1" Vim syntax file 2" Language: OpenSSH server configuration file (sshd_config) 3" Author: David Necas (Yeti) 4" Maintainer: Jakub Jelen <jakuje at gmail dot com> 5" Previous Maintainer: Dominik Fischer <d dot f dot fischer at web dot de> 6" Contributor: Thilo Six 7" Contributor: Leonard Ehrenfried <leonard.ehrenfried@web.de> 8" Contributor: Karsten Hopp <karsten@redhat.com> 9" Originally: 2009-07-09 10" Last Change: 2021-03-29 11" SSH Version: 8.5p1 12" 13 14" Setup 15" quit when a syntax file was already loaded 16if exists("b:current_syntax") 17 finish 18endif 19 20setlocal iskeyword=_,-,a-z,A-Z,48-57 21 22 23" case on 24syn case match 25 26 27" Comments 28syn match sshdconfigComment "^#.*$" contains=sshdconfigTodo 29syn match sshdconfigComment "\s#.*$" contains=sshdconfigTodo 30 31syn keyword sshdconfigTodo TODO FIXME NOTE contained 32 33" Constants 34syn keyword sshdconfigYesNo yes no none 35 36syn keyword sshdconfigAddressFamily any inet inet6 37 38syn keyword sshdconfigPrivilegeSeparation sandbox 39 40syn keyword sshdconfigTcpForwarding local remote 41 42syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only 43 44syn keyword sshdconfigCiphers 3des-cbc 45syn keyword sshdconfigCiphers blowfish-cbc 46syn keyword sshdconfigCiphers cast128-cbc 47syn keyword sshdconfigCiphers arcfour 48syn keyword sshdconfigCiphers arcfour128 49syn keyword sshdconfigCiphers arcfour256 50syn keyword sshdconfigCiphers aes128-cbc 51syn keyword sshdconfigCiphers aes192-cbc 52syn keyword sshdconfigCiphers aes256-cbc 53syn match sshdconfigCiphers "\<rijndael-cbc@lysator\.liu.se\>" 54syn keyword sshdconfigCiphers aes128-ctr 55syn keyword sshdconfigCiphers aes192-ctr 56syn keyword sshdconfigCiphers aes256-ctr 57syn match sshdconfigCiphers "\<aes128-gcm@openssh\.com\>" 58syn match sshdconfigCiphers "\<aes256-gcm@openssh\.com\>" 59syn match sshdconfigCiphers "\<chacha20-poly1305@openssh\.com\>" 60 61syn keyword sshdconfigMAC hmac-sha1 62syn keyword sshdconfigMAC mac-sha1-96 63syn keyword sshdconfigMAC mac-sha2-256 64syn keyword sshdconfigMAC mac-sha2-512 65syn keyword sshdconfigMAC mac-md5 66syn keyword sshdconfigMAC mac-md5-96 67syn keyword sshdconfigMAC mac-ripemd160 68syn match sshdconfigMAC "\<hmac-ripemd160@openssh\.com\>" 69syn match sshdconfigMAC "\<umac-64@openssh\.com\>" 70syn match sshdconfigMAC "\<umac-128@openssh\.com\>" 71syn match sshdconfigMAC "\<hmac-sha1-etm@openssh\.com\>" 72syn match sshdconfigMAC "\<hmac-sha1-96-etm@openssh\.com\>" 73syn match sshdconfigMAC "\<hmac-sha2-256-etm@openssh\.com\>" 74syn match sshdconfigMAC "\<hmac-sha2-512-etm@openssh\.com\>" 75syn match sshdconfigMAC "\<hmac-md5-etm@openssh\.com\>" 76syn match sshdconfigMAC "\<hmac-md5-96-etm@openssh\.com\>" 77syn match sshdconfigMAC "\<hmac-ripemd160-etm@openssh\.com\>" 78syn match sshdconfigMAC "\<umac-64-etm@openssh\.com\>" 79syn match sshdconfigMAC "\<umac-128-etm@openssh\.com\>" 80 81syn keyword sshdconfigHostKeyAlgo ssh-ed25519 82syn match sshdconfigHostKeyAlgo "\<ssh-ed25519-cert-v01@openssh\.com\>" 83syn match sshdconfigHostKeyAlgo "\<sk-ssh-ed25519@openssh\.com\>" 84syn match sshdconfigHostKeyAlgo "\<sk-ssh-ed25519-cert-v01@openssh\.com\>" 85syn keyword sshdconfigHostKeyAlgo ssh-rsa 86syn keyword sshdconfigHostKeyAlgo rsa-sha2-256 87syn keyword sshdconfigHostKeyAlgo rsa-sha2-512 88syn keyword sshdconfigHostKeyAlgo ssh-dss 89syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp256 90syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp384 91syn keyword sshdconfigHostKeyAlgo ecdsa-sha2-nistp521 92syn match sshdconfigHostKeyAlgo "\<ssh-rsa-cert-v01@openssh\.com\>" 93syn match sshdconfigHostKeyAlgo "\<rsa-sha2-256-cert-v01@openssh\.com\>" 94syn match sshdconfigHostKeyAlgo "\<rsa-sha2-512-cert-v01@openssh\.com\>" 95syn match sshdconfigHostKeyAlgo "\<ssh-dss-cert-v01@openssh\.com\>" 96syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp256-cert-v01@openssh\.com\>" 97syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp384-cert-v01@openssh\.com\>" 98syn match sshdconfigHostKeyAlgo "\<ecdsa-sha2-nistp521-cert-v01@openssh\.com\>" 99syn match sshdconfigHostKeyAlgo "\<sk-ecdsa-sha2-nistp256@openssh\.com\>" 100syn match sshdconfigHostKeyAlgo "\<sk-ecdsa-sha2-nistp256-cert-v01@openssh\.com\>" 101 102syn keyword sshdconfigRootLogin prohibit-password without-password forced-commands-only 103 104syn keyword sshdconfigLogLevel QUIET FATAL ERROR INFO VERBOSE 105syn keyword sshdconfigLogLevel DEBUG DEBUG1 DEBUG2 DEBUG3 106syn keyword sshdconfigSysLogFacility DAEMON USER AUTH AUTHPRIV LOCAL0 LOCAL1 107syn keyword sshdconfigSysLogFacility LOCAL2 LOCAL3 LOCAL4 LOCAL5 LOCAL6 LOCAL7 108 109syn keyword sshdconfigCompression delayed 110 111syn match sshdconfigIPQoS "af1[123]" 112syn match sshdconfigIPQoS "af2[123]" 113syn match sshdconfigIPQoS "af3[123]" 114syn match sshdconfigIPQoS "af4[123]" 115syn match sshdconfigIPQoS "cs[0-7]" 116syn keyword sshdconfigIPQoS ef lowdelay throughput reliability 117 118syn keyword sshdconfigKexAlgo diffie-hellman-group1-sha1 119syn keyword sshdconfigKexAlgo diffie-hellman-group14-sha1 120syn keyword sshdconfigKexAlgo diffie-hellman-group14-sha256 121syn keyword sshdconfigKexAlgo diffie-hellman-group16-sha512 122syn keyword sshdconfigKexAlgo diffie-hellman-group18-sha512 123syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha1 124syn keyword sshdconfigKexAlgo diffie-hellman-group-exchange-sha256 125syn keyword sshdconfigKexAlgo ecdh-sha2-nistp256 126syn keyword sshdconfigKexAlgo ecdh-sha2-nistp384 127syn keyword sshdconfigKexAlgo ecdh-sha2-nistp521 128syn keyword sshdconfigKexAlgo curve25519-sha256 129syn match sshdconfigKexAlgo "\<curve25519-sha256@libssh\.org\>" 130syn match sshdconfigKexAlgo "\<sntrup4591761x25519-sha512@tinyssh\.org\>" 131 132syn keyword sshdconfigTunnel point-to-point ethernet 133 134syn keyword sshdconfigSubsystem internal-sftp 135 136syn match sshdconfigVar "%[hu]\>" 137syn match sshdconfigVar "%%" 138 139syn match sshdconfigSpecial "[*?]" 140 141syn match sshdconfigNumber "\d\+" 142syn match sshdconfigHostPort "\<\(\d\{1,3}\.\)\{3}\d\{1,3}\(:\d\+\)\?\>" 143syn match sshdconfigHostPort "\<\([-a-zA-Z0-9]\+\.\)\+[-a-zA-Z0-9]\{2,}\(:\d\+\)\?\>" 144" FIXME: this matches quite a few things which are NOT valid IPv6 addresses 145syn match sshdconfigHostPort "\<\(\x\{,4}:\)\+\x\{,4}:\d\+\>" 146syn match sshdconfigTime "\<\(\d\+[sSmMhHdDwW]\)\+\>" 147 148 149" case off 150syn case ignore 151 152 153" Keywords 154" Also includes RDomain, but that is a keyword. 