1" Vim syntax file
2" Language:	OpenSSH server configuration file (sshd_config)
3" Author:	David Necas (Yeti)
4" Maintainer:	Dominik Fischer <d dot f dot fischer at web dot de>
5" Contributor:	Thilo Six
6" Contributor:  Leonard Ehrenfried <[email protected]>
7" Contributor:  Karsten Hopp <[email protected]>
8" Originally:	2009-07-09
9" Last Change:	2016 Mar 1
10" SSH Version:	7.2
11"
12
13" Setup
14if version >= 600
15  if exists("b:current_syntax")
16    finish
17  endif
18else
19  syntax clear
20endif
21
22if version >= 600
23  setlocal iskeyword=_,-,a-z,A-Z,48-57
24else
25  set iskeyword=_,-,a-z,A-Z,48-57
26endif
27
28
29" case on
30syn case match
31
32
33" Comments
34syn match sshdconfigComment "^#.*$" contains=sshdconfigTodo
35syn match sshdconfigComment "\s#.*$" contains=sshdconfigTodo
36
37syn keyword sshdconfigTodo TODO FIXME NOTE contained
38
39" Constants
40syn keyword sshdconfigYesNo yes no none
41
42syn keyword sshdconfigAddressFamily any inet inet6
43
44syn keyword sshdconfigPrivilegeSeparation sandbox
45
46syn keyword sshdconfigTcpForwarding local remote
47
48syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
49
50syn keyword sshdconfigCiphers 3des-cbc
51syn keyword sshdconfigCiphers blowfish-cbc
52syn keyword sshdconfigCiphers cast128-cbc
53syn keyword sshdconfigCiphers arcfour
54syn keyword sshdconfigCiphers arcfour128
55syn keyword sshdconfigCiphers arcfour256
56syn keyword sshdconfigCiphers aes128-cbc
57syn keyword sshdconfigCiphers aes192-cbc
58syn keyword sshdconfigCiphers aes256-cbc
59syn match sshdconfigCiphers "\<rijndael-cbc@lysator\.liu.se\>"
60syn keyword sshdconfigCiphers aes128-ctr
61syn keyword sshdconfigCiphers aes192-ctr
62syn keyword sshdconfigCiphers aes256-ctr
63syn match sshdconfigCiphers "\<aes128-gcm@openssh\.com\>"
64syn match sshdconfigCiphers "\<aes256-gcm@openssh\.com\>"
65syn match sshdconfigCiphers "\<chacha20-poly1305@openssh\.com\>"
66
67syn keyword sshdconfigMAC hmac-sha1
68syn keyword sshdconfigMAC mac-sha1-96
69syn keyword sshdconfigMAC mac-sha2-256
70syn keyword sshdconfigMAC mac-sha2-512
71syn keyword sshdconfigMAC mac-md5
72syn keyword sshdconfigMAC mac-md5-96
73syn keyword sshdconfigMAC mac-ripemd160
74syn match   sshdconfigMAC "\<hmac-ripemd160@openssh\.com\>"
75syn match   sshdconfigMAC "\<umac-64@openssh\.com\>"
76syn match   sshdconfigMAC "\<umac-128@openssh\.com\>"
77syn match   sshdconfigMAC "\<hmac-sha1-etm@openssh\.com\>"
78syn match   sshdconfigMAC "\<hmac-sha1-96-etm@openssh\.com\>"
79syn match   sshdconfigMAC "\<hmac-sha2-256-etm@openssh\.com\>"
