1 \input texinfo @c -*-texinfo-*-
2 @setfilename ../../info/tramp
4 @settitle TRAMP User Manual
7 @c This is *so* much nicer :)
10 @c In the Tramp CVS, the version number is auto-frobbed from
11 @c configure.ac, so you should edit that file and run
12 @c "autoconf && ./configure" to change the version number.
14 @c Additionally, flags are set with respect to the Emacs flavor; and
15 @c depending whether Tramp is packaged into (X)Emacs, or standalone.
17 @include trampver.texi
19 @c Macro for formatting a filename according to the respective syntax.
20 @c xxx and yyy are auxiliary macros in order to omit leading and
21 @c trailing whitespace. Not very elegant, but I don't know it better.
27 @macro yyy {one, two}@c
35 @macro trampfn {method, user, host, localname}@c
36 @value{prefix}@yyy{\method\,@value{postfixhop}}@yyy{\user\,@@}\host\@value{postfix}\localname\@c
40 Copyright @copyright{} 1999, 2000, 2001, 2002, 2003, 2004, 2005,
41 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
44 Permission is granted to copy, distribute and/or modify this document
45 under the terms of the GNU Free Documentation License, Version 1.3 or
46 any later version published by the Free Software Foundation; with no
47 Invariant Sections, with the Front-Cover texts being ``A GNU Manual'',
48 and with the Back-Cover Texts as in (a) below. A copy of the license
49 is included in the section entitled ``GNU Free Documentation License''.
51 (a) The FSF's Back-Cover Text is: ``You have the freedom to
52 copy and modify this GNU manual. Buying copies from the FSF
53 supports it in developing GNU and promoting software freedom.''
57 @c Entries for @command{install-info} to use
58 @dircategory @value{emacsname}
60 * TRAMP: (tramp). Transparent Remote Access, Multiple Protocol
61 @value{emacsname} remote file access via rsh and rcp.
65 @title @value{tramp} version @value{trampver} User Manual
66 @author by Daniel Pittman
67 @author based on documentation by Kai Gro@ss{}johann
75 @node Top, Overview, (dir), (dir)
76 @top @value{tramp} version @value{trampver} User Manual
78 This file documents @value{tramp} version @value{trampver}, a remote file
79 editing package for @value{emacsname}.
81 @value{tramp} stands for `Transparent Remote (file) Access, Multiple
82 Protocol'. This package provides remote file editing, similar to
83 @value{ftppackagename}.
85 The difference is that @value{ftppackagename} uses FTP to transfer
86 files between the local and the remote host, whereas @value{tramp} uses a
87 combination of @command{rsh} and @command{rcp} or other work-alike
88 programs, such as @command{ssh}/@command{scp}.
90 You can find the latest version of this document on the web at
91 @uref{http://www.gnu.org/software/tramp/}.
93 @c Pointer to the other Emacs flavor is necessary only in case of
94 @c standalone installation.
96 The manual has been generated for @value{emacsname}.
98 If you want to read the info pages for @value{emacsothername}, you
99 should read in @ref{Installation} how to create them.
102 If you're using the other Emacs flavor, you should read the
103 @uref{@value{emacsotherfilename}, @value{emacsothername}} pages.
108 The latest release of @value{tramp} is available for
109 @uref{ftp://ftp.gnu.org/gnu/tramp/, download}, or you may see
110 @ref{Obtaining Tramp} for more details, including the CVS server
113 @value{tramp} also has a @uref{http://savannah.gnu.org/projects/tramp/,
114 Savannah Project Page}.
117 There is a mailing list for @value{tramp}, available at
118 @email{tramp-devel@@gnu.org}, and archived at
119 @uref{http://lists.gnu.org/archive/html/tramp-devel/, the
120 @value{tramp} Mail Archive}.
122 Older archives are located at
123 @uref{http://sourceforge.net/mailarchive/forum.php?forum=tramp-devel,
124 SourceForge Mail Archive} and
125 @uref{http://www.mail-archive.com/emacs-rcp@@ls6.cs.uni-dortmund.de/,
127 @c in HTML output, there's no new paragraph.
136 * Overview:: What @value{tramp} can and cannot do.
140 * Obtaining Tramp:: How to obtain @value{tramp}.
141 * History:: History of @value{tramp}.
142 @ifset installchapter
143 * Installation:: Installing @value{tramp} with your @value{emacsname}.
145 * Configuration:: Configuring @value{tramp} for use.
146 * Usage:: An overview of the operation of @value{tramp}.
147 * Bug Reports:: Reporting Bugs and Problems.
148 * Frequently Asked Questions:: Questions and answers from the mailing list.
149 * Function Index:: @value{tramp} functions.
150 * Variable Index:: User options and variables.
151 * Concept Index:: An item for each concept.
155 * Files directories and localnames:: How file names, directories and localnames are mangled and managed.
156 * Traces and Profiles:: How to Customize Traces.
157 * Issues:: Debatable Issues and What Was Decided.
159 * GNU Free Documentation License:: The license for this documentation.
162 --- The Detailed Node Listing ---
164 @ifset installchapter
165 Installing @value{tramp} with your @value{emacsname}
167 * Installation parameters:: Parameters in order to control installation.
168 * Load paths:: How to plug-in @value{tramp} into your environment.
172 Configuring @value{tramp} for use
174 * Connection types:: Types of connections made to remote machines.
175 * Inline methods:: Inline methods.
176 * External methods:: External methods.
178 * GVFS based methods:: GVFS based external methods.
181 * Gateway methods:: Gateway methods.
183 * Default Method:: Selecting a default method.
184 * Default User:: Selecting a default user.
185 * Default Host:: Selecting a default host.
186 * Multi-hops:: Connecting to a remote host using multiple hops.
187 * Customizing Methods:: Using Non-Standard Methods.
188 * Customizing Completion:: Selecting config files for user/host name completion.
189 * Password handling:: Reusing passwords for several connections.
190 * Connection caching:: Reusing connection related information.
