diff options
Diffstat (limited to 'Completion/Unix/Command/_ssh')
| -rw-r--r-- | Completion/Unix/Command/_ssh | 249 |
1 files changed, 96 insertions, 153 deletions
diff --git a/Completion/Unix/Command/_ssh b/Completion/Unix/Command/_ssh index 984c96e93..20a5536ee 100644 --- a/Completion/Unix/Command/_ssh +++ b/Completion/Unix/Command/_ssh @@ -4,23 +4,20 @@ _ssh () { local curcontext="$curcontext" state line expl suf ret=1 - local args common tmp p1 file cmn cmds sdesc + local args common common_transfer algopt tmp p1 file cmn cmds sdesc typeset -A opt_args common=( - '(-2)-1[forces ssh to try protocol version 1 only]' - '(-1)-2[forces ssh to try protocol version 2 only]' '(-6)-4[forces ssh to use IPv4 addresses only]' '(-4)-6[forces ssh to use IPv6 addresses only]' '-C[compress data]' - # for protocol version 2, this can be a comma-separated list - '-c+[select encryption cipher]:encryption cipher:(idea des 3des blowfish arcfour tss none)' + '-c+[select encryption cipher]:encryption cipher:->ciphers' '-F+[specify alternate config file]:config file:_files' '*-i+[select identity file]:SSH identity file:_files -g "*(-.^AR)"' '*-o+[specify extra options]:option string:->option' ) common_transfer=( - '-l[limit used bandwidth]:bandwidth in KiB/s:' + '-l+[limit used bandwidth]:bandwidth (Kbit/s)' '-P+[specify port on remote host]:port number on remote host' '-p[preserve modification times, access times and modes]' '-q[disable progress meter and warnings]' @@ -28,16 +25,17 @@ _ssh () { '-S+[specify ssh program]:path to ssh:_command_names -e' \ '-v[verbose mode]' ) + algopt='-E+[specify hash algorithm for fingerprints]:algorithm:(md5 sha256)' case "$service" in ssh) _arguments -C -s \ - '(-a)-A[enables forwarding of the authentication agent connection]' \ + '(-a)-A[enable forwarding of the authentication agent connection]' \ '(-A)-a[disable forwarding of authentication agent connection]' \ '(-P)-b+[specify interface to transmit on]:bind address:_bind_addresses' \ '-D+[specify a dynamic port forwarding]:dynamic port forwarding:->dynforward' \ '-e+[set escape character]:escape character (or `none'\''):' \ - '-E[append log output to file instead of stderr]:_files' \ + '-E+[append log output to file instead of stderr]:_files' \ '(-n)-f[go to background]' \ '-g[allow remote hosts to connect to local forwarded ports]' \ '-G[output configuration and exit]' \ @@ -45,26 +43,26 @@ _ssh () { '-J+[connect via a jump host]: :->userhost' \ '-K[enable GSSAPI-based authentication and forwarding]' \ '-k[disable forwarding of GSSAPI credentials]' \ - '*-L[specify local port forwarding]:local port forwarding:->forward' \ + '*-L+[specify local port forwarding]:local port forwarding:->forward' \ '-l+[specify login name]:login name:_ssh_users' \ '-M[master mode for connection sharing]' \ - '(-1)-m+[specify mac algorithms]:mac spec:->macs' \ - '(-1)-N[do not execute a remote command (protocol version 2 only)]' \ + '-m+[specify mac algorithms]: :->macs' \ + "-N[don't execute a remote command]" \ '-n[redirect stdin from /dev/null]' \ - '-O[control