summary refs log tree commit diff
path: root/Completion/Unix/Command/_ssh
blob: 672031c36359ade2f01166d03eef621f8f759de4 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
#compdef ssh slogin=ssh scp ssh-add ssh-agent ssh-keygen

_remote_files () {
  # There should be coloring based on all the different ls -F classifiers.
  local expl remfiles remdispf remdispd

  if zstyle -T ":completion:${curcontext}:" remote-access; then
    remfiles=(${(f)"$(ssh -a -x ${words[CURRENT]%:*} ls -d1F ${${${words[CURRENT]#*:}:h}/\\/(#e)/}/\* 2>/dev/null)"})

    remdispf=(${remfiles:#*/})
    remdispd=(${(M)remfiles:#*/})

    _wanted files expl 'remote files and directories' \
      compadd -d remdispf ${${remfiles:#*/}/[*=@|](#e)/}
      
    _wanted files expl 'remote files and directories' \
      compadd -S/ -d remdispd ${${(M)remfiles:#*/}/\\/(#e)/}
  else
    _message 'remote files'
  fi
}

_ssh () {
  local curcontext="$curcontext" state lstate line ret=1 expl args tmp
  typeset -A opt_args

  args=()

  # ssh-opt is a pseudo-command used to complete ssh options for `scp -o'.

  case "$service" in
  ssh)
    args=(
      ':remote host name:->userhost'
      '(-):command: _command_names -e'
      '*::args:->command'
    )
    ;&
  ssh-opt)
    _arguments -C -s \
      '-a[disable forwarding of authentication agent connection]' \
      '-A[enables forwarding of the authentication agent connection]' \
      '-c[select encryption cipher]:encryption cipher:(idea des 3des blowfish arcfour tss none)' \
      '-e[set escape character]:escape character (or `none'"'"'):' \
      '(-n)-f[go to background]' \
      '-g[allows remote hosts to connect to local forwarded ports]'\
      '-i[select identity file]:SSH identity file:_files' \
      '-k[disable forwarding of kerberos tickets]' \
      '-l[specify login name]:login name:_ssh_users' \
      '-n[redirect stdin from /dev/null]' \
      '-N[do not execute a remote command. (protocol version 2 only)]'\
      '*-o[specify extra options]:option string:->option' \
      '-p[specify port on remote host]:port number on remote host:_ports' \
      '-P[use non privileged port]' \
      '-q[quiet operation]' \
      '-t[force pseudo-tty allocation]' \
      '-T[disable pseudo-tty allocation (protocol version 2 only)]'\
      '-v[verbose mode]' \
      '-V[show version number]' \
      '-x[disable X11 forwarding]' \
      '-X[enable X11 forwarding]' \
      '-C[compress all data]' \
      '-L[specify local port forwarding]:local port forwarding:->forward' \
      '-R[specify remote port forwarding]:remote port forwarding:->forward' \
      '-2[forces ssh to try protocol version 2 only]'\
      '-4[forces ssh to use IPv4 addresses only]' \
      '-6[forces ssh to use IPv6 addresses only]' \
      "$args[@]" && ret=0

    while [[ -n "$state" ]]; do
      lstate="$state"
      state=''

      case "$lstate" in
      option)
        if compset -P '*[= ]'; then
          case "$IPREFIX" in
          *(#i)(batchmode|compression|fallbacktorsh|forward(agent|x11)|keepalive|passwordauthentication|rhosts(|rsa)authentication|rsaauthentication|usersh|kerberos(authetication|tgtparsing)|useprivileged)*)
	    _wanted values expl 'truth value' compadd yes no && ret=0
            ;;
          *(#i)ciphers*)
            _values -s , 'encryption cipher' \
		'aes128-cbc' \
		'3des-cbc' \
		'blowfish-cbc' \
		'cast128-cbc' \
		'arcfour' \
		'aes192-cbc' \
		'aes256-cbc' \
		'rijndael128-cbc' \
		'rijndael192-cbc' \
		'rijndael256-cbc' \
		'rijndael-cbc@lysator.liu.se' && ret=0
            ;;
          *(#i)cipher*)
	    _wanted values expl 'encryption cipher' \
                compadd idea des 3des blowfish arcfour tss none && ret=0
            ;;
          *(#i)globalknownhostsfile*)
            _description files expl 'global file with known hosts'
            _files "$expl[@]" && ret=0
            ;;
          *(#i)hostname*)
	    _wanted hosts expl 'real host name to log into' _ssh_hosts && ret=0
            ;;
          *(#i)identityfile*)
            _description files expl 'SSH identity file'
            _files "$expl[@]" && ret=0
            ;;
          *(#i)(local|remote)forward*)
            state=forward
            ;;
          *(#i)protocol*)
            _values -s , 'protocol version' \
		'1' \
		'2' && ret=0
	    ;;
          *(#i)proxycommand*)
            compset -q
            shift 1 words
            (( CURRENT-- ))
            _normal && ret=0
            ;;
          *(#i)stricthostkeychecking*)
            _wanted values expl 'checking type' compadd yes no ask && ret=0
            ;;
          *(#i)userknownhostsfile*)
            _description files expl 'user file with known hosts'
            _files "$expl[@]" && ret=0
            ;;
          *(#i)user*)
	    _wanted users expl 'user to log in as' _ssh_users && ret=0
            ;;
          *(#i)xauthlocation*)
            _description files expl 'xauth program'
            _files "$expl[@]" -g '*(-*)' && ret=0
            ;;
          esac
        else
          _wanted values expl 'configure file option' \
              compadd -M 'm:{a-z}={A-Z}' -S '=' - \
                  BatchMode ClearAllForwardings Cipher Ciphers Compression \
                  CompressionLevel Host ConnectionAttempts EscapeChar \
                  FallBackToRsh ForwardAgent ForwardX11 \
                  GlobalKnownHostsFile HostName IdentityFile KeepAlive \
                  KerberosAuthentication KerberosTgtPassing LocalForward \
                  NumberOfPasswordPrompts PasswordAuthentication Port \
                  ProxyCommand RemoteForward RhostsAuthentication \
                  RhostsRSAAuthentication RSAAuthentication \
                  StrictHostKeyChecking TISAuthentication \
                  UsePrivilegedPort Protocol User UserKnownHostsFile UseRsh \
                  XAuthLocation && ret=0
        fi
        ;;
      forward)
        if compset -P 1 '*:'; then
          if compset -P '*:'; then
            _message 'port number'
          else
	    _wanted hosts expl host _ssh_hosts -qS:
          fi
        else
          _message 'listen-port number'
        fi
        return
        ;;
      command)
        shift 1 words
        (( CURRENT-- ))
        _normal
        return
        ;;
      userhost)
        if compset -P '*@'; then
	  _wanted hosts expl 'remote host name' _ssh_hosts && ret=0
        elif compset -S '@*'; then
          _wanted users expl 'login name' _ssh_users -S '' && ret=0
        else
          if (( $+opt_args[-l] )); then
	    tmp=()
	  else
	    tmp=( 'users:login name:_ssh_users -qS@' )
	  fi
	  _alternative \
	      'hosts:remote host name:_ssh_hosts' \
	      "$tmp[@]" && ret=0
        fi
        ;;
      esac