191 * Remote Programs:: How @value{tramp} finds and uses programs on the remote machine.
192 * Remote shell setup:: Remote shell setup hints.
193 * Windows setup hints:: Issues with Cygwin ssh.
194 * Auto-save and Backup:: Auto-save and Backup.
198 * Filename Syntax:: @value{tramp} filename conventions.
199 * Alternative Syntax:: URL-like filename syntax.
200 * Filename completion:: Filename completion.
201 * Remote processes:: Integration with other @value{emacsname} packages.
202 * Cleanup remote connections:: Cleanup remote connections.
204 How file names, directories and localnames are mangled and managed
206 * Localname deconstruction:: Breaking a localname into its components.
208 * External packages:: Integration with external Lisp packages.
215 @chapter An overview of @value{tramp}
218 After the installation of @value{tramp} into your @value{emacsname}, you
219 will be able to access files on remote machines as though they were
220 local. Access to the remote file system for editing files, version
221 control, and @code{dired} are transparently enabled.
223 Your access to the remote machine can be with the @command{rsh},
224 @command{rlogin}, @command{telnet} programs or with any similar
225 connection method. This connection must pass @acronym{ASCII}
226 successfully to be usable but need not be 8-bit clean.
228 The package provides support for @command{ssh} connections out of the
229 box, one of the more common uses of the package. This allows
230 relatively secure access to machines, especially if @command{ftp}
233 Under Windows, @value{tramp} is integrated with the PuTTY package,
234 using the @command{plink} program.
236 The majority of activity carried out by @value{tramp} requires only that
237 the remote login is possible and is carried out at the terminal. In
238 order to access remote files @value{tramp} needs to transfer their content
239 to the local machine temporarily.
241 @value{tramp} can transfer files between the machines in a variety of ways.
242 The details are easy to select, depending on your needs and the
243 machines in question.
245 The fastest transfer methods for large files rely on a remote file
246 transfer package such as @command{rcp}, @command{scp}, @command{rsync}
247 or (under Windows) @command{pscp}.
249 If the remote copy methods are not suitable for you, @value{tramp} also
250 supports the use of encoded transfers directly through the shell.
251 This requires that the @command{mimencode} or @command{uuencode} tools
252 are available on the remote machine. These methods are generally
253 faster for small files.
255 @value{tramp} is still under active development and any problems you encounter,
256 trivial or major, should be reported to the @value{tramp} developers.
260 @subsubheading Behind the scenes
261 @cindex behind the scenes
262 @cindex details of operation
265 This section tries to explain what goes on behind the scenes when you
266 access a remote file through @value{tramp}.
268 Suppose you type @kbd{C-x C-f} and enter part of an @value{tramp} file name,
269 then hit @kbd{@key{TAB}} for completion. Suppose further that this is
270 the first time that @value{tramp} is invoked for the host in question. Here's
275 @value{tramp} discovers that it needs a connection to the host. So it
276 invokes @samp{telnet @var{host}} or @samp{rsh @var{host} -l
277 @var{user}} or a similar tool to connect to the remote host.
278 Communication with this process happens through an
279 @value{emacsname} buffer, that is, the output from the remote end
283 The remote host may prompt for a login name (for @command{telnet}).
284 The login name is given in the file name, so @value{tramp} sends the
285 login name and a newline.
288 The remote host may prompt for a password or pass phrase (for
289 @command{rsh} or for @command{telnet} after sending the login name).
290 @value{tramp} displays the prompt in the minibuffer, asking you for the
291 password or pass phrase.
293 You enter the password or pass phrase. @value{tramp} sends it to the remote
294 host, followed by a newline.
297 @value{tramp} now waits for the shell prompt or for a message that the login
300 If @value{tramp} sees neither of them after a certain period of time
301 (a minute, say), then it issues an error message saying that it
302 couldn't find the remote shell prompt and shows you what the remote
305 If @value{tramp} sees a @samp{login failed} message, it tells you so,
306 aborts the login attempt and allows you to try again.
309 Suppose that the login was successful and @value{tramp} sees the shell prompt
310 from the remote host. Now @value{tramp} invokes @command{/bin/sh} because
311 Bourne shells and C shells have different command
312 syntaxes.@footnote{Invoking @command{/bin/sh} will fail if your login
313 shell doesn't recognize @samp{exec /bin/sh} as a valid command.
314 Maybe you use the Scheme shell @command{scsh}@dots{}}
316 After the Bourne shell has come up, @value{tramp} sends a few commands to
317 ensure a good working environment. It turns off echoing, it sets the
318 shell prompt, and a few other things.
321 Now the remote shell is up and it good working order. Remember, what
322 was supposed to happen is that @value{tramp} tries to find out what files exist
323 on the remote host so that it can do filename completion.
325 So, @value{tramp} basically issues @command{cd} and @command{ls} commands and
326 also sometimes @command{echo} with globbing. Another command that is
327 often used is @command{test} to find out whether a file is writable or a
328 directory or the like. The output of each command is parsed for the
332 Suppose you are finished with filename completion, have entered @kbd{C-x
333 C-f}, a full file name and hit @kbd{@key{RET}}. Now comes the time to
334 transfer the file contents from the remote host to the local host so
335 that you can edit them.
337 See above for an explanation of how @value{tramp} transfers the file contents.
339 For inline transfers, @value{tramp} issues a command like @samp{mimencode -b
340 /path/to/remote/file}, waits until the output has accumulated in the
341 buffer that's used for communication, then decodes that output to
342 produce the file contents.
344 For external transfers, @value{tramp} issues a command like the
347 rcp user@@host:/path/to/remote/file /tmp/tramp.4711
349 It then reads the local temporary file @file{/tmp/tramp.4711} into a
350 buffer and deletes the temporary file.
353 You now edit the buffer contents, blithely unaware of what has happened
354 behind the scenes. (Unless you have read this section, that is.) When
355 you are finished, you type @kbd{C-x C-s} to save the buffer.