an active connection multiplexing master process]:multiplex control command:((check\:"check master process is running" exit\:"request the master to exit" forward\:"request forward without command execution" stop\:"request the master to stop accepting further multiplexing requests" cancel\:"cancel existing forwardings with -L and/or -R" proxy))' \ + '-O+[control an active connection multiplexing master process]:multiplex control command:((check\:"check master process is running" exit\:"request the master to exit" forward\:"request forward without command execution" stop\:"request the master to stop accepting further multiplexing requests" cancel\:"cancel existing forwardings with -L and/or -R" proxy))' \ '-P[use non privileged port]' \ '-p+[specify port on remote host]:port number on remote host' \ '(-v)*-q[quiet operation]' \ - '*-R[specify remote port forwarding]:remote port forwarding:->forward' \ + '*-R+[specify remote port forwarding]:remote port forwarding:->forward' \ '-S+[specify location of control socket for connection sharing]:path to control socket:_files' \ - '-Q[query parameters]:parameter type:((cipher\:"supported symmetric ciphers" cipher-auth\:"supported symmetric ciphers that support authenticated encryption" mac\:"supported message integrity codes" kex\:"key exchange algorithms" key\:"key types" protocol-version\:"supported SSH protocol versions"))' \ - '(-1)-s[invoke subsystem]' \ - '(-1 -t)-T[disable pseudo-tty allocation (protocol version 2 only)]' \ + '-Q+[query parameters]:parameter type:((cipher\:"supported symmetric ciphers" cipher-auth\:"supported symmetric ciphers that support authenticated encryption" mac\:"supported message integrity codes" kex\:"key exchange algorithms" key\:"key types" protocol-version\:"supported SSH protocol versions"))' \ + '-s[invoke subsystem]' \ + '(-t)-T[disable pseudo-tty allocation]' \ '(-T)-t[force pseudo-tty allocation]' \ '-V[show version number]' \ '(-q)*-v[verbose mode (multiple increase verbosity, up to 3)]' \ - '-W[forward standard input and output to host]:stdinout forward:->hostport' \ - '-w[request tunnel device forwarding]:local_tun[\:remote_tun] (integer or "any"):' \ + '-W+[forward standard input and output to host]:stdinout forward:->hostport' \ + '-w+[request tunnel device forwarding]:local_tun[\:remote_tun] (integer or "any"):' \ '(-x -Y)-X[enable (untrusted) X11 forwarding]' \ '(-X -Y)-x[disable X11 forwarding]' \ '(-x -X)-Y[enable trusted X11 forwarding]' \ @@ -79,17 +77,22 @@ _ssh () { '*:file:->file' "$common[@]" "$common_transfer[@]" && ret=0 ;; ssh-add) - _arguments -s \ + [[ $OSTYPE == darwin* ]] && args=( + '-A[add identities from keychain]' + '-K[update keychain when adding/removing identities]' + ) + _arguments -s : $args \ '-c[identity is subject to confirmation via SSH_ASKPASS]' \ '-D[delete all identities]' \ '-d[remove identity]' \ - '-E[specify hash algorithm for fingerprints]:algorithm:(md5 sha256)' \ - '-e[remove keys provided by the PKCS#11 shared library]:library:_files -g "*.(so|dylib)(|.