#compdef ssh slogin=ssh scp ssh-add ssh-agent ssh-keygen sftp _remote_files () { # There should be coloring based on all the different ls -F classifiers. local expl rempat remfiles remdispf remdispd args suf ret=1 if zstyle -T ":completion:${curcontext}:files" remote-access; then zparseopts -D -E -a args p: 1 2 4 6 F: if [[ -z $QIPREFIX ]] then rempat="${PREFIX%%[^./][^/]#}\*" else rempat="${(q)PREFIX%%[^./][^/]#}\*" fi remfiles=(${(M)${(f)"$(_call_program files ssh -o BatchMode=yes $args -a -x ${IPREFIX%:} ls -d1FL "$rempat" 2>/dev/null)"}%%[^/]#(|/)}) compset -P '*/' compset -S '/*' || suf='remote file' remdispf=(${remfiles:#*/}) remdispd=(${(M)remfiles:#*/}) _tags files while _tags; do while _next_label files expl ${suf:-remote directory}; do [[ -n $suf ]] && compadd "$@" "$expl[@]" -d remdispf \ ${(q)remdispf%[*=@|]} && ret=0 compadd ${suf:+-S/} "$@" "$expl[@]" -d remdispd \ ${(q)remdispd%/} && ret=0 done (( ret )) || return 0 done return ret else _message -e remote-files 'remote file' fi } _ssh () { local curcontext="$curcontext" state line expl common tmp cmds suf ret=1 typeset -A opt_args common=( '-c+[select encryption cipher]:encryption cipher:(idea des 3des blowfish arcfour tss none)' '-C[compress data]' '-F+[specify alternate config file]:config file:_files' '-i+[select identity file]:SSH identity file:_files' '*-o+[specify extra options]:option string:->option' '(-2)-1[forces ssh to try protocol version 1 only]' '(-1)-2[forces ssh to try protocol version 2 only]' '(-6)-4[forces ssh to use IPv4 addresses only]' '(-4)-6[forces ssh to use IPv6 addresses only]' ) case "$service" in ssh) _arguments -C -s \ '(-A)-a[disable forwarding of authentication agent connection]' \ '(-a)-A[enables forwarding of the authentication agent connection]' \ '(-P)-b+[specify interface to transmit on]:bind address:_bind_addresses' \ '-D+[specify a dynamic port forwarding]:port' \ '-e+[set escape character]:escape character (or `none'"'"'):' \ '(-n)-f[go to background]' \ '-g[allow remote hosts to connect to local forwarded ports]' \ '-I+[specify smartcard device]:device:_files' \ '-k[disable forwarding of kerberos tickets]' \ '-l+[specify login name]:login name:_ssh_users' \ '(-1)-m+[specify mac algorithms]:mac spec' \ '-n[redirect stdin from /dev/null]' \ '(-1)-N[do not execute a remote command. (protocol version 2 only)]' \ '-p+[specify port on remote host]:port number on remote host' \ '-P[use non privileged port]' \ '(-v)*-q[quiet operation]' \ '(-1)-s[invoke subsystem]' \ '(-T)-t[force pseudo-tty allocation]' \ '(-1 -t)-T[disable pseudo-tty allocation (protocol version 2 only)]' \ '(-q)*-v[verbose mode]' \ '-V[show version number]' \ '(-X)-x[disable X11 forwarding]' \ '(-x)-X[enable X11 forwarding]' \ '-M[master mode for connection sharing]' \ '-S:path to control socket:_files' \ '-O:multiplex control command:(check exit)' \ '*-L[specify local port forwarding]:local port forwarding:->forward' \ '*-R[specify remote port forwarding]:remote port forwarding:->forward' \ ':remote host name:->userhost' \ '*::args:->command' "$common[@]" && ret=0 ;; scp) _arguments -C -s \ '-p[preserve modification times]' \ '-r[recursively copy directories]' \ '-v[verbose mode]' \ '-B[batch mode]' \ '-q[disables the progress meter]' \ '-P+[specify port on remote host]:port number on remote host' \ '-S+[specify ssh program]:path to ssh:_command_names -e' \ '*:file:->file' "$common[@]" && ret=0 ;; ssh-add) _arguments -s \ '-l[list all identities]' \ '-L[lists public key parameters of all