1" Vim syntax file
2" Language:	OpenSSH server configuration file (sshd_config)
3" Author:	David Necas (Yeti)
4" Maintainer:	Dominik Fischer <d dot f dot fischer at web dot de>
5" Contributor:	Thilo Six
6" Contributor:  Leonard Ehrenfried <[email protected]>
7" Originally:	2009-07-09
8" Last Change:	2015 Dec 3
9" SSH Version:	7.0
10"
11
12" Setup
13if version >= 600
14  if exists("b:current_syntax")
15    finish
16  endif
17else
18  syntax clear
19endif
20
21if version >= 600
22  setlocal iskeyword=_,-,a-z,A-Z,48-57
23else
24  set iskeyword=_,-,a-z,A-Z,48-57
25endif
26
27
28" case on
29syn case match
30
31
32" Comments
33syn match sshdconfigComment "^#.*$" contains=sshdconfigTodo
34syn match sshdconfigComment "\s#.*$" contains=sshdconfigTodo
35
36syn keyword sshdconfigTodo TODO FIXME NOTE contained
37
38" Constants
39syn keyword sshdconfigYesNo yes no none
40
41syn keyword sshdconfigAddressFamily any inet inet6
42
43syn keyword sshdconfigPrivilegeSeparation sandbox
44
45syn keyword sshdconfigTcpForwarding local remote
46
47syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
48
49syn keyword sshdconfigCipher aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
50syn keyword sshdconfigCipher aes192-cbc aes256-cbc aes128-ctr aes192-ctr aes256-ctr
51syn keyword sshdconfigCipher arcfour arcfour128 arcfour256 cast128-cbc
52
53syn keyword sshdconfigMAC hmac-md5 hmac-sha1 hmac-ripemd160 hmac-sha1-96
54syn keyword sshdconfigMAC hmac-md5-96
55syn keyword sshdconfigMAC hmac-sha2-256 hmac-sha256-96 hmac-sha2-512
56syn keyword sshdconfigMAC hmac-sha2-512-96
57syn match   sshdconfigMAC "\<umac-64@openssh\.com\>"
58
59syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
60
61syn keyword sshdconfigLogLevel QUIET FATAL ERROR INFO VERBOSE
62syn keyword sshdconfigLogLevel DEBUG DEBUG1 DEBUG2 DEBUG3
63syn keyword sshdconfigSysLogFacility DAEMON USER AUTH AUTHPRIV LOCAL0 LOCAL1
64syn keyword sshdconfigSysLogFacility LOCAL2 LOCAL3 LOCAL4 LOCAL5 LOCAL6 LOCAL7
65
66syn keyword sshdconfigCompression    delayed
67
68syn match   sshdconfigIPQoS	"af1[1234]"
69syn match   sshdconfigIPQoS	"af2[23]"
70syn match   sshdconfigIPQoS	"af3[123]"
71syn match   sshdconfigIPQoS	"af4[123]"
72syn match   sshdconfigIPQoS	"cs[0-7]"
73syn keyword sshdconfigIPQoS	ef lowdelay throughput reliability
74
75syn keyword sshdconfigKexAlgo	ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521
76syn keyword sshdconfigKexAlgo	diffie-hellman-group-exchange-sha256
77syn keyword sshdconfigKexAlgo	diffie-hellman-group-exchange-sha1
78syn keyword sshdconfigKexAlgo	diffie-hellman-group14-sha1
79syn keyword sshdconfigKexAlgo	diffie-hellman-group1-sha1
80
81syn keyword sshdconfigTunnel	point-to-point ethernet
82
83syn keyword sshdconfigSubsystem internal-sftp
84
85syn match sshdconfigVar	    "%[hu]\>"
86syn match sshdconfigVar	    "%%"
87
88syn match sshdconfigSpecial "[*?]"