80syn match   sshdconfigMAC "\<hmac-sha2-512-etm@openssh\.com\>"
81syn match   sshdconfigMAC "\<hmac-md5-etm@openssh\.com\>"
82syn match   sshdconfigMAC "\<hmac-md5-96-etm@openssh\.com\>"
83syn match   sshdconfigMAC "\<hmac-ripemd160-etm@openssh\.com\>"
84syn match   sshdconfigMAC "\<umac-64-etm@openssh\.com\>"
85syn match   sshdconfigMAC "\<umac-128-etm@openssh\.com\>"
86
87syn keyword sshdconfigHostKeyAlgo ssh-ed25519
88syn match sshdconfigHostKeyAlgo "\<ssh-ed25519-cert-v01@openssh\.com\>"
89syn keyword sshdconfigHostKeyAlgo ssh-rsa
90syn keyword sshdconfigHostKeyAlgo ssh-dss
91syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp256
92syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp384
93syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp521
94syn match sshdconfigHostKeyAlgo "\<ssh-rsa-cert-v01@openssh\.com\>"
95syn match sshdconfigHostKeyAlgo "\<ssh-dss-cert-v01@openssh\.com\>"
96syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp256-cert-v01@openssh\.com\>"
97syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp384-cert-v01@openssh\.com\>"
98syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp521-cert-v01@openssh\.com\>"
99
100syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only
101
102syn keyword sshdconfigLogLevel QUIET FATAL ERROR INFO VERBOSE
103syn keyword sshdconfigLogLevel DEBUG DEBUG1 DEBUG2 DEBUG3
104syn keyword sshdconfigSysLogFacility DAEMON USER AUTH AUTHPRIV LOCAL0 LOCAL1
105syn keyword sshdconfigSysLogFacility LOCAL2 LOCAL3 LOCAL4 LOCAL5 LOCAL6 LOCAL7
106
107syn keyword sshdconfigCompression    delayed
108
109syn match   sshdconfigIPQoS	"af1[123]"
110syn match   sshdconfigIPQoS	"af2[123]"
111syn match   sshdconfigIPQoS	"af3[123]"
112syn match   sshdconfigIPQoS	"af4[123]"
113syn match   sshdconfigIPQoS	"cs[0-7]"
114syn keyword sshdconfigIPQoS	ef lowdelay throughput reliability
115
116syn keyword sshdconfigKexAlgo diffie-hellman-group1-sha1
117syn keyword sshdconfigKexAlgo diffie-hellman-group14-sha1
118syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha1
119syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha256
120syn keyword sshdconfigKexAlgo ecdh-sha2-nistp256
121syn keyword sshdconfigKexAlgo ecdh-sha2-nistp384
122syn keyword sshdconfigKexAlgo ecdh-sha2-nistp521
123syn match sshdconfigKexAlgo "\<curve25519-sha256@libssh\.org\>"
124
125syn keyword sshdconfigTunnel	point-to-point ethernet
126
127syn keyword sshdconfigSubsystem internal-sftp
128
129syn match sshdconfigVar	    "%[hu]\>"
130syn match sshdconfigVar	    "%%"
131
132syn match sshdconfigSpecial "[*?]"