identities in the agent]'\ '-d[remove identity]' \ '-D[delete all identities]' \ '-p[read passphrase from stdin]' \ '*:SSH identity file:_files' return ;; ssh-agent) _arguments -s \ '(*)-k[kill agent automatically]' \ '(-c)-s[force sh-style shell]' \ '(-s)-c[force csh-style shell]' \ '(-k)-d[debug mode]' \ '*::command: _normal' return ;; ssh-keygen) cmds=( -p -i -e -y -c -l -B -D -U ) _arguments \ '-q[silence ssh-keygen]' \ "($cmds -P)-b[specify number of bits in key]:bits in key" \ "($cmds -P)-t[specify the type of the key to create]:key type:(rsa1 rsa dsa)" \ "(${cmds#-p })-N[provide new passphrase]:new passphrase" \ "($cmds -b -t)-C[provide new comment]:new comment" \ '(-D)-f[key file]:key file:_files' \ '('${(j. .)cmds:#-[pc]}' -t -b)-P[provide old passphrase]:old passphrase' \ "($cmds -q -b -t -C)-p[change passphrase of private key file]" \ "($cmds -q -b -t -N -C -P)-i[import key to OpenSSH format]" \ "($cmds -q -b -t -N -C -P)-e[export key to SECSH file format]" \ "($cmds -q -b -t -N -C -P)-y[get public key from private key]" \ "($cmds -q -b -t -N)-c[change comment in private and public key files]" \ "($cmds -q -b -t -N -C -P)-l[show fingerprint of key file]" \ "($cmds -q -b -t -N -C -P)-B[show the bubblebabble digest of key]" \ "($cmds -q -b -t -N -C -P -f)-D[download key stored in smartcard reader]:reader" \ "($cmds -q -b -t -N -C -P)-U[upload key to smartcard reader]:reader" return ;; sftp) _arguments -C -s \ '-C[compress data]' \ '-F+[specify alternate config file]:config file:_files' \ '(-1)-s[invoke subsystem]' \ '-S+[specify program]:program:_command_names -e' \ '-B+[specify buffer size]:buffer size' \ '-b+[specify batch file to read]:batch file:_files' \ '*-v[verbose mode]' \ '-1[forces ssh to try protocol version 1 only]' \ '*-o+[specify extra options]:option string:->option' \ '1:file:->rfile' '*:file:->file' && ret=0 ;; esac while [[ -n "$state" ]]; do lstate="$state" state='' case "$lstate" in option) if compset -P '*[= ]'; then case "$IPREFIX" in *(#i)(afstokenpassing|batchmode|compression|fallbacktorsh|forward(agent|x11)|keepalive|passwordauthentication|rhosts(|rsa)authentication|rsaauthentication|usersh|kerberos(authetication|tgtparsing)|useprivileged)*) _wanted values expl 'truth value' compadd yes no && ret=0 ;; *(#i)ciphers*) _values -s , 'encryption cipher' \ 'aes128-cbc' \ '3des-cbc' \ 'blowfish-cbc' \ 'cast128-cbc' \ 'arcfour' \ 'aes192-cbc' \ 'aes256-cbc' \ 'rijndael128-cbc' \ 'rijndael192-cbc' \ 'rijndael256-cbc' \ 'rijndael-cbc@lysator.liu.se' && ret=0 ;; *(#i)cipher*) _wanted values expl 'encryption cipher' \ compadd idea des 3des blowfish arcfour tss none && ret=0 ;; *(#i)globalknownhostsfile*) _description files expl 'global file with known hosts' _files "$expl[@]" && ret=0 ;; *(#i)hostname*) _wanted hosts expl 'real host name to log into' _ssh_hosts && ret=0 ;; *(#i)identityfile*) _description files expl 'SSH identity file' _files "$expl[@]" && ret=0 ;; *(#i)(local|remote)forward*) state=forward ;; *(#i)protocol*) _values -s , 'protocol version' \ '1' \ '2' && ret=0 ;; *(#i)proxycommand*) compset -q shift 1 words (( CURRENT-- )) _normal && ret=0 ;; *(#i)stricthostkeychecking*) _wanted values expl 'checking type' compadd yes no ask && ret=0 ;; *(#i)userknownhostsfile*) _description files expl 'user file with known hosts' _files "$expl[@]" && ret=0 ;; *(#i)user*) _wanted users expl 'user to log in as' _ssh_users && ret=0 ;; *(#i)xauthlocation*) _description files expl 'xauth program' _files "$expl[@]" -g '*(-*)' && ret=0 ;; *(#i)controlmaster*) _wanted values expl 'truthish value' compadd yes no auto autoask && ret=0 ;; *(#i)controlpath*) _description files expl 'path to control socket' _files "$expl[@]" && ret=0 ;; esac else _wanted values expl 'configure file option' \ compadd -M 'm:{a-z}={A-Z}' -S '=' - \ AddressFamily \ AFSTokenPassing BatchMode BindAddress \ ChallengeResponseAuthentication CheckHostIP \ Cipher Ciphers ClearAllForwardings Compression \ CompressionLevel ConnectionAttempts ConnectTimeout \ ControlMaster ControlPath \ DynamicForward EnableSSHKeysign \ EscapeChar FallBackToRsh ForwardAgent ForwardX11 \ ForwardX11Trusted \ GatewayPorts GlobalKnownHostsFile GSSAPIAuthentication \ GSSAPIDelegateCredentials HostbasedAuthentication \ HostKeyAlgorithms HostKeyAlias HostName IdentityFile \ IdentitiesOnly KbdInteractiveDevices \ KeepAlive KerberosAuthentication KerberosTgtPassing \ LocalForward LogLevel MACs NoHostAuthenticationForLocalhost \ NumberOfPasswordPrompts PreferredAuthentications \ PasswordAuthentication Port Protocol ProtocolKeepAlives \ ProxyCommand PubkeyAuthentication RemoteForward \ RhostsAuthentication RhostsRSAAuthentication \ RSAAuthentication ServerAliveInterval ServerAliveCountMax \ SetupTimeOut SmartcardDevice StrictHostKeyChecking \ TCPKeepAlive \ UsePrivilegedPort User UserKnownHostsFile UseRsh \ VerifyHostKeyDNS XAuthLocation && ret=0 fi ;; forward) if compset -P 1 '*:'; then if compset -P '*:'; then _message -e port-numbers 'port number' else _wanted hosts expl host _ssh_hosts -qS: fi else _message -e port-numbers 'listen-port number' fi return ;; command) shift 1 words (( CURRENT-- )) _normal return ;; userhost) if compset -P '*@'; then _wanted hosts expl 'remote host name' _ssh_hosts && ret=0 elif compset -S '@*'; then _wanted users expl 'login name' _ssh_users -S '' && ret=0 else if (( $+opt_args[-l] )); then tmp=() else tmp=( 'users:login name:_ssh_users -qS@' ) fi _alternative \ 'hosts:remote host name:_ssh_hosts' \ "$tmp[@]" && ret=0 fi ;; file) if compset -P '*:'; then _remote_files ${(kv)~opt_args[(I)-[FP1246]]/-P/-p} && ret=0 elif compset -P '*@'; then suf=( -S '' ) compset -S ':*' || suf=( -S : ) _wanted hosts expl 'remote host name' _ssh_hosts $suf && ret=0 else _alternative \ 'files:: _files' \ 'hosts:remote host name:_ssh_hosts -S:' \ 'users:user:_ssh_users -qS@' && ret=0 fi ;; rfile) if compset -P '*:'; then _remote_files && ret=0 elif compset -P '*@'; then _wanted hosts expl host _ssh_hosts -S: && ret=0 else _alternative \ 'hosts:remote host name:_ssh_hosts -S:' \ 'users:user:_ssh_users -qS@' && ret=0 fi ;; esac done } _ssh_users () { _combination -s '[:@]' my-accounts users-hosts users "$@" } _ssh_hosts () { local -a config_hosts local config integer ind # If users-hosts matches, we shouldn't complete anything else. if [[ "$IPREFIX" == *@ ]]; then _combination -s '[:@]' my-accounts users-hosts "users=${IPREFIX/@}" hosts "$@" && return else _combination -s '[:@]' my-accounts users-hosts \ ${opt_args[-l]:+"users=${opt_args[-l]:q}"} hosts "$@" && return fi if (( ind = ${words[(I)-F]} )); then config=${~words[ind+1]} else config="$HOME/.ssh/config" fi if [[ -r $config ]]; then local IFS=$'\t ' key hosts host while read key hosts; do if [[ "$key" == (#i)host ]]; then for host in ${(z)hosts}; do case $host in (*[*?]*) ;; (*) config_hosts+=("$host") ;; esac done fi done < "$config" if (( ${#config_hosts} )); then _wanted hosts expl 'remote host name' \ compadd -M 'm:{a-zA-Z}={A-Za-z} r:|.=* r:|=*' "$@" $config_hosts fi fi } _ssh "$@"