89
90syn match sshdconfigNumber "\d\+"
91syn match sshdconfigHostPort "\<\(\d\{1,3}\.\)\{3}\d\{1,3}\(:\d\+\)\?\>"
92syn match sshdconfigHostPort "\<\([-a-zA-Z0-9]\+\.\)\+[-a-zA-Z0-9]\{2,}\(:\d\+\)\?\>"
93" FIXME: this matches quite a few things which are NOT valid IPv6 addresses
94syn match sshdconfigHostPort "\<\(\x\{,4}:\)\+\x\{,4}:\d\+\>"
95syn match sshdconfigTime "\<\(\d\+[sSmMhHdDwW]\)\+\>"
96
97
98" case off
99syn case ignore
100
101
102" Keywords
103syn keyword sshdconfigMatch Host User Group Address
104
105syn keyword sshdconfigKeyword AcceptEnv
106syn keyword sshdconfigKeyword AddressFamily
107syn keyword sshdconfigKeyword AllowAgentForwarding
108syn keyword sshdconfigKeyword AllowGroups
109syn keyword sshdconfigKeyword AllowStreamLocalForwarding
110syn keyword sshdconfigKeyword AllowTcpForwarding
111syn keyword sshdconfigKeyword AllowUsers
112syn keyword sshdconfigKeyword AuthorizedKeysFile
113syn keyword sshdconfigKeyword AuthorizedKeysCommand
114syn keyword sshdconfigKeyword AuthorizedKeysCommandUser
115syn keyword sshdconfigKeyword AuthorizedPrincipalsFile
116syn keyword sshdconfigKeyword Banner
117syn keyword sshdconfigKeyword ChallengeResponseAuthentication
118syn keyword sshdconfigKeyword ChrootDirectory
119syn keyword sshdconfigKeyword Ciphers
120syn keyword sshdconfigKeyword ClientAliveCountMax
121syn keyword sshdconfigKeyword ClientAliveInterval
122syn keyword sshdconfigKeyword Compression
123syn keyword sshdconfigKeyword DebianBanner
124syn keyword sshdconfigKeyword DenyGroups
125syn keyword sshdconfigKeyword DenyUsers
126syn keyword sshdconfigKeyword ForceCommand
127syn keyword sshdconfigKeyword GSSAPIAuthentication
128syn keyword sshdconfigKeyword GSSAPICleanupCredentials
129syn keyword sshdconfigKeyword GSSAPIKeyExchange
130syn keyword sshdconfigKeyword GSSAPIStoreCredentialsOnRekey
131syn keyword sshdconfigKeyword GSSAPIStrictAcceptorCheck
132syn keyword sshdconfigKeyword GatewayPorts
133syn keyword sshdconfigKeyword HostCertificate
134syn keyword sshdconfigKeyword HostKey
135syn keyword sshdconfigKeyword HostKeyAlgorithms
136syn keyword sshdconfigKeyword HostbasedAcceptedKeyTypes
137syn keyword sshdconfigKeyword HostbasedAuthentication
138syn keyword sshdconfigKeyword HostbasedUsesNameFromPacketOnly
139syn keyword sshdconfigKeyword IPQoS
140syn keyword sshdconfigKeyword IgnoreRhosts
141syn keyword sshdconfigKeyword IgnoreUserKnownHosts
142syn keyword sshdconfigKeyword KbdInteractiveAuthentication
143syn keyword sshdconfigKeyword KerberosAuthentication
144syn keyword sshdconfigKeyword KerberosGetAFSToken
145syn keyword sshdconfigKeyword KerberosOrLocalPasswd
146syn keyword sshdconfigKeyword KerberosTicketCleanup
147syn keyword sshdconfigKeyword KexAlgorithms
148syn keyword sshdconfigKeyword KeyRegenerationInterval
149syn keyword sshdconfigKeyword ListenAddress
150syn keyword sshdconfigKeyword LogLevel
151syn keyword sshdconfigKeyword LoginGraceTime
152syn keyword sshdconfigKeyword MACs
153syn keyword sshdconfigKeyword Match
154syn keyword sshdconfigKeyword MaxAuthTries
155syn keyword sshdconfigKeyword MaxSessions
156syn keyword sshdconfigKeyword MaxStartups
157syn keyword sshdconfigKeyword PasswordAuthentication
158syn keyword sshdconfigKeyword PermitBlacklistedKeys
159syn keyword sshdconfigKeyword PermitEmptyPasswords
160syn keyword sshdconfigKeyword PermitOpen
