diff --git a/syntaxes/ssh-config.tmLanguage.json b/syntaxes/ssh-config.tmLanguage.json
index cccc5eb..fe1ff36 100644
--- a/syntaxes/ssh-config.tmLanguage.json
+++ b/syntaxes/ssh-config.tmLanguage.json
@@ -17,7 +17,7 @@
 		"keywords": {
 			"patterns": [{
 				"name": "keyword.control.ssh-config",
-				"match": "(?i)\\b(AddressFamily|AddKeysToAgent|BatchMode|BindAddress|ChallengeResponseAuthentication|CheckHostIP|Cipher|Ciphers|Compression|CompressionLevel|ConnectionAttempts|ConnectTimeout|ControlMaster|ControlPath|ControlPersist|DynamicForward|EnableSSHKeysign|EscapeChar|ExitOnForwardFailure|ForwardAgent|ForwardX11|ForwardX11Trusted|GatewayPorts|GlobalKnownHostsFile|GSSAPIAuthentication|GSSAPIKeyExchange|GSSAPIClientIdentity|GSSAPIDelegateCredentials|GSSAPIRenewalForcesRekey|GSSAPITrustDns|HashKnownHosts|HostbasedAuthentication|HostKeyAlgorithms|HostKeyAlias|HostName|IdentitiesOnly|IdentityFile|KbdInteractiveAuthentication|KbdInteractiveDevices|LocalCommand|LocalForward|LogLevel|NumberOfPasswordPrompts|PasswordAuthentication|PermitLocalCommand|PreferredAuthentications|Protocol|ProxyCommand|ProxyJump|RekeyLimit|RemoteForward|RhostsRSAAuthentication|RSAAuthentication|SendEnv|ServerAliveCountMax|ServerAliveInterval|SmartcardDevice|StrictHostKeyChecking|TCPKeepAlive|Tunnel|TunnelDevice|UsePrivilegedPort|User|UserKnownHostsFile|VerifyHostKeyDNS|VisualHostKey|XAuthLocation)\\b"
+				"match": "(?i)\\b(AddKeysToAgent|AddressFamily|AskPassGUI|BatchMode|BindAddress|CanonicalDomains|CanonicalizeFallbackLocal|CanonicalizeHostname|CanonicalizeMaxDots|CanonicalizePermittedCNAMEs|ChallengeResponseAuthentication|CheckHostIP|Cipher|Ciphers|ClearAllForwardings|Compression|CompressionLevel|ConnectionAttempts|ConnectTimeout|ControlMaster|ControlPath|ControlPersist|DynamicForward|EnableSSHKeysign|EscapeChar|ExitOnForwardFailure|FingerprintHash|ForwardAgent|ForwardX11|ForwardX11Timeout|ForwardX11Trusted|GatewayPorts|GlobalKnownHostsFile|GSSAPIAuthentication|GSSAPIClientIdentity|GSSAPIDelegateCredentials|GSSAPIKeyExchange|GSSAPIRenewalForcesRekey|GSSAPIServerIdentity|GSSAPITrustDns|HashKnownHosts|Host|HostbasedAuthentication|HostbasedKeyTypes|HostKeyAlgorithms|HostKeyAlias|HostName|IdentitiesOnly|IdentityFile|IgnoreUnknown|IPQoS|KbdInteractiveAuthentication|KbdInteractiveDevices|KexAlgorithms|KeychainIntegration|LocalCommand|LocalForward|LogLevel|MACs|Match|NoHostAuthenticationForLocalhost|NumberOfPasswordPrompts|PasswordAuthentication|PermitLocalCommand|PKCS11Provider|Port|PreferredAuthentications|Protocol|ProxyCommand|ProxyJump|ProxyUseFdpass|PubkeyAuthentication|RekeyLimit|RemoteForward|RequestTTY|RevokedHostKeys|RhostsRSAAuthentication|RSAAuthentication|SendEnv|ServerAliveCountMax|ServerAliveInterval|SmartcardDevice|StreamLocalBindMask|StreamLocalBindUnlink|StrictHostKeyChecking|TCPKeepAlive|Tunnel|TunnelDevice|UpdateHostKeys|UsePrivilegedPort|User|UserKnownHostsFile|VerifyHostKeyDNS|VisualHostKey|XAuthLocation)\\b"
 			}, {
 				"match": "^(Host)\\s+(.+)$",
 				"captures": {