358 Again, @value{tramp} transfers the file contents to the remote host
359 either inline or external. This is the reverse of what happens when
363 I hope this has provided you with a basic overview of what happens
364 behind the scenes when you open a file with @value{tramp}.
368 @node Obtaining Tramp
369 @chapter Obtaining Tramp.
370 @cindex obtaining Tramp
372 @value{tramp} is freely available on the Internet and the latest
373 release may be downloaded from
374 @uref{ftp://ftp.gnu.org/gnu/tramp/}. This release includes the full
375 documentation and code for @value{tramp}, suitable for installation.
376 But GNU Emacs (22 or later) includes @value{tramp} already, and there
377 is a @value{tramp} package for XEmacs, as well. So maybe it is easier
378 to just use those. But if you want the bleeding edge, read
381 For the especially brave, @value{tramp} is available from CVS. The CVS
382 version is the latest version of the code and may contain incomplete
383 features or new issues. Use these versions at your own risk.
385 Instructions for obtaining the latest development version of @value{tramp}
386 from CVS can be found by going to the Savannah project page at the
387 following URL and then clicking on the CVS link in the navigation bar
391 @uref{http://savannah.gnu.org/projects/tramp/}
394 Or follow the example session below:
397 ] @strong{cd ~/@value{emacsdir}}
398 ] @strong{export CVS_RSH="ssh"}
399 ] @strong{cvs -z3 -d:pserver:anonymous@@cvs.savannah.gnu.org:/sources/tramp co tramp}
403 You should now have a directory @file{~/@value{emacsdir}/tramp}
404 containing the latest version of @value{tramp}. You can fetch the latest
405 updates from the repository by issuing the command:
408 ] @strong{cd ~/@value{emacsdir}/tramp}
409 ] @strong{export CVS_RSH="ssh"}
410 ] @strong{cvs update -d}
414 Once you've got updated files from the CVS repository, you need to run
415 @command{autoconf} in order to get an up-to-date @file{configure}
419 ] @strong{cd ~/@value{emacsdir}/tramp}
425 @chapter History of @value{tramp}
427 @cindex development history
429 Development was started end of November 1998. The package was called
430 @file{rssh.el}, back then. It only provided one method to access a
431 file, using @command{ssh} to log in to a remote host and using
432 @command{scp} to transfer the file contents. After a while, the name
433 was changed to @file{rcp.el}, and now it's @value{tramp}. Along the way,
434 many more methods for getting a remote shell and for transferring the
435 file contents were added. Support for VC was added.
437 After that, there were added the multi-hop methods in April 2000 and
438 the unification of @value{tramp} and Ange-FTP filenames in July 2002.
439 In July 2004, multi-hop methods have been replaced by proxy hosts.
440 Running commands on remote hosts was introduced in December 2005.
442 Support of gateways exists since April 2007.
445 GVFS integration started in February 2009.
448 Storing files into IMAP mailboxes has been added in September 2009.
451 In December 2001, @value{tramp} has been added to the XEmacs package
452 repository. Being part of the GNU Emacs repository happened in June
453 2002, the first release including @value{tramp} was GNU Emacs 22.1.
455 @value{tramp} is also a GNU/Linux Debian package since February 2001.
458 @c Installation chapter is necessary only in case of standalone
459 @c installation. Text taken from trampinst.texi.
460 @ifset installchapter
461 @include trampinst.texi
465 @chapter Configuring @value{tramp} for use
466 @cindex configuration
468 @cindex default configuration
469 @value{tramp} is (normally) fully functional when it is initially
470 installed. It is initially configured to use the @command{scp}
471 program to connect to the remote host. So in the easiest case, you
472 just type @kbd{C-x C-f} and then enter the filename
473 @file{@trampfn{, user, machine, /path/to.file}}.
475 On some hosts, there are problems with opening a connection. These are
476 related to the behavior of the remote shell. See @xref{Remote shell
477 setup}, for details on this.
479 If you do not wish to use these commands to connect to the remote
480 host, you should change the default connection and transfer method
481 that @value{tramp} uses. There are several different methods that @value{tramp}
482 can use to connect to remote machines and transfer files
483 (@pxref{Connection types}).
485 If you don't know which method is right for you, see @xref{Default
490 * Connection types:: Types of connections made to remote machines.
491 * Inline methods:: Inline methods.
492 * External methods:: External methods.
494 * GVFS based methods:: GVFS based external methods.
497 * Gateway methods:: Gateway methods.
499 * Default Method:: Selecting a default method.
500 Here we also try to help those who
501 don't have the foggiest which method
503 * Default User:: Selecting a default user.
504 * Default Host:: Selecting a default host.
505 * Multi-hops:: Connecting to a remote host using multiple hops.
506 * Customizing Methods:: Using Non-Standard Methods.
507 * Customizing Completion:: Selecting config files for user/host name completion.
508 * Password handling:: Reusing passwords for several connections.
509 * Connection caching:: Reusing connection related information.
510 * Remote Programs:: How @value{tramp} finds and uses programs on the remote machine.
511 * Remote shell setup:: Remote shell setup hints.
512 * Windows setup hints:: Issues with Cygwin ssh.
513 * Auto-save and Backup:: Auto-save and Backup.
517 @node Connection types
518 @section Types of connections made to remote machines.
519 @cindex connection types, overview
521 There are two basic types of transfer methods, each with its own
522 advantages and limitations. Both types of connection make use of a
523 remote shell access program such as @command{rsh}, @command{ssh} or
524 @command{telnet} to connect to the remote machine.
526 This connection is used to perform many of the operations that @value{tramp}
527 requires to make the remote file system transparently accessible from
528 the local machine. It is only when visiting files that the methods
531 @cindex inline methods
532 @cindex external methods
533 @cindex methods, inline
534 @cindex methods, external
535 Loading or saving a remote file requires that the content of the file
536 be transfered between the two machines. The content of the file can
537 be transfered using one of two methods: the @dfn{inline method} over
538 the same connection used to log in to the remote machine, or the
539 @dfn{external method} through another connection using a remote copy
540 program such as @command{rcp}, @command{scp} or @command{rsync}.