155syn keyword sshdconfigMatch Host User Group Address LocalAddress LocalPort 156 157syn keyword sshdconfigKeyword AcceptEnv 158syn keyword sshdconfigKeyword AddressFamily 159syn keyword sshdconfigKeyword AllowAgentForwarding 160syn keyword sshdconfigKeyword AllowGroups 161syn keyword sshdconfigKeyword AllowStreamLocalForwarding 162syn keyword sshdconfigKeyword AllowTcpForwarding 163syn keyword sshdconfigKeyword AllowUsers 164syn keyword sshdconfigKeyword AuthenticationMethods 165syn keyword sshdconfigKeyword AuthorizedKeysFile 166syn keyword sshdconfigKeyword AuthorizedKeysCommand 167syn keyword sshdconfigKeyword AuthorizedKeysCommandUser 168syn keyword sshdconfigKeyword AuthorizedPrincipalsCommand 169syn keyword sshdconfigKeyword AuthorizedPrincipalsCommandUser 170syn keyword sshdconfigKeyword AuthorizedPrincipalsFile 171syn keyword sshdconfigKeyword Banner 172syn keyword sshdconfigKeyword CASignatureAlgorithms 173syn keyword sshdconfigKeyword ChallengeResponseAuthentication 174syn keyword sshdconfigKeyword ChrootDirectory 175syn keyword sshdconfigKeyword Ciphers 176syn keyword sshdconfigKeyword ClientAliveCountMax 177syn keyword sshdconfigKeyword ClientAliveInterval 178syn keyword sshdconfigKeyword Compression 179syn keyword sshdconfigKeyword DebianBanner 180syn keyword sshdconfigKeyword DenyGroups 181syn keyword sshdconfigKeyword DenyUsers 182syn keyword sshdconfigKeyword DisableForwarding 183syn keyword sshdconfigKeyword ExposeAuthInfo 184syn keyword sshdconfigKeyword FingerprintHash 185syn keyword sshdconfigKeyword ForceCommand 186syn keyword sshdconfigKeyword GatewayPorts 187syn keyword sshdconfigKeyword GSSAPIAuthentication 188syn keyword sshdconfigKeyword GSSAPICleanupCredentials 189syn keyword sshdconfigKeyword GSSAPIEnablek5users 190syn keyword sshdconfigKeyword GSSAPIKeyExchange 191syn keyword sshdconfigKeyword GSSAPIKexAlgorithms 192syn keyword sshdconfigKeyword GSSAPIStoreCredentialsOnRekey 193syn keyword sshdconfigKeyword GSSAPIStrictAcceptorCheck 194syn keyword sshdconfigKeyword HostCertificate 195syn keyword sshdconfigKeyword HostKey 196syn keyword sshdconfigKeyword HostKeyAgent 197syn keyword sshdconfigKeyword HostKeyAlgorithms 198syn keyword sshdconfigKeyword HostbasedAcceptedAlgorithms 199syn keyword sshdconfigKeyword HostbasedAcceptedKeyTypes 200syn keyword sshdconfigKeyword HostbasedAuthentication 201syn keyword sshdconfigKeyword HostbasedUsesNameFromPacketOnly 202syn keyword sshdconfigKeyword IPQoS 203syn keyword sshdconfigKeyword IgnoreRhosts 204syn keyword sshdconfigKeyword IgnoreUserKnownHosts 205syn keyword sshdconfigKeyword Include 206syn keyword sshdconfigKeyword KbdInteractiveAuthentication 207syn keyword sshdconfigKeyword KerberosAuthentication 208syn keyword sshdconfigKeyword KerberosGetAFSToken 209syn keyword sshdconfigKeyword KerberosOrLocalPasswd 210syn keyword sshdconfigKeyword KerberosTicketCleanup 211syn keyword sshdconfigKeyword KerberosUniqueCCache 212syn keyword sshdconfigKeyword KerberosUseKuserok 213syn keyword sshdconfigKeyword KexAlgorithms 214syn keyword sshdconfigKeyword KeyRegenerationInterval 215syn keyword sshdconfigKeyword ListenAddress 216syn keyword sshdconfigKeyword LogLevel 217syn keyword sshdconfigKeyword LogVerbose 218syn keyword sshdconfigKeyword LoginGraceTime 219syn keyword sshdconfigKeyword MACs 220syn keyword sshdconfigKeyword Match 221syn keyword sshdconfigKeyword MaxAuthTries 222syn keyword sshdconfigKeyword MaxSessions 223syn keyword sshdconfigKeyword MaxStartups 224syn keyword sshdconfigKeyword PasswordAuthentication 225syn keyword sshdconfigKeyword PerSourceMaxStartups 226syn keyword sshdconfigKeyword PerSourceNetBlockSize 227syn keyword sshdconfigKeyword PermitBlacklistedKeys 228syn keyword sshdconfigKeyword