@lysator\.liu.se\>"
53syn keyword sshdconfigCiphers aes128-ctr
54syn keyword sshdconfigCiphers aes192-ctr
55syn keyword sshdconfigCiphers aes256-ctr
56syn match sshdconfigCiphers "\<aes128-gcm@openssh\.com\>"
57syn match sshdconfigCiphers "\<aes256-gcm@openssh\.com\>"
58syn match sshdconfigCiphers "\<chacha20-poly1305@openssh\.com\>"
59
60syn keyword sshdconfigMAC hmac-sha1
61syn keyword sshdconfigMAC mac-sha1-96
62syn keyword sshdconfigMAC mac-sha2-256
63syn keyword sshdconfigMAC mac-sha2-512
64syn keyword sshdconfigMAC mac-md5
65syn keyword sshdconfigMAC mac-md5-96
66syn keyword sshdconfigMAC mac-ripemd160
67syn match   sshdconfigMAC "\<hmac-ripemd160@openssh\.com\>"
68syn match   sshdconfigMAC "\<umac-64@openssh\.com\>"
69syn match   sshdconfigMAC "\<umac-128@openssh\.com\>"
70syn match   sshdconfigMAC "\<hmac-sha1-etm@openssh\.com\>"
71syn match   sshdconfigMAC "\<hmac-sha1-96-etm@openssh\.com\>"
72syn match   sshdconfigMAC "\<hmac-sha2-256-etm@openssh\.com\>"
73syn match   sshdconfigMAC "\<hmac-sha2-512-etm@openssh\.com\>"
74syn match   sshdconfigMAC "\<hmac-md5-etm@openssh\.com\>"
75syn match   sshdconfigMAC "\<hmac-md5-96-etm@openssh\.com\>"
76syn match   sshdconfigMAC "\<hmac-ripemd160-etm@openssh\.com\>"
77syn match   sshdconfigMAC "\<umac-64-etm@openssh\.com\>"
78syn match   sshdconfigMAC "\<umac-128-etm@openssh\.com\>"
79
80syn keyword sshdconfigHostKeyAlgo ssh-ed25519
81syn match sshdconfigHostKeyAlgo "\<ssh-ed25519-cert-v01@openssh\.com\>"
82syn keyword sshdconfigHostKeyAlgo ssh-rsa
83syn keyword sshdconfigHostKeyAlgo ssh-dss
84syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp256
85syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp384
86syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp521
87syn match sshdconfigHostKeyAlgo "\<ssh-rsa-cert-v01@openssh\.com\>"
88syn match sshdconfigHostKeyAlgo "\<ssh-dss-cert-v01@openssh\.com\>"
89syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp256-cert-v01@openssh\.com\>"
90syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp384-cert-v01@openssh\.com\>"
91syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp521-cert-v01@openssh\.com\>"
92
93syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
94
95syn keyword sshdconfigLogLevel QUIET FATAL ERROR INFO VERBOSE
96syn keyword sshdconfigLogLevel DEBUG DEBUG1 DEBUG2 DEBUG3
97syn keyword sshdconfigSysLogFacility DAEMON USER AUTH AUTHPRIV LOCAL0 LOCAL1
98syn keyword sshdconfigSysLogFacility LOCAL2 LOCAL3 LOCAL4 LOCAL5 LOCAL6 LOCAL7
99
100syn keyword sshdconfigCompression    delayed
101
102syn match   sshdconfigIPQoS	"af1[123]"
103syn match   sshdconfigIPQoS	"af2[123]"
104syn match   sshdconfigIPQoS	"af3[123]"
105syn match   sshdconfigIPQoS	"af4[123]"
106syn match   sshdconfigIPQoS	"cs[0-7]"
107syn keyword sshdconfigIPQoS	ef lowdelay throughput reliability
108
109syn keyword sshdconfigKexAlgo diffie-hellman-group1-sha1
110syn keyword sshdconfigKexAlgo diffie-hellman-group14-sha1
111syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha1
112syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha256
113syn keyword sshdconfigKexAlgo ecdh-sha2-nistp256
114syn keyword sshdconfigKexAlgo ecdh-sha2-nistp384
115syn keyword sshdconfigKexAlgo ecdh-sha2-nistp521
116syn match sshdconfigKexAlgo "\<curve25519-sha256@libssh\.org\>"
117
118syn keyword sshdconfigTunnel	point-to-point ethernet
119
120syn keyword sshdconfigSubsystem internal-sftp
121
122syn match sshdconfigVar	    "%[hu]\>"
123syn match sshdconfigVar	    "%%"
124
125syn match sshdconfigSpecial "[*?]"
