summary refs log tree commit diff
path: root/Completion/Unix/Command/_ssh
blob: 293732cfd79fb7fd8f720c2a8b0733abf89e5113 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
#compdef ssh slogin=ssh scp ssh-add ssh-agent ssh-keygen sftp

_remote_files () {
  # There should be coloring based on all the different ls -F classifiers.
  local expl rempat remfiles remdispf remdispd args suf ret=1

  if zstyle -T ":completion:${curcontext}:files" remote-access; then
    zparseopts -D -E -a args p: 1 2 4 6 F:
    if [[ -z $QIPREFIX ]]
    then rempat="${PREFIX%%[^./][^/]#}\*"
    else rempat="${(q)PREFIX%%[^./][^/]#}\*"
    fi
    remfiles=(${(M)${(f)"$(_call_program files ssh -o BatchMode=yes $args -a -x ${IPREFIX%:} ls -d1FL "$rempat" 2>/dev/null)"}%%[^/]#(|/)})
    compset -P '*/'
    compset -S '/*' || suf='remote file'

    remdispf=(${remfiles:#*/})
    remdispd=(${(M)remfiles:#*/})

    _tags files
    while _tags; do
      while _next_label files expl ${suf:-remote directory}; do
        [[ -n $suf ]] && compadd "$@" "$expl[@]" -d remdispf \
	    ${(q)remdispf%[*=@|]} && ret=0 
	compadd ${suf:+-S/} "$@" "$expl[@]" -d remdispd \
	    ${(q)remdispd%/} && ret=0
      done
      (( ret )) || return 0
    done
    return ret
  else
    _message -e remote-files 'remote file'
  fi
}

_ssh () {
  local curcontext="$curcontext" state line expl common tmp cmds suf ret=1
  typeset -A opt_args

  common=(
    '-c+[select encryption cipher]:encryption cipher:(idea des 3des blowfish arcfour tss none)'
    '-C[compress data]'
    '-F+[specify alternate config file]:config file:_files'
    '-i+[select identity file]:SSH identity file:_files'
    '*-o+[specify extra options]:option string:->option'
    '(-2)-1[forces ssh to try protocol version 1 only]'
    '(-1)-2[forces ssh to try protocol version 2 only]'
    '(-6)-4[forces ssh to use IPv4 addresses only]'
    '(-4)-6[forces ssh to use IPv6 addresses only]'
  )

  case "$service" in
  ssh)
    _arguments -C -s \
      '(-A)-a[disable forwarding of authentication agent connection]' \
      '(-a)-A[enables forwarding of the authentication agent connection]' \
      '(-P)-b+[specify interface to transmit on]:bind address:_bind_addresses' \
      '-D+[specify a dynamic port forwarding]:port' \
      '-e+[set escape character]:escape character (or `none'"'"'):' \
      '(-n)-f[go to background]' \
      '-g[allow remote hosts to connect to local forwarded ports]' \
      '-I+[specify smartcard device]:device:_files' \
      '-k[disable forwarding of kerberos tickets]' \
      '-l+[specify login name]:login name:_ssh_users' \
      '(-1)-m+[specify mac algorithms]:mac spec' \
      '-n[redirect stdin from /dev/null]' \
      '(-1)-N[do not execute a remote command. (protocol version 2 only)]' \
      '-p+[specify port on remote host]:port number on remote host' \
      '-P[use non privileged port]' \
      '(-v)*-q[quiet operation]' \
      '(-1)-s[invoke subsystem]' \
      '(-T)-t[force pseudo-tty allocation]' \
      '(-1 -t)-T[disable pseudo-tty allocation (protocol version 2 only)]' \
      '(-q)*-v[verbose mode]' \
      '-V[show version number]' \
      '(-X)-x[disable X11 forwarding]' \
      '(-x)-X[enable X11 forwarding]' \
      '-M[master mode for connection sharing]' \
      '-S:path to control socket:_files' \
      '-O:multiplex control command:(check exit)' \
      '*-L[specify local port forwarding]:local port forwarding:->forward' \
      '*-R[specify remote port forwarding]:remote port forwarding:->forward' \
      ':remote host name:->userhost' \
      '*::args:->command' "$common[@]" && ret=0
    ;;
  scp)
    _arguments -C -s \
      '-p[preserve modification times]' \
      '-r[recursively copy directories]' \
      '-v[verbose mode]' \
      '-B[batch mode]' \
      '-q[disables the progress meter]' \
      '-P+[specify port on remote host]:port number on remote host' \
      '-S+[specify ssh program]:path to ssh:_command_names -e' \
      '*:file:->file' "$common[@]" && ret=0
    ;;
  ssh-add)
    _arguments -s \
      '-l[list all identities]' \
      '-L[lists public key parameters of all identities in the agent]'\
      '-d[remove identity]' \
      '-D[delete all identities]' \
      '-p[read passphrase from stdin]' \
      '*:SSH identity file:_files'
    return
    ;;
  ssh-agent)
    _arguments -s \
      '(*)-k[kill agent automatically]' \
      '(-c)-s[force sh-style shell]' \
      '(-s)-c[force csh-style shell]' \
      '(-k)-d[debug mode]' \
      '*::command: _normal'
    return
    ;;
  ssh-keygen)
    cmds=( -p -i -e -y -c -l -B -D -U )
    _arguments \
      '-q[silence ssh-keygen]' \
      "($cmds -P)-b[specify number of bits in key]:bits in key" \
      "($cmds -P)-t[specify the type of the key to create]:key type:(rsa1 rsa dsa)" \
      "(${cmds#-p })-N[provide new passphrase]:new passphrase" \
      "($cmds -b -t)-C[provide new comment]:new comment" \
      '(-D)-f[key file]:key file:_files' \
      '('${(j. .)cmds:#-[pc]}' -t -b)-P[provide old passphrase]:old passphrase' \
      "($cmds -q -b -t -C)-p[change passphrase of private key file]" \
      "($cmds -q -b -t -N -C -P)-i[import key to OpenSSH format]" \
      "($cmds -q -b -t -N -C -P)-e[export key to SECSH file format]" \
      "($cmds -q -b -t -N -C -P)-y[get public key from private key]" \
      "($cmds -q -b -t -N)-c[change comment in private and public key files]" \
      "($cmds -q -b -t -N -C -P)-l[show fingerprint of key file]" \
      "($cmds -q -b -t -N -C -P)-B[show the bubblebabble digest of key]" \
      "($cmds -q -b -t -N -C -P -f)-D[download key stored in smartcard reader]:reader" \
      "($cmds -q -b -t -N -C -P)-U[upload key to smartcard reader]:reader"
    return
    ;;
  sftp)
    _arguments -C -s \
      '-C[compress data]' \
      '-F+[specify alternate config file]:config file:_files' \
      '(-1)-s[invoke subsystem]' \
      '-S+[specify program]:program:_command_names -e' \
      '-B+[specify buffer size]:buffer size' \
      '-b+[specify batch file to read]:batch file:_files' \
      '*-v[verbose mode]' \
      '-1[forces ssh to try protocol version 1 only]' \
      '*-o+[specify extra options]:option string:->option' \
      '1:file:->rfile' '*:file:->file' && ret=0
    ;;
  esac