PermitEmptyPasswords 229syn keyword sshdconfigKeyword PermitListen 230syn keyword sshdconfigKeyword PermitOpen 231syn keyword sshdconfigKeyword PermitRootLogin 232syn keyword sshdconfigKeyword PermitTTY 233syn keyword sshdconfigKeyword PermitTunnel 234syn keyword sshdconfigKeyword PermitUserEnvironment 235syn keyword sshdconfigKeyword PermitUserRC 236syn keyword sshdconfigKeyword PidFile 237syn keyword sshdconfigKeyword Port 238syn keyword sshdconfigKeyword PrintLastLog 239syn keyword sshdconfigKeyword PrintMotd 240syn keyword sshdconfigKeyword Protocol 241syn keyword sshdconfigKeyword PubkeyAcceptedAlgorithms 242syn keyword sshdconfigKeyword PubkeyAcceptedKeyTypes 243syn keyword sshdconfigKeyword PubkeyAuthentication 244syn keyword sshdconfigKeyword PubkeyAuthOptions 245syn keyword sshdconfigKeyword RSAAuthentication 246syn keyword sshdconfigKeyword RekeyLimit 247syn keyword sshdconfigKeyword RevokedKeys 248syn keyword sshdconfigKeyword RDomain 249syn keyword sshdconfigKeyword RhostsRSAAuthentication 250syn keyword sshdconfigKeyword SecurityKeyProvider 251syn keyword sshdconfigKeyword ServerKeyBits 252syn keyword sshdconfigKeyword SetEnv 253syn keyword sshdconfigKeyword ShowPatchLevel 254syn keyword sshdconfigKeyword StrictModes 255syn keyword sshdconfigKeyword StreamLocalBindMask 256syn keyword sshdconfigKeyword StreamLocalBindUnlink 257syn keyword sshdconfigKeyword Subsystem 258syn keyword sshdconfigKeyword SyslogFacility 259syn keyword sshdconfigKeyword TCPKeepAlive 260syn keyword sshdconfigKeyword TrustedUserCAKeys 261syn keyword sshdconfigKeyword UseBlacklist 262syn keyword sshdconfigKeyword UseDNS 263syn keyword sshdconfigKeyword UseLogin 264syn keyword sshdconfigKeyword UsePAM 265syn keyword sshdconfigKeyword VersionAddendum 266syn keyword sshdconfigKeyword X11DisplayOffset 267syn keyword sshdconfigKeyword X11Forwarding 268syn keyword sshdconfigKeyword X11MaxDisplays 269syn keyword sshdconfigKeyword X11UseLocalhost 270syn keyword sshdconfigKeyword XAuthLocation 271 272 273" Define the default highlighting 274 275hi def link sshdconfigComment Comment 276hi def link sshdconfigTodo Todo 277hi def link sshdconfigHostPort sshdconfigConstant 278hi def link sshdconfigTime sshdconfigConstant 279hi def link sshdconfigNumber sshdconfigConstant 280hi def link sshdconfigConstant Constant 281hi def link sshdconfigYesNo sshdconfigEnum 282hi def link sshdconfigAddressFamily sshdconfigEnum 283hi def link sshdconfigPrivilegeSeparation sshdconfigEnum 284hi def link sshdconfigTcpForwarding sshdconfigEnum 285hi def link sshdconfigRootLogin sshdconfigEnum 286hi def link sshdconfigCiphers sshdconfigEnum 287hi def link sshdconfigMAC sshdconfigEnum 288hi def link sshdconfigHostKeyAlgo sshdconfigEnum 289hi def link sshdconfigRootLogin sshdconfigEnum 290hi def link sshdconfigLogLevel sshdconfigEnum 291hi def link sshdconfigSysLogFacility sshdconfigEnum 292hi def link sshdconfigVar sshdconfigEnum 293hi def link sshdconfigCompression sshdconfigEnum 294hi def link sshdconfigIPQoS sshdconfigEnum 295hi def link sshdconfigKexAlgo sshdconfigEnum 296hi def link sshdconfigTunnel sshdconfigEnum 297hi def link sshdconfigSubsystem sshdconfigEnum 298hi def link sshdconfigEnum Function 299hi def link sshdconfigSpecial Special 300hi def link sshdconfigKeyword Keyword 301hi def link sshdconfigMatch Type 302 303let b:current_syntax = "sshdconfig" 304 305" vim:set ts=8 sw=2 sts=2: 306