542 The performance of the external methods is generally better than that
543 of the inline methods, at least for large files. This is caused by
544 the need to encode and decode the data when transferring inline.
546 The one exception to this rule are the @command{scp} based transfer
547 methods. While these methods do see better performance when actually
548 transferring files, the overhead of the cryptographic negotiation at
549 startup may drown out the improvement in file transfer times.
551 External methods should be configured such a way that they don't
552 require a password (with @command{ssh-agent}, or such alike). Modern
553 @command{scp} implementations offer options to reuse existing
554 @command{ssh} connections, see method @command{scpc}. If it isn't
555 possible, you should consider @ref{Password handling}, otherwise you
556 will be prompted for a password every copy action.
560 @section Inline methods
561 @cindex inline methods
562 @cindex methods, inline
564 The inline methods in @value{tramp} are quite powerful and can work in
565 situations where you cannot use an external transfer program to connect.
566 Inline methods are the only methods that work when connecting to the
567 remote machine via telnet. (There are also strange inline methods which
568 allow you to transfer files between @emph{user identities} rather than
571 These methods depend on the existence of a suitable encoding and
572 decoding command on remote machine. Locally, @value{tramp} may be able to
573 use features of @value{emacsname} to decode and encode the files or
574 it may require access to external commands to perform that task.
578 @cindex base-64 encoding
579 @value{tramp} checks the availability and usability of commands like
580 @command{mimencode} (part of the @command{metamail} package) or
581 @command{uuencode} on the remote host. The first reliable command
582 will be used. The search path can be customized, see @ref{Remote
585 If both commands aren't available on the remote host, @value{tramp}
586 transfers a small piece of Perl code to the remote host, and tries to
587 apply it for encoding and decoding.
589 The variable @var{tramp-inline-compress-start-size} controls, whether
590 a file shall be compressed before encoding. This could increase
591 transfer speed for large text files.
599 Connect to the remote host with @command{rsh}. Due to the unsecure
600 connection it is recommended for very local host topology only.
602 On operating systems which provide the command @command{remsh} instead
603 of @command{rsh}, you can use the method @option{remsh}. This is true
604 for HP-UX or Cray UNICOS, for example.
611 Connect to the remote host with @command{ssh}. This is identical to
612 the previous option except that the @command{ssh} package is used,
613 making the connection more secure.
615 There are also two variants, @option{ssh1} and @option{ssh2}, that
616 call @samp{ssh -1} and @samp{ssh -2}, respectively. This way, you can
617 explicitly select whether you want to use the SSH protocol version 1
618 or 2 to connect to the remote host. (You can also specify in
619 @file{~/.ssh/config}, the SSH configuration file, which protocol
620 should be used, and use the regular @option{ssh} method.)
622 All the methods based on @command{ssh} have an additional feature: you
623 can specify a host name which looks like @file{host#42} (the real host
624 name, then a hash sign, then a port number). This means to connect to
625 the given host but to also pass @code{-p 42} as arguments to the
626 @command{ssh} command.
629 @item @option{telnet}
630 @cindex method telnet
631 @cindex telnet method
633 Connect to the remote host with @command{telnet}. This is as unsecure
634 as the @option{rsh} method.
641 This method does not connect to a remote host at all, rather it uses
642 the @command{su} program to allow you to edit files as another user.
643 That means, the specified host name in the file name must be either
644 @samp{localhost} or the host name as returned by the function
645 @command{(system-name)}. For an exception of this rule see
653 This is similar to the @option{su} method, but it uses @command{sudo}
654 rather than @command{su} to become a different user.
656 Note that @command{sudo} must be configured to allow you to start a
657 shell as the user. It would be nice if it was sufficient if
658 @command{ls} and @command{mimencode} were allowed, but that is not
659 easy to implement, so I haven't got around to it, yet.
666 As you would expect, this is similar to @option{ssh}, only a little
667 different. Whereas @option{ssh} opens a normal interactive shell on
668 the remote host, this option uses @samp{ssh -t -t @var{host} -l
669 @var{user} /bin/sh} to open a connection. This is useful for users
670 where the normal login shell is set up to ask them a number of
671 questions when logging in. This procedure avoids these questions, and
672 just gives @value{tramp} a more-or-less `standard' login shell to work
675 Note that this procedure does not eliminate questions asked by
676 @command{ssh} itself. For example, @command{ssh} might ask ``Are you
677 sure you want to continue connecting?'' if the host key of the remote
678 host is not known. @value{tramp} does not know how to deal with such a
679 question (yet), therefore you will need to make sure that you can log
680 in without such questions.
682 This is also useful for Windows users where @command{ssh}, when
683 invoked from an @value{emacsname} buffer, tells them that it is not
684 allocating a pseudo tty. When this happens, the login shell is wont
685 to not print any shell prompt, which confuses @value{tramp} mightily.
687 This supports the @samp{-p} argument.
690 @item @option{krlogin}
691 @cindex method krlogin
692 @cindex krlogin method
693 @cindex Kerberos (with krlogin method)
695 This method is also similar to @option{ssh}. It only uses the
696 @command{krlogin -x} command to log in to the remote host.
702 @cindex Kerberos (with ksu method)
704 This is another method from the Kerberos suite. It behaves like @option{su}.
711 This method is mostly interesting for Windows users using the PuTTY
712 implementation of SSH. It uses @samp{plink -ssh} to log in to the
715 This supports the @samp{-P} argument.
717 Additionally, the methods @option{plink1} and @option{plink2} are
718 provided, which call @samp{plink -1 -ssh} or @samp{plink -2 -ssh} in
719 order to use SSH protocol version 1 or 2 explicitly.
721 CCC: Do we have to connect to the remote host once from the command
722 line to accept the SSH key? Maybe this can be made automatic?
724 CCC: Say something about the first shell command failing. This might
725 be due to a wrong setting of @code{tramp-rsh-end-of-line}.