126
127syn match sshdconfigNumber "\d\+"
128syn match sshdconfigHostPort "\<\(\d\{1,3}\.\)\{3}\d\{1,3}\(:\d\+\)\?\>"
129syn match sshdconfigHostPort "\<\([-a-zA-Z0-9]\+\.\)\+[-a-zA-Z0-9]\{2,}\(:\d\+\)\?\>"
130" FIXME: this matches quite a few things which are NOT valid IPv6 addresses
131syn match sshdconfigHostPort "\<\(\x\{,4}:\)\+\x\{,4}:\d\+\>"
132syn match sshdconfigTime "\<\(\d\+[sSmMhHdDwW]\)\+\>"
133
134
135" case off
136syn case ignore
137
138
139" Keywords
140syn keyword sshdconfigMatch Host User Group Address
141
142syn keyword sshdconfigKeyword AcceptEnv
143syn keyword sshdconfigKeyword AddressFamily
144syn keyword sshdconfigKeyword AllowAgentForwarding
145syn keyword sshdconfigKeyword AllowGroups
146syn keyword sshdconfigKeyword AllowStreamLocalForwarding
147syn keyword sshdconfigKeyword AllowTcpForwarding
148syn keyword sshdconfigKeyword AllowUsers
149syn keyword sshdconfigKeyword AuthenticationMethods
150syn keyword sshdconfigKeyword AuthorizedKeysFile
151syn keyword sshdconfigKeyword AuthorizedKeysCommand
152syn keyword sshdconfigKeyword AuthorizedKeysCommandUser
153syn keyword sshdconfigKeyword AuthorizedPrincipalsFile
154syn keyword sshdconfigKeyword Banner
155syn keyword sshdconfigKeyword ChallengeResponseAuthentication
156syn keyword sshdconfigKeyword ChrootDirectory
157syn keyword sshdconfigKeyword Ciphers
158syn keyword sshdconfigKeyword ClientAliveCountMax
159syn keyword sshdconfigKeyword ClientAliveInterval
160syn keyword sshdconfigKeyword Compression
161syn keyword sshdconfigKeyword DebianBanner
162syn keyword sshdconfigKeyword DenyGroups
163syn keyword sshdconfigKeyword DenyUsers
164syn keyword sshdconfigKeyword ForceCommand
165syn keyword sshdconfigKeyword GSSAPIAuthentication
166syn keyword sshdconfigKeyword GSSAPICleanupCredentials
167syn keyword sshdconfigKeyword GSSAPIKeyExchange
168syn keyword sshdconfigKeyword GSSAPIStoreCredentialsOnRekey
169syn keyword sshdconfigKeyword GSSAPIStrictAcceptorCheck
170syn keyword sshdconfigKeyword GatewayPorts
171syn keyword sshdconfigKeyword HostCertificate
172syn keyword sshdconfigKeyword HostKey
173syn keyword sshdconfigKeyword HostKeyAgent
174syn keyword sshdconfigKeyword HostKeyAlgorithms
175syn keyword sshdconfigKeyword HostbasedAcceptedKeyTypes
176syn keyword sshdconfigKeyword HostbasedAuthentication
177syn keyword sshdconfigKeyword HostbasedUsesNameFromPacketOnly
178syn keyword sshdconfigKeyword IPQoS
179syn keyword sshdconfigKeyword IgnoreRhosts
180syn keyword sshdconfigKeyword IgnoreUserKnownHosts
181syn keyword sshdconfigKeyword KbdInteractiveAuthentication
182syn keyword sshdconfigKeyword KerberosAuthentication
183syn keyword sshdconfigKeyword KerberosGetAFSToken
184syn keyword sshdconfigKeyword KerberosOrLocalPasswd
185syn keyword sshdconfigKeyword KerberosTicketCleanup
186syn keyword sshdconfigKeyword KexAlgorithms
187syn keyword sshdconfigKeyword KeyRegenerationInterval
188syn keyword sshdconfigKeyword ListenAddress
189syn keyword sshdconfigKeyword LogLevel
190syn keyword sshdconfigKeyword LoginGraceTime
191syn keyword sshdconfigKeyword MACs
192syn keyword sshdconfigKeyword Match
193syn keyword sshdconfigKeyword MaxAuthTries
194syn keyword sshdconfigKeyword MaxSessions
195syn keyword sshdconfigKeyword MaxStartups
196syn keyword sshdconfigKeyword PasswordAuthentication
197syn keyword sshdconfigKeyword PermitBlacklistedKeys
