#compdef ssh ssh-add ssh-agent ssh-keygen local state lstate line ret=1 expl typeset -A options case "$words[1]" in ssh) _arguments -s \ '-a[disable forwarding of authentication agent connection]' \ '-c[select encryption cipher]:encryption cipher:(idea des 3des blowfish arcfour tss none)' \ '-e[set escape character]:escape character (or `none'"'"'):' \ '(-n)-f[go to background]' \ '-i[select identity file]:SSH identity file:_files' \ '-k[disable forwarding of kerberos tickets]' \ '-l[specify login name]:login name:_users' \ '-n[redirect stdin from /dev/null]' \ '*-o[specify extra options]:option string:->option' \ '-p[specify port on remote host]:port number on remote host:' \ '-q[quiet operation]' \ '-P[use non priviledged port]' \ '-t[force pseudo-tty allocation]' \ '-v[verbose mode]' \ '-V[show version number]' \ '-x[disable X11 forwarding]' \ '-C[compress all data]' \ '-L[specify local port forwarding]:local port forwarding:->forward' \ '-R[specify remote port forwarding]:remote port forwarding:->forward' \ ':remote host name:_hosts' \ ':command: _command_names -e' \ '*::args:->command' && ret=0 while [[ -n "$state" ]]; do lstate="$state" state='' case "$lstate" in option) if compset -P '* '; then case "$IPREFIX" in *(#i)(batchmode|compression|fallbacktorsh|forward(agent|x11)|keepalive|passwordauthentication|rhosts(|rsa)authentication|rsaauthentication|usersh|kerberos(authetication|tgtparsing)|usepriviledgedport)*) compadd yes no && ret=0 ;; *(#i)cipher*) _description expl 'encryption cipher' compadd "$expl[@]" idea des 3des blowfish arcfour tss none && ret=0 ;; *(#i)globalknownhostsfile*) _description expl 'global file with known hosts' _files "$expl[@]" && ret=0 ;; *(#i)hostname*) _description expl 'real host name to log into' _hosts "$expl[@]" && ret=0 ;; *(#i)identityfile*) _description expl 'SSH identity file' _files "$expl[@]" && ret=0 ;; *(#i)(local|remote)forward*) state=forward ;; *(#i)proxycommand*) compset -q shift 1 words (( CURRENT-- )) _normal && ret=0 ;; *(#i)stricthostkeychecking*) compadd yes no ask ;; *(#i)userknownhostsfile*) _description expl 'user file with known hosts' _files "$expl[@]" && ret=0 ;; *(#i)user*) _description expl 'user to log in as' _users "$expl[@]" && ret=0 ;; *(#i)xauthlocation*) _description expl 'xauth program' _files "$expl[@]" -g '*(*)' && ret=0 ;; esac else _description expl 'configure file option' compadd "$expl[@]" -M 'm:{a-z}={A-Z}' -S ' ' - \ BatchMode ClearAllForwardings Cipher Compression CompressionLevel \ Host ConnectionAttempts EscapeChar FallBackToRsh ForwardAgent \ ForwardX11 GlobalKnownHostsFile HostName IdentityFile KeepAlive \ KerberosAuthentication KerberosTgtPassing LocalForward \ NumberOfPasswordPrompts PasswordAuthentication Port ProxyCommand \ RemoteForward RhostsAuthentication RhostsRSAAuthentication \ RSAAuthentication StrictHostKeyChecking TISAuthentication \ UsePriviledgedPort User UserKnownHostsFile UseRsh \ XAuthLocation && ret=0 fi ;; forward) if compset -P 1 '*:'; then if compset -P '*:'; then _message 'port number' else _hosts -S: fi else _message 'listen-port number' fi return ;; command) shift 1 words (( CURRENT-- )) _normal return ;; esac break; done return ret ;; ssh-add) _arguments -s \ '-p[read passphrase from stdin]' \ '-l[list all identities]' \ '-d[remove identity]' \ '-D[delete all identities]' \ '*:SSH identity file:_files' return ;; ssh-agent) _arguments -s \ '(:)-k[kill agent automatically]' \ '(:)-s[force sh-style shell]' \ '(:)-c[force csh-style shell]' \ '*::command: _normal' return ;; ssh-keygen) _arguments \ '(-p -c -u -P)-b[specify number of bits in key]:bits in key:' \ '(-p -c)-f[key file]:key file:_files' \ '(-c -u)-N[specify new passphrase]:new passphrase:' \ '(-b -u -f)-P[specify old passphrase]:old passphrase:' \ '(-p -u)-C[specify new comment]:new comment:' \ '(-b -f -C -u -c)-p[change passphrase of private key file]' \ '(-b -f -N -p -u)-c[change comment in private and public key files]' \ '(-b -N -C -p -c)-u[change key cipher to default]' return ;; esac