728 @item @option{plinkx}
729 @cindex method plinkx
730 @cindex plinkx method
732 Another method using PuTTY on Windows. Instead of host names, it
733 expects PuTTY session names, calling @samp{plink -load @var{session}
734 -t"}. User names are relevant only in case the corresponding session
735 hasn't defined a user name. Different port numbers must be defined in
741 @node External methods
742 @section External methods
743 @cindex methods, external
744 @cindex external methods
746 The external methods operate through multiple channels, using the
747 remote shell connection for many actions while delegating file
748 transfers to an external transfer utility.
750 This saves the overhead of encoding and decoding that multiplexing the
751 transfer through the one connection has with the inline methods.
753 Since external methods need their own overhead opening a new channel,
754 all files which are smaller than @var{tramp-copy-size-limit} are still
755 transferred with the corresponding inline method. It should provide a
756 fair trade-off between both approaches.
759 @item @option{rcp} --- @command{rsh} and @command{rcp}
762 @cindex rcp (with rcp method)
763 @cindex rsh (with rcp method)
765 This method uses the @command{rsh} and @command{rcp} commands to connect
766 to the remote machine and transfer files. This is probably the fastest
767 connection method available.
769 The alternative method @option{remcp} uses the @command{remsh} and
770 @command{rcp} commands. It should be applied on machines where
771 @command{remsh} is used instead of @command{rsh}.
774 @item @option{scp} --- @command{ssh} and @command{scp}
777 @cindex scp (with scp method)
778 @cindex ssh (with scp method)
780 Using @command{ssh} to connect to the remote host and @command{scp} to
781 transfer files between the machines is the best method for securely
782 connecting to a remote machine and accessing files.
784 The performance of this option is also quite good. It may be slower than
785 the inline methods when you often open and close small files however.
786 The cost of the cryptographic handshake at the start of an @command{scp}
787 session can begin to absorb the advantage that the lack of encoding and
790 There are also two variants, @option{scp1} and @option{scp2}, that
791 call @samp{ssh -1} and @samp{ssh -2}, respectively. This way, you can
792 explicitly select whether you want to use the SSH protocol version 1
793 or 2 to connect to the remote host. (You can also specify in
794 @file{~/.ssh/config}, the SSH configuration file, which protocol
795 should be used, and use the regular @option{scp} method.)
797 All the @command{ssh} based methods support the @samp{-p} feature
798 where you can specify a port number to connect to in the host name.
799 For example, the host name @file{host#42} tells @value{tramp} to
800 specify @samp{-p 42} in the argument list for @command{ssh}, and to
801 specify @samp{-P 42} in the argument list for @command{scp}.
804 @item @option{sftp} --- @command{ssh} and @command{sftp}
807 @cindex sftp (with sftp method)
808 @cindex ssh (with sftp method)
810 That is mostly the same method as @option{scp}, but using
811 @command{sftp} as transfer command. So the same remarks are valid.
813 This command does not work like @value{ftppackagename}, where
814 @command{ftp} is called interactively, and all commands are send from
815 within this session. Instead of, @command{ssh} is used for login.
817 This method supports the @samp{-p} argument.
820 @item @option{rsync} --- @command{ssh} and @command{rsync}
823 @cindex rsync (with rsync method)
824 @cindex ssh (with rsync method)
826 Using the @command{ssh} command to connect securely to the remote
827 machine and the @command{rsync} command to transfer files is almost
828 identical to the @option{scp} method.
830 While @command{rsync} performs much better than @command{scp} when
831 transferring files that exist on both hosts, this advantage is lost if
832 the file exists only on one side of the connection. A file can exists
833 on both the remote and local host, when you copy a file from/to a
834 remote host. When you just open a file from the remote host (or write
835 a file there), a temporary file on the local side is kept as long as
836 the corresponding buffer, visiting this file, is alive.
838 This method supports the @samp{-p} argument.
841 @item @option{scpx} --- @command{ssh} and @command{scp}
844 @cindex scp (with scpx method)
845 @cindex ssh (with scpx method)
847 As you would expect, this is similar to @option{scp}, only a little
848 different. Whereas @option{scp} opens a normal interactive shell on
849 the remote host, this option uses @samp{ssh -t -t @var{host} -l
850 @var{user} /bin/sh} to open a connection. This is useful for users
851 where the normal login shell is set up to ask them a number of
852 questions when logging in. This procedure avoids these questions, and
853 just gives @value{tramp} a more-or-less `standard' login shell to work
856 This is also useful for Windows users where @command{ssh}, when
857 invoked from an @value{emacsname} buffer, tells them that it is not
858 allocating a pseudo tty. When this happens, the login shell is wont
859 to not print any shell prompt, which confuses @value{tramp} mightily.
861 This method supports the @samp{-p} argument.
864 @item @option{scpc} --- @command{ssh} and @command{scp}
867 @cindex scp (with scpc method)
868 @cindex ssh (with scpc method)
870 Newer versions of @option{ssh} (for example OpenSSH 4) offer an option
871 @option{ControlMaster}. This allows @option{scp} to reuse an existing
872 @option{ssh} channel, which increases performance.
874 Before you use this method, you shall check whether your @option{ssh}
875 implementation does support this option. Try from the command line
878 ssh localhost -o ControlMaster=yes
881 This method supports the @samp{-p} argument.
884 @item @option{rsyncc} --- @command{ssh} and @command{rsync}
885 @cindex method rsyncc
886 @cindex rsyncc method
887 @cindex rsync (with rsyncc method)
888 @cindex ssh (with rsyncc method)
890 Like the @option{scpc} method, @option{rsyncc} improves the underlying
891 @command{ssh} connection by the option @option{ControlMaster}. This
892 allows @command{rsync} to reuse an existing @command{ssh} channel,
893 which increases performance.