  while [[ -n "$state" ]]; do
    lstate="$state"
    state=''

    case "$lstate" in
    option)
      if compset -P '*[= ]'; then
        case "$IPREFIX" in
        *(#i)(afstokenpassing|batchmode|compression|fallbacktorsh|forward(agent|x11)|keepalive|passwordauthentication|rhosts(|rsa)authentication|rsaauthentication|usersh|kerberos(authetication|tgtparsing)|useprivileged)*)
	  _wanted values expl 'truth value' compadd yes no && ret=0
          ;;
        *(#i)ciphers*)
          _values -s , 'encryption cipher' \
	      'aes128-cbc' \
	      '3des-cbc' \
	      'blowfish-cbc' \
	      'cast128-cbc' \
	      'arcfour' \
	      'aes192-cbc' \
	      'aes256-cbc' \
	      'rijndael128-cbc' \
	      'rijndael192-cbc' \
	      'rijndael256-cbc' \
	      'rijndael-cbc@lysator.liu.se' && ret=0
          ;;
        *(#i)cipher*)
	  _wanted values expl 'encryption cipher' \
              compadd idea des 3des blowfish arcfour tss none && ret=0
          ;;
        *(#i)globalknownhostsfile*)
          _description files expl 'global file with known hosts'
          _files "$expl[@]" && ret=0
          ;;
        *(#i)hostname*)
	  _wanted hosts expl 'real host name to log into' _ssh_hosts && ret=0
          ;;
        *(#i)identityfile*)
          _description files expl 'SSH identity file'
          _files "$expl[@]" && ret=0
          ;;
        *(#i)(local|remote)forward*)
          state=forward
          ;;
        *(#i)protocol*)
          _values -s , 'protocol version' \
	      '1' \
	      '2' && ret=0
	  ;;
        *(#i)proxycommand*)
          compset -q
          shift 1 words
          (( CURRENT-- ))
          _normal && ret=0
          ;;
        *(#i)stricthostkeychecking*)
          _wanted values expl 'checking type' compadd yes no ask && ret=0
          ;;
        *(#i)userknownhostsfile*)
          _description files expl 'user file with known hosts'
          _files "$expl[@]" && ret=0
          ;;
        *(#i)user*)
	  _wanted users expl 'user to log in as' _ssh_users && ret=0
          ;;
        *(#i)xauthlocation*)
          _description files expl 'xauth program'
          _files "$expl[@]" -g '*(-*)' && ret=0
          ;;
	*(#i)controlmaster*)
	  _wanted values expl 'truthish value' compadd yes no auto autoask && ret=0
	  ;;
	*(#i)controlpath*)
          _description files expl 'path to control socket'
          _files "$expl[@]" && ret=0
	  ;;
        esac
      else
        _wanted values expl 'configure file option' \
            compadd -M 'm:{a-z}={A-Z}' -S '=' - \
	    	AddressFamily \
                AFSTokenPassing BatchMode BindAddress \
		ChallengeResponseAuthentication CheckHostIP \
		Cipher Ciphers ClearAllForwardings Compression \
                CompressionLevel ConnectionAttempts ConnectTimeout \
		ControlMaster ControlPath \
		DynamicForward EnableSSHKeysign \
		EscapeChar FallBackToRsh ForwardAgent ForwardX11 \
		ForwardX11Trusted \
                GatewayPorts GlobalKnownHostsFile GSSAPIAuthentication \
		GSSAPIDelegateCredentials HostbasedAuthentication \
		HostKeyAlgorithms HostKeyAlias HostName IdentityFile \
		IdentitiesOnly KbdInteractiveDevices \
		KeepAlive KerberosAuthentication KerberosTgtPassing \