      break;
    done

    return ret
    ;;
  scp)
    _arguments -C -s \
      '-c[select encryption cipher]:encryption cipher:(idea des 3des blowfish arcfour tss none)' \
      '-i[select identity file]:SSH identity file:_files' \
      '-p[preserve modification times]' \
      '-r[recursively copy directories]' \
      '-v[verbose mode]' \
      '-B[batch mode]' \
      '-q[disables the progress meter]' \
      '-C[compress data]' \
      '-P[specify port on remote host]:port number on remote host:' \
      '-4[forces scp to use IPv4 addresses only]' \
      '-6[forces scp to use IPv6 addresses only]' \
      '-S[specify path to ssh]:path to ssh:_files -g \*\(-\*\)' \
      '-o[give SSH options]:options:->options' \
      '*:file:->file' && ret=0

    if [[ "$state" = options ]]; then
      compset -q
      words=(ssh-opt "$words[@]" )
      (( CURRENT++ ))
      service=ssh-opt
      _ssh
      return
    elif [[ -n "$state" ]]; then
      if compset -P '*:'; then
        _remote_files && ret=0
      elif compset -P '*@'; then
        _wanted hosts expl host _ssh_hosts -S: && ret=0
      else
        _alternative \
	    'files:: _files' \
	    'hosts:host:_ssh_hosts -S:' \
	    'users:user:_ssh_users -qS@' && ret=0
      fi
    fi
    return ret
    ;;
  ssh-add)
    _arguments -s \
      '-l[list all identities]' \
      '-L[lists public key parameters of all identities in the agent]'\
      '-d[remove identity]' \
      '-D[delete all identities]' \
      '-p[read passphrase from stdin]' \
      '*:SSH identity file:_files'
    return
    ;;
  ssh-agent)
    _arguments -s \
      '(:)-k[kill agent automatically]' \
      '(:)-s[force sh-style shell]' \
      '(:)-c[force csh-style shell]' \
      '*::command: _normal'
    return
    ;;
  ssh-keygen)
    _arguments \
      '(-p -c -u -P)-b[specify number of bits in key]:bits in key:' \
      '(-p -c)-f[key file]:key file:_files' \
      '(-c -u)-N[specify new passphrase]:new passphrase:' \
      '(-b -u -f)-P[specify old passphrase]:old passphrase:' \
      '(-p -u)-C[specify new comment]:new comment:' \
      '(-b -f -C -u -c)-p[change passphrase of private key file]' \
      '(-b -f -N -p -u)-c[change comment in private and public key files]' \
      '-l[show fingerprint of specified private or public key file]' \
      '-q[silence ssh-keygen]' \
      '-R[exit 0 or 1 if RSA support is functional]' \
      '-x[read a DSA private key and print a SSH2 public key to stdout]'\
      '-X[read a SSH2 public key and print a DSA public key to stdout]'\
      '-y[read a DSA private key and print a DSA public key to stdout]'\
      '(-b -N -C -p -c)-u[change key cipher to default]'
    return
    ;;
  esac
}

_ssh_users () {
  _combination -s '[:@]' my-accounts users-hosts users "$@"
}

_ssh_hosts () {
  if [[ "$IPREFIX" == *@ ]]; then
    _combination -s '[:@]' my-accounts users-hosts "users=${IPREFIX/@}" hosts "$@"
  else
    _combination -s '[:@]' my-accounts users-hosts \
      ${opt_args[-l]:+"users=${opt_args[-l]:q}"} hosts "$@"
  fi
}

_ssh "$@"