895 This method supports the @samp{-p} argument.
898 @item @option{pscp} --- @command{plink} and @command{pscp}
901 @cindex pscp (with pscp method)
902 @cindex plink (with pscp method)
903 @cindex PuTTY (with pscp method)
905 This method is similar to @option{scp}, but it uses the
906 @command{plink} command to connect to the remote host, and it uses
907 @command{pscp} for transferring the files. These programs are part
908 of PuTTY, an SSH implementation for Windows.
910 This method supports the @samp{-P} argument.
913 @item @option{psftp} --- @command{plink} and @command{psftp}
916 @cindex psftp (with psftp method)
917 @cindex plink (with psftp method)
918 @cindex PuTTY (with psftp method)
920 As you would expect, this method is similar to @option{sftp}, but it
921 uses the @command{plink} command to connect to the remote host, and it
922 uses @command{psftp} for transferring the files. These programs are
923 part of PuTTY, an SSH implementation for Windows.
925 This method supports the @samp{-P} argument.
928 @item @option{fcp} --- @command{fsh} and @command{fcp}
931 @cindex fsh (with fcp method)
932 @cindex fcp (with fcp method)
934 This method is similar to @option{scp}, but it uses the @command{fsh}
935 command to connect to the remote host, and it uses @command{fcp} for
936 transferring the files. @command{fsh/fcp} are a front-end for
937 @command{ssh} which allow for reusing the same @command{ssh} session
938 for submitting several commands. This avoids the startup overhead of
939 @command{scp} (which has to establish a secure connection whenever it
940 is called). Note, however, that you can also use one of the inline
941 methods to achieve a similar effect.
943 This method uses the command @samp{fsh @var{host} -l @var{user}
944 /bin/sh -i} to establish the connection, it does not work to just say
945 @command{fsh @var{host} -l @var{user}}.
950 There is no inline method using @command{fsh} as the multiplexing
951 provided by the program is not very useful in our context. @value{tramp}
952 opens just one connection to the remote host and then keeps it open,
960 This is not a native @value{tramp} method. Instead of, it forwards all
961 requests to @value{ftppackagename}.
963 This works only for unified filenames, see @ref{Issues}.
967 @item @option{smb} --- @command{smbclient}
971 This is another not natural @value{tramp} method. It uses the
972 @command{smbclient} command on different Unices in order to connect to
973 an SMB server. An SMB server might be a Samba (or CIFS) server on
974 another UNIX host or, more interesting, a host running MS Windows. So
975 far, it is tested towards MS Windows NT, MS Windows 2000, and MS
978 The first directory in the localname must be a share name on the remote
979 host. Remember, that the @code{$} character in which default shares
980 usually end, must be written @code{$$} due to environment variable
981 substitution in file names. If no share name is given (i.e. remote
982 directory @code{/}), all available shares are listed.
984 Since authorization is done on share level, you will be prompted
985 always for a password if you access another share on the same host.
986 This can be suppressed by @ref{Password handling}.
988 MS Windows uses for authorization both a user name and a domain name.
989 Because of this, the @value{tramp} syntax has been extended: you can
990 specify a user name which looks like @code{user%domain} (the real user
991 name, then a percent sign, then the domain name). So, to connect to
992 the machine @code{melancholia} as user @code{daniel} of the domain
993 @code{BIZARRE}, and edit @file{.emacs} in the home directory (share
994 @code{daniel$}) I would specify the filename @file{@trampfn{smb,
995 daniel%BIZARRE, melancholia, /daniel$$/.emacs}}.
997 Depending on the Windows domain configuration, a Windows user might be
998 considered as domain user per default. In order to connect as local
999 user, the WINS name of that machine must be given as domain name.
1000 Usually, it is the machine name in capital letters. In the example
1001 above, the local user @code{daniel} would be specified as
1002 @file{@trampfn{smb, daniel%MELANCHOLIA, melancholia, /daniel$$/.emacs}}.
1004 The domain name as well as the user name are optional. If no user
1005 name is specified at all, the anonymous user (without password
1006 prompting) is assumed. This is different from all other @value{tramp}
1007 methods, where in such a case the local user name is taken.
1009 The @option{smb} method supports the @samp{-p} argument.
1011 @strong{Please note:} If @value{emacsname} runs locally under MS
1012 Windows, this method isn't available. Instead of, you can use UNC
1013 file names like @file{//melancholia/daniel$$/.emacs}. The only
1014 disadvantage is that there's no possibility to specify another user
1021 @cindex method imaps
1023 @cindex imaps method
1025 Accessing an IMAP mailbox is intended to save files there as encrypted
1026 message. It could be used in case there are no other remote file
1029 @value{tramp} supports both @option{imap} and @option{imaps} methods.
1030 The latter one accesses the IMAP server over ssl.
1032 Both methods support the port number specification.
1034 Note, that special handling is needed for declaring a passphrase for
1035 encryption / decryption of the messages (@pxref{Using an
1036 authentication file}).
1043 @node GVFS based methods
1044 @section GVFS based external methods
1045 @cindex methods, gvfs
1046 @cindex gvfs based methods
1049 The connection methods described in this section are based on GVFS
1050 @uref{http://en.wikipedia.org/wiki/GVFS}. Via GVFS, the remote
1051 filesystem is mounted locally through FUSE. @value{tramp} uses
1052 internally this local mounted directory.
1054 The communication with GVFS is implemented via D-Bus messages.
1055 Therefore, your @value{emacsname} must have D-Bus integration,
1056 @pxref{Top, , D-Bus, dbus}.
1065 This method provides access to WebDAV files and directories. There
1066 exists also the external method @option{davs}, which uses SSL
1067 encryption for the access.
1069 Both methods support the port number specification as discussed above.
1076 OBEX is an FTP-like access protocol for simple devices, like cell
1077 phones. Until now @value{tramp} supports only OBEX over Bluetooth.