		LocalForward LogLevel MACs NoHostAuthenticationForLocalhost \
		NumberOfPasswordPrompts PreferredAuthentications \
		PasswordAuthentication Port Protocol ProtocolKeepAlives \
                ProxyCommand PubkeyAuthentication RemoteForward \
		RhostsAuthentication RhostsRSAAuthentication \
		RSAAuthentication ServerAliveInterval ServerAliveCountMax \
		SetupTimeOut SmartcardDevice StrictHostKeyChecking \
		TCPKeepAlive \
                UsePrivilegedPort User UserKnownHostsFile UseRsh \
                VerifyHostKeyDNS XAuthLocation && ret=0
      fi
      ;;
    forward)
      if compset -P 1 '*:'; then
        if compset -P '*:'; then
          _message -e port-numbers 'port number'
        else
	  _wanted hosts expl host _ssh_hosts -qS:
        fi
      else
        _message -e port-numbers 'listen-port number'
      fi
      return
      ;;
    command)
      shift 1 words
      (( CURRENT-- ))
      _normal
      return
      ;;
    userhost)
      if compset -P '*@'; then
	_wanted hosts expl 'remote host name' _ssh_hosts && ret=0
      elif compset -S '@*'; then
        _wanted users expl 'login name' _ssh_users -S '' && ret=0
      else
        if (( $+opt_args[-l] )); then
	  tmp=()
	else
	  tmp=( 'users:login name:_ssh_users -qS@' )
	fi
	_alternative \
	    'hosts:remote host name:_ssh_hosts' \
	    "$tmp[@]" && ret=0
      fi
      ;;
    file)
      if compset -P '*:'; then
        _remote_files ${(kv)~opt_args[(I)-[FP1246]]/-P/-p} && ret=0
      elif compset -P '*@'; then
        suf=( -S '' )
        compset -S ':*' || suf=( -S : )
        _wanted hosts expl 'remote host name' _ssh_hosts $suf && ret=0
      else
        _alternative \
	    'files:: _files' \
	    'hosts:remote host name:_ssh_hosts -S:' \
	    'users:user:_ssh_users -qS@' && ret=0
      fi
      ;;
    rfile)
      if compset -P '*:'; then
        _remote_files && ret=0
      elif compset -P '*@'; then
        _wanted hosts expl host _ssh_hosts -S: && ret=0
      else
        _alternative \
	    'hosts:remote host name:_ssh_hosts -S:' \
	    'users:user:_ssh_users -qS@' && ret=0
      fi
      ;;
    esac
  done
}

_ssh_users () {
  _combination -s '[:@]' my-accounts users-hosts users "$@"
}

_ssh_hosts () {
  local -a config_hosts
  local config
  integer ind

  # If users-hosts matches, we shouldn't complete anything else.
  if [[ "$IPREFIX" == *@ ]]; then
    _combination -s '[:@]' my-accounts users-hosts "users=${IPREFIX/@}" hosts "$@" && return
  else
    _combination -s '[:@]' my-accounts users-hosts \
      ${opt_args[-l]:+"users=${opt_args[-l]:q}"} hosts "$@" && return
  fi
  if (( ind = ${words[(I)-F]} )); then
    config=${~words[ind+1]}
  else
    config="$HOME/.ssh/config"
  fi
  if [[ -r $config ]]; then
    local IFS=$'\t ' key hosts host
    while read key hosts; do
      if [[ "$key" == (#i)host ]]; then
	 for host in ${(z)hosts}; do
	    case $host in
	    (*[*?]*) ;;
	    (*) config_hosts+=("$host") ;;
	    esac
	 done
      fi
    done < "$config"
    if (( ${#config_hosts} )); then
      _wanted hosts expl 'remote host name' \
	compadd -M 'm:{a-zA-Z}={A-Za-z} r:|.=* r:|=*' "$@" $config_hosts
    fi
  fi
}

_ssh "$@"