133
134syn match sshdconfigNumber "\d\+"
135syn match sshdconfigHostPort "\<\(\d\{1,3}\.\)\{3}\d\{1,3}\(:\d\+\)\?\>"
136syn match sshdconfigHostPort "\<\([-a-zA-Z0-9]\+\.\)\+[-a-zA-Z0-9]\{2,}\(:\d\+\)\?\>"
137" FIXME: this matches quite a few things which are NOT valid IPv6 addresses
138syn match sshdconfigHostPort "\<\(\x\{,4}:\)\+\x\{,4}:\d\+\>"
139syn match sshdconfigTime "\<\(\d\+[sSmMhHdDwW]\)\+\>"
140
141
142" case off
143syn case ignore
144
145
146" Keywords
147syn keyword sshdconfigMatch Host User Group Address
148
149syn keyword sshdconfigKeyword AcceptEnv
150syn keyword sshdconfigKeyword AddressFamily
151syn keyword sshdconfigKeyword AllowAgentForwarding
152syn keyword sshdconfigKeyword AllowGroups
153syn keyword sshdconfigKeyword AllowStreamLocalForwarding
154syn keyword sshdconfigKeyword AllowTcpForwarding
155syn keyword sshdconfigKeyword AllowUsers
156syn keyword sshdconfigKeyword AuthenticationMethods
157syn keyword sshdconfigKeyword AuthorizedKeysFile
158syn keyword sshdconfigKeyword AuthorizedKeysCommand
159syn keyword sshdconfigKeyword AuthorizedKeysCommandUser
160syn keyword sshdconfigKeyword AuthorizedPrincipalsFile
161syn keyword sshdconfigKeyword Banner
162syn keyword sshdconfigKeyword ChallengeResponseAuthentication
163syn keyword sshdconfigKeyword ChrootDirectory
164syn keyword sshdconfigKeyword Ciphers
165syn keyword sshdconfigKeyword ClientAliveCountMax
166syn keyword sshdconfigKeyword ClientAliveInterval
167syn keyword sshdconfigKeyword Compression
168syn keyword sshdconfigKeyword DebianBanner
169syn keyword sshdconfigKeyword DenyGroups
170syn keyword sshdconfigKeyword DenyUsers
171syn keyword sshdconfigKeyword ForceCommand
172syn keyword sshdconfigKeyword GSSAPIAuthentication
173syn keyword sshdconfigKeyword GSSAPICleanupCredentials
174syn keyword sshdconfigKeyword GSSAPIKeyExchange
175syn keyword sshdconfigKeyword GSSAPIStoreCredentialsOnRekey
176syn keyword sshdconfigKeyword GSSAPIStrictAcceptorCheck
177syn keyword sshdconfigKeyword GatewayPorts
178syn keyword sshdconfigKeyword HostCertificate
179syn keyword sshdconfigKeyword HostKey
180syn keyword sshdconfigKeyword HostKeyAgent
181syn keyword sshdconfigKeyword HostKeyAlgorithms
182syn keyword sshdconfigKeyword HostbasedAcceptedKeyTypes
183syn keyword sshdconfigKeyword HostbasedAuthentication
184syn keyword sshdconfigKeyword HostbasedUsesNameFromPacketOnly
185syn keyword sshdconfigKeyword IPQoS
186syn keyword sshdconfigKeyword IgnoreRhosts
187syn keyword sshdconfigKeyword IgnoreUserKnownHosts
188syn keyword sshdconfigKeyword KbdInteractiveAuthentication
189syn keyword sshdconfigKeyword KerberosAuthentication
190syn keyword sshdconfigKeyword KerberosGetAFSToken
191syn keyword sshdconfigKeyword KerberosOrLocalPasswd
192syn keyword sshdconfigKeyword KerberosTicketCleanup
193syn keyword sshdconfigKeyword KexAlgorithms
194syn keyword sshdconfigKeyword KeyRegenerationInterval
195syn keyword sshdconfigKeyword ListenAddress
196syn keyword sshdconfigKeyword LogLevel
197syn keyword sshdconfigKeyword LoginGraceTime
198syn keyword sshdconfigKeyword MACs
199syn keyword sshdconfigKeyword Match
200syn keyword sshdconfigKeyword MaxAuthTries
201syn keyword sshdconfigKeyword MaxSessions
202syn keyword sshdconfigKeyword MaxStartups
203syn keyword sshdconfigKeyword PasswordAuthentication
204syn keyword sshdconfigKeyword PermitBlacklistedKeys
205syn keyword sshdconfigKeyword PermitEmptyPasswords
206syn keyword sshdconfigKeyword PermitOpen