1080 @item @option{synce}
1081 @cindex method synce
1082 @cindex synce method
1084 The @option{synce} method allows communication with Windows Mobile
1085 devices. Beside GVFS for mounting remote files and directories via
1086 FUSE, it needs also the SYNCE-GVFS plugin.
1089 @defopt tramp-gvfs-methods
1090 This customer option, a list, defines the external methods, which
1091 shall be used with GVFS. Per default, these are @option{dav},
1092 @option{davs}, @option{obex} and @option{synce}. Other possible
1093 values are @option{ftp}, @option{sftp} and @option{smb}.
1099 @node Gateway methods
1100 @section Gateway methods
1101 @cindex methods, gateway
1102 @cindex gateway methods
1104 Gateway methods are not methods to access a remote host directly.
1105 These methods are intended to pass firewalls or proxy servers.
1106 Therefore, they can be used for proxy host declarations
1107 (@pxref{Multi-hops}) only.
1109 A gateway method must come always along with a method who supports
1110 port setting. This is because @value{tramp} targets the accompanied
1111 method to @file{localhost#random_port}, from where the firewall or
1112 proxy server is accessed to.
1114 Gateway methods support user name and password declarations. These
1115 are used to authenticate towards the corresponding firewall or proxy
1116 server. They can be passed only if your friendly administrator has
1117 granted your access.
1120 @item @option{tunnel}
1121 @cindex method tunnel
1122 @cindex tunnel method
1124 This method implements an HTTP tunnel via the @command{CONNECT}
1125 command (see RFC 2616, 2817). Any HTTP 1.1 compliant (proxy) server
1126 shall support this command.
1128 As authentication method, only @option{Basic Authentication} (see RFC
1129 2617) is implemented so far. If no port number is given in the
1130 declaration, port @option{8080} is used for the proxy server.
1133 @item @option{socks}
1134 @cindex method socks
1135 @cindex socks method
1137 The @command{socks} method provides access to SOCKSv5 servers (see
1138 RFC 1928). @option{Username/Password Authentication} according to RFC
1141 The default port number of the socks server is @option{1080}, if not
1142 specified otherwise.
1148 @node Default Method
1149 @section Selecting a default method
1150 @cindex default method
1152 @vindex tramp-default-method
1153 When you select an appropriate transfer method for your typical usage
1154 you should set the variable @code{tramp-default-method} to reflect that
1155 choice. This variable controls which method will be used when a method
1156 is not specified in the @value{tramp} file name. For example:
1159 (setq tramp-default-method "ssh")
1162 @vindex tramp-default-method-alist
1163 You can also specify different methods for certain user/host
1164 combinations, via the variable @code{tramp-default-method-alist}. For
1165 example, the following two lines specify to use the @option{ssh}
1166 method for all user names matching @samp{john} and the @option{rsync}
1167 method for all host names matching @samp{lily}. The third line
1168 specifies to use the @option{su} method for the user @samp{root} on
1169 the machine @samp{localhost}.
1172 (add-to-list 'tramp-default-method-alist '("" "john" "ssh"))
1173 (add-to-list 'tramp-default-method-alist '("lily" "" "rsync"))
1174 (add-to-list 'tramp-default-method-alist
1175 '("\\`localhost\\'" "\\`root\\'" "su"))
1179 See the documentation for the variable
1180 @code{tramp-default-method-alist} for more details.
1182 External methods are normally preferable to inline methods, giving
1185 @xref{Inline methods}.
1186 @xref{External methods}.
1188 Another consideration with the selection of transfer methods is the
1189 environment you will use them in and, especially when used over the
1190 Internet, the security implications of your preferred method.
1192 The @option{rsh} and @option{telnet} methods send your password as
1193 plain text as you log in to the remote machine, as well as
1194 transferring the files in such a way that the content can easily be
1195 read from other machines.
1197 If you need to connect to remote systems that are accessible from the
1198 Internet, you should give serious thought to using @option{ssh} based
1199 methods to connect. These provide a much higher level of security,
1200 making it a non-trivial exercise for someone to obtain your password
1201 or read the content of the files you are editing.
1204 @subsection Which method is the right one for me?
1205 @cindex choosing the right method
1207 Given all of the above, you are probably thinking that this is all fine
1208 and good, but it's not helping you to choose a method! Right you are.
1209 As a developer, we don't want to boss our users around but give them
1210 maximum freedom instead. However, the reality is that some users would
1211 like to have some guidance, so here I'll try to give you this guidance
1212 without bossing you around. You tell me whether it works @dots{}
1214 My suggestion is to use an inline method. For large files, external
1215 methods might be more efficient, but I guess that most people will
1216 want to edit mostly small files. And if you access large text files,
1217 compression (driven by @var{tramp-inline-compress-start-size}) shall
1218 still result in good performance.
1220 I guess that these days, most people can access a remote machine by
1221 using @command{ssh}. So I suggest that you use the @option{ssh}
1222 method. So, type @kbd{C-x C-f @trampfn{ssh, root, otherhost,
1223 /etc/motd} @key{RET}} to edit the @file{/etc/motd} file on the other
1226 If you can't use @option{ssh} to log in to the remote host, then
1227 select a method that uses a program that works. For instance, Windows
1228 users might like the @option{plink} method which uses the PuTTY
1229 implementation of @command{ssh}. Or you use Kerberos and thus like
1232 For the special case of editing files on the local host as another
1233 user, see the @option{su} or @option{sudo} methods. They offer
1234 shortened syntax for the @samp{root} account, like
1235 @file{@trampfn{su, , , /etc/motd}}.
1237 People who edit large files may want to consider @option{scpc} instead
1238 of @option{ssh}, or @option{pscp} instead of @option{plink}. These
1239 external methods are faster than inline methods for large files.
1240 Note, however, that external methods suffer from some limitations.
1241 Please try first whether you really get a noticeable speed advantage
1242 from using an external method! Maybe even for large files, inline
1243 methods are fast enough.
1247 @section Selecting a default user
1248 @cindex default user
1250 The user part of a @value{tramp} file name can be omitted. Usually,
1251 it is replaced by the user name you are logged in. Often, this is not
1252 what you want. A typical use of @value{tramp} might be to edit some
1253 files with root permissions on the local host. This case, you should
1254 set the variable @code{tramp-default-user} to reflect that choice.