161syn keyword sshdconfigKeyword PermitRootLogin
162syn keyword sshdconfigKeyword PermitTTY
163syn keyword sshdconfigKeyword PermitTunnel
164syn keyword sshdconfigKeyword PermitUserEnvironment
165syn keyword sshdconfigKeyword PermitUserRC
166syn keyword sshdconfigKeyword PidFile
167syn keyword sshdconfigKeyword Port
168syn keyword sshdconfigKeyword PrintLastLog
169syn keyword sshdconfigKeyword PrintMotd
170syn keyword sshdconfigKeyword Protocol
171syn keyword sshdconfigKeyword PubkeyAcceptedKeyTypes
172syn keyword sshdconfigKeyword PubkeyAuthentication
173syn keyword sshdconfigKeyword RSAAuthentication
174syn keyword sshdconfigKeyword RekeyLimit
175syn keyword sshdconfigKeyword RevokedKeys
176syn keyword sshdconfigKeyword RhostsRSAAuthentication
177syn keyword sshdconfigKeyword ServerKeyBits
178syn keyword sshdconfigKeyword ShowPatchLevel
179syn keyword sshdconfigKeyword StrictModes
180syn keyword sshdconfigKeyword Subsystem
181syn keyword sshdconfigKeyword SyslogFacility
182syn keyword sshdconfigKeyword TCPKeepAlive
183syn keyword sshdconfigKeyword TrustedUserCAKeys
184syn keyword sshdconfigKeyword UseDNS
185syn keyword sshdconfigKeyword UseLogin
186syn keyword sshdconfigKeyword UsePAM
187syn keyword sshdconfigKeyword UsePrivilegeSeparation
188syn keyword sshdconfigKeyword VersionAddendum
189syn keyword sshdconfigKeyword X11DisplayOffset
190syn keyword sshdconfigKeyword X11Forwarding
191syn keyword sshdconfigKeyword X11UseLocalhost
192syn keyword sshdconfigKeyword XAuthLocation
193
194
195" Define the default highlighting
196if version >= 508 || !exists("did_sshdconfig_syntax_inits")
197  if version < 508
198    let did_sshdconfig_syntax_inits = 1
199    command -nargs=+ HiLink hi link <args>
200  else
201    command -nargs=+ HiLink hi def link <args>
202  endif
203
204  HiLink sshdconfigComment              Comment
205  HiLink sshdconfigTodo                 Todo
206  HiLink sshdconfigHostPort             sshdconfigConstant
207  HiLink sshdconfigTime                 sshdconfigConstant
208  HiLink sshdconfigNumber               sshdconfigConstant
209  HiLink sshdconfigConstant             Constant
210  HiLink sshdconfigYesNo                sshdconfigEnum
211  HiLink sshdconfigAddressFamily        sshdconfigEnum
212  HiLink sshdconfigPrivilegeSeparation  sshdconfigEnum
213  HiLink sshdconfigTcpForwarding        sshdconfigEnum
214  HiLink sshdconfigRootLogin            sshdconfigEnum
215  HiLink sshdconfigCipher               sshdconfigEnum
216  HiLink sshdconfigMAC                  sshdconfigEnum
217  HiLink sshdconfigRootLogin            sshdconfigEnum
218  HiLink sshdconfigLogLevel             sshdconfigEnum
219  HiLink sshdconfigSysLogFacility       sshdconfigEnum
220  HiLink sshdconfigVar                  sshdconfigEnum
221  HiLink sshdconfigCompression          sshdconfigEnum
222  HiLink sshdconfigIPQoS                sshdconfigEnum
223  HiLink sshdconfigKexAlgo              sshdconfigEnum
224  HiLink sshdconfigTunnel               sshdconfigEnum
225  HiLink sshdconfigSubsystem            sshdconfigEnum
226  HiLink sshdconfigEnum                 Function
227  HiLink sshdconfigSpecial              Special
228  HiLink sshdconfigKeyword              Keyword
229  HiLink sshdconfigMatch                Type
230  delcommand HiLink
231endif
232
233let b:current_syntax = "sshdconfig"
234
235" vim:set ts=8 sw=2 sts=2:
236