198syn keyword sshdconfigKeyword PermitEmptyPasswords
199syn keyword sshdconfigKeyword PermitOpen
200syn keyword sshdconfigKeyword PermitRootLogin
201syn keyword sshdconfigKeyword PermitTTY
202syn keyword sshdconfigKeyword PermitTunnel
203syn keyword sshdconfigKeyword PermitUserEnvironment
204syn keyword sshdconfigKeyword PermitUserRC
205syn keyword sshdconfigKeyword PidFile
206syn keyword sshdconfigKeyword Port
207syn keyword sshdconfigKeyword PrintLastLog
208syn keyword sshdconfigKeyword PrintMotd
209syn keyword sshdconfigKeyword Protocol
210syn keyword sshdconfigKeyword PubkeyAcceptedKeyTypes
211syn keyword sshdconfigKeyword PubkeyAuthentication
212syn keyword sshdconfigKeyword RSAAuthentication
213syn keyword sshdconfigKeyword RekeyLimit
214syn keyword sshdconfigKeyword RevokedKeys
215syn keyword sshdconfigKeyword RhostsRSAAuthentication
216syn keyword sshdconfigKeyword ServerKeyBits
217syn keyword sshdconfigKeyword ShowPatchLevel
218syn keyword sshdconfigKeyword StrictModes
219syn keyword sshdconfigKeyword Subsystem
220syn keyword sshdconfigKeyword SyslogFacility
221syn keyword sshdconfigKeyword TCPKeepAlive
222syn keyword sshdconfigKeyword TrustedUserCAKeys
223syn keyword sshdconfigKeyword UseDNS
224syn keyword sshdconfigKeyword UseLogin
225syn keyword sshdconfigKeyword UsePAM
226syn keyword sshdconfigKeyword UsePrivilegeSeparation
227syn keyword sshdconfigKeyword VersionAddendum
228syn keyword sshdconfigKeyword X11DisplayOffset
229syn keyword sshdconfigKeyword X11Forwarding
230syn keyword sshdconfigKeyword X11UseLocalhost
231syn keyword sshdconfigKeyword XAuthLocation
232
233
234" Define the default highlighting
235
236hi def link sshdconfigComment              Comment
237hi def link sshdconfigTodo                 Todo
238hi def link sshdconfigHostPort             sshdconfigConstant
239hi def link sshdconfigTime                 sshdconfigConstant
240hi def link sshdconfigNumber               sshdconfigConstant
241hi def link sshdconfigConstant             Constant
242hi def link sshdconfigYesNo                sshdconfigEnum
243hi def link sshdconfigAddressFamily        sshdconfigEnum
244hi def link sshdconfigPrivilegeSeparation  sshdconfigEnum
245hi def link sshdconfigTcpForwarding        sshdconfigEnum
246hi def link sshdconfigRootLogin            sshdconfigEnum
247hi def link sshdconfigCiphers              sshdconfigEnum
248hi def link sshdconfigMAC                  sshdconfigEnum
249hi def link sshdconfigHostKeyAlgo          sshdconfigEnum
250hi def link sshdconfigRootLogin            sshdconfigEnum
251hi def link sshdconfigLogLevel             sshdconfigEnum
252hi def link sshdconfigSysLogFacility       sshdconfigEnum
253hi def link sshdconfigVar                  sshdconfigEnum
254hi def link sshdconfigCompression          sshdconfigEnum
255hi def link sshdconfigIPQoS                sshdconfigEnum
256hi def link sshdconfigKexAlgo              sshdconfigEnum
257hi def link sshdconfigTunnel               sshdconfigEnum
258hi def link sshdconfigSubsystem            sshdconfigEnum
259hi def link sshdconfigEnum                 Function
260hi def link sshdconfigSpecial              Special
261hi def link sshdconfigKeyword              Keyword
262hi def link sshdconfigMatch                Type
263
264let b:current_syntax = "sshdconfig"
265
266" vim:set ts=8 sw=2 sts=2:
267