207syn keyword sshdconfigKeyword PermitRootLogin
208syn keyword sshdconfigKeyword PermitTTY
209syn keyword sshdconfigKeyword PermitTunnel
210syn keyword sshdconfigKeyword PermitUserEnvironment
211syn keyword sshdconfigKeyword PermitUserRC
212syn keyword sshdconfigKeyword PidFile
213syn keyword sshdconfigKeyword Port
214syn keyword sshdconfigKeyword PrintLastLog
215syn keyword sshdconfigKeyword PrintMotd
216syn keyword sshdconfigKeyword Protocol
217syn keyword sshdconfigKeyword PubkeyAcceptedKeyTypes
218syn keyword sshdconfigKeyword PubkeyAuthentication
219syn keyword sshdconfigKeyword RSAAuthentication
220syn keyword sshdconfigKeyword RekeyLimit
221syn keyword sshdconfigKeyword RevokedKeys
222syn keyword sshdconfigKeyword RhostsRSAAuthentication
223syn keyword sshdconfigKeyword ServerKeyBits
224syn keyword sshdconfigKeyword ShowPatchLevel
225syn keyword sshdconfigKeyword StrictModes
226syn keyword sshdconfigKeyword Subsystem
227syn keyword sshdconfigKeyword SyslogFacility
228syn keyword sshdconfigKeyword TCPKeepAlive
229syn keyword sshdconfigKeyword TrustedUserCAKeys
230syn keyword sshdconfigKeyword UseDNS
231syn keyword sshdconfigKeyword UseLogin
232syn keyword sshdconfigKeyword UsePAM
233syn keyword sshdconfigKeyword UsePrivilegeSeparation
234syn keyword sshdconfigKeyword VersionAddendum
235syn keyword sshdconfigKeyword X11DisplayOffset
236syn keyword sshdconfigKeyword X11Forwarding
237syn keyword sshdconfigKeyword X11UseLocalhost
238syn keyword sshdconfigKeyword XAuthLocation
239
240
241" Define the default highlighting
242if version >= 508 || !exists("did_sshdconfig_syntax_inits")
243  if version < 508
244    let did_sshdconfig_syntax_inits = 1
245    command -nargs=+ HiLink hi link <args>
246  else
247    command -nargs=+ HiLink hi def link <args>
248  endif
249
250  HiLink sshdconfigComment              Comment
251  HiLink sshdconfigTodo                 Todo
252  HiLink sshdconfigHostPort             sshdconfigConstant
253  HiLink sshdconfigTime                 sshdconfigConstant
254  HiLink sshdconfigNumber               sshdconfigConstant
255  HiLink sshdconfigConstant             Constant
256  HiLink sshdconfigYesNo                sshdconfigEnum
257  HiLink sshdconfigAddressFamily        sshdconfigEnum
258  HiLink sshdconfigPrivilegeSeparation  sshdconfigEnum
259  HiLink sshdconfigTcpForwarding        sshdconfigEnum
260  HiLink sshdconfigRootLogin            sshdconfigEnum
261  HiLink sshdconfigCiphers              sshdconfigEnum
262  HiLink sshdconfigMAC                  sshdconfigEnum
263  HiLink sshdconfigHostKeyAlgo          sshdconfigEnum
264  HiLink sshdconfigRootLogin            sshdconfigEnum
265  HiLink sshdconfigLogLevel             sshdconfigEnum
266  HiLink sshdconfigSysLogFacility       sshdconfigEnum
267  HiLink sshdconfigVar                  sshdconfigEnum
268  HiLink sshdconfigCompression          sshdconfigEnum
269  HiLink sshdconfigIPQoS                sshdconfigEnum
270  HiLink sshdconfigKexAlgo              sshdconfigEnum
271  HiLink sshdconfigTunnel               sshdconfigEnum
272  HiLink sshdconfigSubsystem            sshdconfigEnum
273  HiLink sshdconfigEnum                 Function
274  HiLink sshdconfigSpecial              Special
275  HiLink sshdconfigKeyword              Keyword
276  HiLink sshdconfigMatch                Type
277  delcommand HiLink
278endif
279
280let b:current_syntax = "sshdconfig"
281
282" vim:set ts=8 sw=2 sts=2:
283