<->)(-.)"' \ + $algopt \ + '-e+[remove keys provided by the PKCS#11 shared library]:library:_files -g "*.(so|dylib)(|.<->)(-.)"' \ '-k[load plain private keys only and skip certificates]' \ - '-L[lists public key parameters of all identities in the agent]'\ + '-L[list public key parameters of all identities in the agent]'\ '-l[list all identities]' \ - '-s[add keys provided by the PKCS#11 shared library]:library:_files -g "*.(so|dylib)(|.<->)(-.)"' \ - '-t[set maximum lifetime for identity]:maximum lifetime (in seconds or time format):' \ + '-s+[add keys provided by the PKCS#11 shared library]:library:_files -g "*.(so|dylib)(|.<->)(-.)"' \ + '-t+[set maximum lifetime for identity]:maximum lifetime (in seconds or time format):' \ + '-q[be quiet after a successful operation]' \ '-X[unlock the agent]' \ '-x[lock the agent with a password]' \ '*:SSH identity file:_files' @@ -97,10 +100,13 @@ _ssh () { ;; ssh-agent) _arguments -s \ - '(-k)-a[UNIX-domain socket to bind agent to]:UNIX-domain socket:_files' \ + '(-k)-a+[UNIX-domain socket to bind agent to]:UNIX-domain socket:_files' \ '(-k -s)-c[force csh-style shell]' \ '(-k)-d[debug mode]' \ + '(-k)-D[foreground mode]' \ + "(-k)$algopt" \ '-k[kill current agent]' \ + '(-k)-P[specify PKCS#11 shared library whitelist]:PKCS#11 library whitelist pattern' \ '(-k -c)-s[force sh-style shell]' \ '-t[set default maximum lifetime for identities]:maximum lifetime (in seconds or time format):' \ '*::command: _normal' @@ -125,12 +131,12 @@ _ssh () { cmn=( -b -P -N -C -m -v ) # options common to many basic commands (except -f which is common to most) cms=( -E -q -t -g -M -S -a -J -j -K -W -I -h -n -O -V -u ) # options specific to one basic command _arguments -s $args \ - "(${${(@)cmds:#-G}} -P -m ${${(@)cms:#-[MS]}})-b[specify number of bits in key]:bits in key" \ - "$p1(${${(@)cmds:#-[pc]}} -b -C $cms)-P[provide old passphrase]:old passphrase" \ - "(${${(@)cmds:#-p}} -m -v ${${(@)cms:#-[qt]}})-N[provide new passphrase]:new passphrase" \ - "(${${(@)cmds:#-c}} -m -v $cms)-C[provide new comment]:new comment" \ - "(-D -G -M -S -I -h -n -O -V -A)-f[$file file]:$file file:_files" \ - "$p1(${${(@)cmds:#-[ie]}})-m[specify conversion format]:format:(PEM PKCS7 RFC4716)" \ + "(${${(@)cmds:#-G}} -P -m ${${(@)cms:#-[MS]}})-b+[specify number of bits in key]:bits in key" \ + "$p1(${${(@)cmds:#-[pc]}} -b -C $cms)-P+[provide old passphrase]:old passphrase" \ + "(${${(@)cmds:#-p}} -m -v ${${(@)cms:#-[qt]}})-N+[provide new passphrase]:new passphrase" \ + "(${${(@)cmds:#-c}} -m -v $cms)-C+[provide new comment]:new comment" \ + "(-D -G -M -S -I -h -n -O -V -A)-f+[$file file]:$file file:_files" \ + "$p1(${${(@)cmds:#-[ie]}})-m+[specify conversion format]:format:(PEM PKCS7 RFC4716)" \ "(${${(@)cmds:#-[lGT]}} ${${(@)cmn:#-[bv]}} -f)*-v[verbose mode]" \ - '(commands)' \ "(-b -P -C -v)-p[change passphrase of private key file]" \ @@ -139,39 +145,45 @@ _ssh () { "($cmn)-y[get public key from private key]" \ '(-b -N -m -v)-c[change comment in private and public key files]' \ "($cmn)-B[show the bubblebabble digest of key]" \ - "(-)-D[download key stored in smartcard reader]:reader" \ + "(-)-D+[download key stored in smartcard reader]:reader" \ "($cmn)-H[hash names in known_hosts file]" \ - "($cmn)-R[remove host from known_hosts file]:host:_ssh_hosts" \ + "($cmn)-R+[remove host from known_hosts file]:host:_ssh_hosts" \ "($cmn)-L[print the contents of a certificate]" \ "(-)-A[generate host keys for all key types]" \ "($cmn)-Q[test whether keys have been revoked in a KRL]" \ - finger \ "($cmn)-l[show fingerprint of key file]" \ - "$p1($cmn)-E[specify hash algorithm for displayed fingerprints]:hash algorithim:(md5 sha256)" \ + "$p1($cmn)$algopt" \ - create \ '(-P -m)-q[silence ssh-keygen]' \ - "(-P -m)-t[specify the type of the key to create]:key type:(rsa dsa ecdsa ed25519)" \ + "(-P -m)-t+[specify the type of the key to create]:key type:(rsa dsa ecdsa ed25519)" \ - dns \ "($cmn)-r[print DNS resource record]:hostname:_hosts" \ "$p1($cmn)-g[use generic DNS format]" \ - primes \ "(-P -N -C -m -f)-G[generate candidates for DH-GEX moduli]" \ - "$p1(-P -N -C -m -f)-M[specify amount of memory to use for generating DH-GEX moduli]:memory (MB)" \ - "$p1(-P -N -C -m -f)-S[specify start point]:start point (hex)" \ + "$p1(-P -N -C -m -f)-M+[specify amount of memory to use for generating DH-GEX moduli]:memory (MB)" \ + "$p1(-P -N -C -m -f)-S+[specify start point]:start point (hex)" \ - screen \ - "(${${(@)cmn:#-v}})-T[screen candidates for DH-GEX moduli]:output file:_files" \ - "${p1}(${${(@)cmn:#-v}})-a[specify number of rounds]:rounds" \ + "(${${(@)cmn:#-v}})-T+[screen candidates for DH-GEX moduli]:output file:_files" \ + "${p1}(${${(@)cmn:#-v}})-a+[specify number of rounds]:rounds" \ "${p1}(${${(@)cmn:#-v}})-J[exit after screening specified number of lines]" \ - "${p1}(${${(@)cmn:#-v}})-j[start screening at the specified line number]:line number" \ - "${p1}(${${(@)cmn:#-v}})-K[write the last line processed to file]:file:_files" \ + "${p1}(${${(@)cmn:#-v}})-j+[start screening at the specified line number]:line number" \ + "${p1}(${${(@)cmn:#-v}})-K+[write the last line processed to file]:file:_files" \ "${p1}(${${(@)cmn:#-v}})-W[specify desired generator]:generator" \ - certify \ "($cmn)-s[$sdesc]:CA key:_files" \ - "$p1($cmn -f -u)-I[specify key identifier to include in certificate]:key id" \ + "$p1($cmn -f -u)-I+[specify key identifier to include in certificate]:key id" \ "$p1($cmn -f -u)-h[generate host certificate instead of a user certificate]" \ - "$p1($cmn -f -u)-n[specify user/host principal names to include in certificate]:principals" \ - "$p1($cmn -f -u)-O[specify a certificate option]:option" \ - "$p1($cmn -f -u)-V[specify certificate validity interval]:interval" \ + "$p1($cmn -f -u -D)-U[indicate that CA key is held by ssh-agent]" \ + "$p1($cmn -f -u -U)-D+[indicate the CA key is stored in a PKCS#11 token]:PKCS11 shared library:_files -g '*.(so|dylib)(|.<->)(-.)'" \ + "$p1($cmn -f -u)-n+[specify user/host principal names to include in certificate]:principals" \ + "$p1($cmn -f -u)*-O+[specify a certificate option]: : _values 'option' + clear critical\:name extension\:name force-command\:command\:_cmdstring + no-agent-forwarding no-port-forwarding no-pty no-user-rc no-x11-forwarding + permit-agent-forwarding permit-port-forwarding permit-pty permit-user-rc + permit-x11-forwarding source-address\:source\ address" \ + "$p1($cmn -f -u)-V+[specify certificate validity interval]:interval" \ "($cmn -I -h -n -O -V)-k[generate a KRL file]" \ "$p1($cmn -I -h -n -O -V)-u[update a KRL]" return @@ -181,15 +193,15 @@ _ssh () { '-a[attempt to continue interrupted transfers]' \ '-B+[specify buffer size]:buffer size (bytes) [32768]' \ '-b+[specify batch file to read]:batch file:_files' \ - '-D[connect directly to a local sftp server]:sftp server path' \ + '-D+[connect directly to a local sftp server]:sftp server path' \ '-f[request that files be flushed immediately after transfer]' \ - '-R[specify number of outstanding requests]:number of requests [64]' \ - '-s[SSH2 subsystem or path to sftp server on the remote host]' \ + '-R+[specify number of outstanding requests]:number of requests [64]' \ + '-s+[SSH2 subsystem or path to sftp server on the remote host]:subsystem/path' \ '1:file:->rfile' '*:file:->file' "$common[@]" "$common_transfer[@]" && ret=0 ;; (ssh-copy-id) _arguments \ - '-i:SSH identity file:_files' \ + '-i+[select identity file]:SSH identity file:_files' \ ':remote host name:->userhost' \ ;; esac @@ -209,7 +221,7 @@ _ssh () { ;; esac case "${IPREFIX#-o}" in - (#i)(afstokenpassing|batchmode|canonicalizefallbacklocal|challengeresponseauthentication|checkhostip|clearallforwardings|compression|enablesshkeysign|exitonforwardfailure|fallbacktorsh|forward(agent|x11)|forwardx11trusted|gatewayports|gssapiauthentication|gssapidelegatecredentials|gssapitrustdns|hashknownhosts|hostbasedauthentication|identitiesonly|kbdinteractiveauthentication|(tcp|)keepalive|nohostauthenticationforlocalhost|passwordauthentication|permitlocalcommand|proxyusefdpass|pubkeyauthentication|rhosts(|rsa)authentication|rsaauthentication|streamlocalbindunlink|usersh|kerberos(authentication|tgtpassing)|useprivilegedport|visualhostkey)=*) + (#i)(afstokenpassing|batchmode|canonicalizefallbacklocal|challengeresponseauthentication|checkhostip|clearallforwardings|compression|enablesshkeysign|exitonforwardfailure|fallbacktorsh|forward(agent|x11)|forwardx11trusted|gatewayports|gssapiauthentication|gssapidelegatecredentials|gssapikeyexchange|gssapirenewalforcesrekey|gssapitrustdns|hashknownhosts|hostbasedauthentication|identitiesonly|kbdinteractiveauthentication|(tcp|)keepalive|nohostauthenticationforlocalhost|passwordauthentication|permitlocalcommand|proxyusefdpass|pubkeyauthentication|rhosts(|rsa)authentication|rsaauthentication|streamlocalbindunlink|usersh|kerberos(authentication|tgtpassing)|useprivilegedport|visualhostkey)=*) _wanted values expl 'truth value' compadd yes no && ret=0 ;; (#i)addressfamily=*) @@ -231,32 +243,7 @@ _ssh () { _message -e 'CNAME rule list (source_domain_list:target_domain_list, each pattern list comma separated)' && ret=0 ;; (#i)ciphers=*) - _values -s , 'encryption cipher' \ - '3des-cbc' \ - 'aes128-cbc' \ - 'aes192-cbc' \ - 'aes256-cbc' \ - 'aes128-ctr' \ - 'aes192-ctr' \ - 'aes256-ctr' \ - 'arcfour128' \ - 'arcfour256' \ - 'arcfour' \ - 'blowfish-cbc' \ - 'cast128-cbc' \ - \ - 'rijndael128-cbc' \ - 'rijndael192-cbc' \ - 'rijndael256-cbc' \ - 'rijndael-cbc@lysator.liu.se' \ - && ret=0 - ;; - (#i)cipher=*) - _wanted values expl 'encryption cipher (protocol version 1)' \ - compadd blowfish 3des des idea arcfour tss none && ret=0 - ;; - (#i)compressionlevel=*) - _values 'compression level' {1..9} && ret=0 + state=ciphers ;; (#i)connectionattempts=*) _message -e 'connection attempts' && ret=0 @@ -296,21 +283,7 @@ _ssh () { _wanted hosts expl 'real host name to log into' _ssh_hosts && ret=0 ;; (#i)(hostbasedkeytypes|hostkeyalgorithms|pubkeyacceptedkeytypes)=*) - _values -s , 'key types' \ - 'ecdsa-sha2-nistp256-cert-v01@openssh.com' \ - 'ecdsa-sha2-nistp384-cert-v01@openssh.com' \ - 'ecdsa-sha2-nistp521-cert-v01@openssh.com' \ - 'ssh-ed25519-cert-v01@openssh.com' \ - 'ssh-rsa-cert-v01@openssh.com' \ - 'ssh-dss-cert-v01@openssh.com' \ - 'ssh-rsa-cert-v00@openssh.com' \ - 'ssh-dss-cert-v00@openssh.com' \ - 'ecdsa-sha2-nistp256' \ - 'ecdsa-sha2-nistp384' \ - 'ecdsa-sha2-nistp521' \ - 'ssh-ed25519' \ - 'ssh-rsa' \ - 'ssh-dss' && ret=0 + _wanted key-types expl 'key type' _sequence compadd - $(_call_program key-types ssh -Q key) && ret=0 ;; (#i)identityfile=*) _description files expl 'SSH identity file' @@ -342,12 +315,9 @@ _ssh () { _values -s , 'keyboard-interactive authentication methods' \ 'bsdauth' 'pam' 'skey' && ret=0 ;; - (#i)kexalgorithms=*) - _values -s , 'KEX algorithms' \ - ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \ - diffie-hellman-group-exchange-sha256 \ - diffie-hellman-group-exchange-sha1 \ - diffie-hellman-group14-sha1 diffie-hellman-group1-sha1 && ret=0 + (#i)(kexalgorithms|gssapikexalgorithms)=*) + _wanted algorithms expl 'key exchange algorithm' _sequence compadd - \ + $(_call_program algorithms ssh -Q kex) && ret=0 ;; (#i)localcommand=*) _description commands expl 'run command locally after connecting' @@ -381,7 +351,7 @@ _ssh () { '1' \ '2' && ret=0 ;; - (#i)proxycommand=*) + (#i)(proxy|remote)command=*) _cmdstring && ret=0 ;; (#i)rekeylimit=*) @@ -413,7 +383,13 @@ _ssh () { (#i)streamlocalbindmask=*) _message -e 'octal mask' && ret=0 ;; - (#i)(stricthostkeychecking|verifyhostkeydns|updatehostkeys)=*) + (#i)stricthostkeychecking=*) + _wanted values expl 'value' compadd yes no ask accept-new off && ret=0 + ;; + (#i)syslogfacility=*) + _wanted facilities expl 'facility' compadd -M 'm:{a-z}={A-Z}' DAEMON USER AUTH LOCAL{0,1,2,3,4,5,6,7} && ret=0 + ;; + (#i)(verifyhostkeydns|updatehostkeys)=*) _wanted values expl 'truthish value' compadd yes no ask && ret=0 ;; (#i)transport=*) @@ -446,7 +422,7 @@ _ssh () { # old options are after the empty "\"-line _wanted values expl 'configure file option' \ compadd -M 'm:{a-z}={A-Z}' -q -S '=' - \ - AddKeysToAgent \ + AddKeysToAgent \ AddressFamily \ BatchMode \ BindAddress \ @@ -455,14 +431,12 @@ _ssh () { CanonicalizeHostname \ CanonicalizeMaxDots \ CanonicalizePermittedCNAMEs \ - CertificateFile \ + CertificateFile \ ChallengeResponseAuthentication \ CheckHostIP \ - Cipher \ Ciphers \ ClearAllForwardings \ Compression \ - CompressionLevel \ ConnectionAttempts \ ConnectTimeout \ ControlMaster \ @@ -480,17 +454,21 @@ _ssh () { GatewayPorts \ GlobalKnownHostsFile \ GSSAPIAuthentication \ + GSSAPIClientIdentity \ GSSAPIDelegateCredentials \ + GSSAPIKeyExchange \ + GSSAPIRenewalForcesRekey \ + GSSAPIServerIdentity \ GSSAPITrustDns \ + GSSAPIKexAlgorithms \ HashKnownHosts \ - Host \ HostbasedAuthentication \ HostbasedKeyTypes \ HostKeyAlgorithms \ HostKeyAlias \ HostName \ IdentitiesOnly \ - IdentityAgent \ + IdentityAgent \ IdentityFile \ IgnoreUnknown \ IPQoS \ @@ -508,13 +486,13 @@ _ssh () { PKCS11Provider \ Port \ PreferredAuthentications \ - Protocol \ ProxyCommand \ - ProxyJump \ + ProxyJump \ ProxyUseFdpass \ PubkeyAcceptedKeyTypes \ PubkeyAuthentication \ RekeyLimit \ + RemoteCommand \ RemoteForward \ RequestTTY \ RevokedHostKeys \ @@ -526,8 +504,8 @@ _ssh () { StreamLocalBindMask \ StreamLocalBindUnlink \ StrictHostKeyChecking \ + SyslogFacility \ TCPKeepAlive \ - Transport \ Tunnel \ TunnelDevice \ UpdateHostKeys \ @@ -600,11 +578,18 @@ _ssh () { return ret ;; macs) - _values -s , 'MAC algorithms' hmac-md5 hmac-sha1 umac-64@openssh.com \ - hmac-ripemd160 hmac-sha1-96 hmac-md5-96 hmac-sha2-256 \ - hmac-sha2-256-96 hmac-sha2-512 hmac-sha2-512-96 && ret=0 + _wanted macs expl 'MAC algorithm' _sequence compadd - $(_call_program macs ssh -Q mac) + return + ;; + ciphers) + _wanted ciphers expl 'encryption cipher' _sequence compadd - $(_call_program ciphers ssh -Q cipher) + return ;; command) + if (( $+opt_args[-s] )); then + _wanted subsystems expl subsystem compadd sftp + return + fi local -a _comp_priv_prefix shift 1 words (( CURRENT-- )) @@ -662,46 +647,4 @@ _ssh_users () { _combination -s '[:@]' my-accounts users-hosts users "$@" } -_ssh_hosts () { - local -a config_hosts - local config - integer ind - - # If users-hosts matches, we shouldn't complete anything else. - if [[ "$IPREFIX" == *@ ]]; then - _combination -s '[:@]' my-accounts users-hosts "users=${IPREFIX/@}" hosts "$@" && return - else - _combination -s '[:@]' my-accounts users-hosts \ - ${opt_args[-l]:+"users=${opt_args[-l]:q}"} hosts "$@" && return - fi - if (( ind = ${words[(I)-F]} )); then - config=${~words[ind+1]} 2>/dev/null - else - config="$HOME/.ssh/config" - fi - if [[ -r $config ]]; then - local key line host - local -a lines=("${(@f)$(<"$config")}") 2>/dev/null - while (($#lines)); do - IFS=$'=\t ' read -r key line <<<"${lines[1]}" - case "$key" in - ((#i)include) - lines[1]=("${(@f)$(cd $HOME/.ssh; cat ${(z)~line})}") 2>/dev/null;; - ((#i)host(|name)) - for host in ${(z)line}; do - case $host in - (*[*?]*) ;; - (*) config_hosts+=("$host") ;; - esac - done ;& - (*) shift lines;; - esac - done - if (( ${#config_hosts} )); then - _wanted hosts expl 'remote host name' \ - compadd -M 'm:{a-zA-Z}={A-Za-z} r:|.=* r:|=*' "$@" $config_hosts - fi - fi -} - _ssh "$@" |