1258 (setq tramp-default-user "root")
1261 @code{tramp-default-user} is regarded as obsolete, and will be removed
1264 @vindex tramp-default-user-alist
1265 You can also specify different users for certain method/host
1266 combinations, via the variable @code{tramp-default-user-alist}. For
1267 example, if you always have to use the user @samp{john} in the domain
1268 @samp{somewhere.else}, you can specify the following:
1271 (add-to-list 'tramp-default-user-alist
1272 '("ssh" ".*\\.somewhere\\.else\\'" "john"))
1276 See the documentation for the variable
1277 @code{tramp-default-user-alist} for more details.
1279 One trap to fall in must be known. If @value{tramp} finds a default
1280 user, this user will be passed always to the connection command as
1281 parameter (for example @samp{ssh here.somewhere.else -l john}. If you
1282 have specified another user for your command in its configuration
1283 files, @value{tramp} cannot know it, and the remote access will fail.
1284 If you have specified in the given example in @file{~/.ssh/config} the
1288 Host here.somewhere.else
1293 than you must discard selecting a default user by @value{tramp}. This
1294 will be done by setting it to @code{nil} (or @samp{lily}, likewise):
1297 (add-to-list 'tramp-default-user-alist
1298 '("ssh" "\\`here\\.somewhere\\.else\\'" nil))
1301 The last entry in @code{tramp-default-user-alist} could be your
1302 default user you'll apply predominantly. You shall @emph{append} it
1303 to that list at the end:
1306 (add-to-list 'tramp-default-user-alist '(nil nil "jonas") t)
1311 @section Selecting a default host
1312 @cindex default host
1314 @vindex tramp-default-host
1315 Finally, it is even possible to omit the host name part of a
1316 @value{tramp} file name. This case, the value of the variable
1317 @code{tramp-default-host} is used. Per default, it is initialized
1318 with the host name your local @value{emacsname} is running.
1320 If you, for example, use @value{tramp} mainly to contact the host
1321 @samp{target} as user @samp{john}, you can specify:
1324 (setq tramp-default-user "john"
1325 tramp-default-host "target")
1328 Then the simple file name @samp{@trampfn{ssh, , ,}} will connect you
1329 to John's home directory on target.
1331 Note, however, that the most simplification @samp{/::} won't work,
1332 because @samp{/:} is the prefix for quoted file names.
1337 @section Connecting to a remote host using multiple hops
1341 Sometimes, the methods described before are not sufficient. Sometimes,
1342 it is not possible to connect to a remote host using a simple command.
1343 For example, if you are in a secured network, you might have to log in
1344 to a `bastion host' first before you can connect to the outside world.
1345 Of course, the target host may also require a bastion host.
1347 @vindex tramp-default-proxies-alist
1348 In order to specify such multiple hops, it is possible to define a proxy
1349 host to pass through, via the variable
1350 @code{tramp-default-proxies-alist}. This variable keeps a list of
1351 triples (@var{host} @var{user} @var{proxy}).
1353 The first matching item specifies the proxy host to be passed for a
1354 file name located on a remote target matching @var{user}@@@var{host}.
1355 @var{host} and @var{user} are regular expressions or @code{nil}, which
1356 is interpreted as a regular expression which always matches.
1358 @var{proxy} must be a Tramp filename which localname part is ignored.
1359 Method and user name on @var{proxy} are optional, which is interpreted
1360 with the default values.
1362 The method must be an inline or gateway method (@pxref{Inline
1363 methods}, @pxref{Gateway methods}).
1366 The method must be an inline method (@pxref{Inline methods}).
1368 If @var{proxy} is @code{nil}, no additional hop is required reaching
1369 @var{user}@@@var{host}.
1371 If you, for example, must pass the host @samp{bastion.your.domain} as
1372 user @samp{bird} for any remote host which is not located in your local
1376 (add-to-list 'tramp-default-proxies-alist
1377 '("\\." nil "@trampfn{ssh, bird, bastion.your.domain,}"))
1378 (add-to-list 'tramp-default-proxies-alist
1379 '("\\.your\\.domain\\'" nil nil))
1382 Please note the order of the code. @code{add-to-list} adds elements at the
1383 beginning of a list. Therefore, most relevant rules must be added last.
1385 Proxy hosts can be cascaded. If there is another host called
1386 @samp{jump.your.domain}, which is the only one in your local domain who
1387 is allowed connecting @samp{bastion.your.domain}, you can add another
1391 (add-to-list 'tramp-default-proxies-alist
1392 '("\\`bastion\\.your\\.domain\\'"
1394 "@trampfn{ssh, , jump.your.domain,}"))
1397 @var{proxy} can contain the patterns @code{%h} or @code{%u}. These
1398 patterns are replaced by the strings matching @var{host} or
1399 @var{user}, respectively.
1401 If you, for example, wants to work as @samp{root} on hosts in the
1402 domain @samp{your.domain}, but login as @samp{root} is disabled for
1403 non-local access, you might add the following rule:
1406 (add-to-list 'tramp-default-proxies-alist
1407 '("\\.your\\.domain\\'" "\\`root\\'" "@trampfn{ssh, , %h,}"))
1410 Opening @file{@trampfn{sudo, , randomhost.your.domain,}} would connect
1411 first @samp{randomhost.your.domain} via @code{ssh} under your account
1412 name, and perform @code{sudo -u root} on that host afterwards. It is
1413 important to know that the given method is applied on the host which
1414 has been reached so far. @code{sudo -u root}, applied on your local
1415 host, wouldn't be useful here.
1417 @var{host}, @var{user} and @var{proxy} can also be Lisp forms. These
1418 forms are evaluated, and must return a string, or @code{nil}. The
1419 previous example could be generalized then: For all hosts except my
1420 local one connect via @code{ssh} first, and apply @code{sudo -u root}
1424 (add-to-list 'tramp-default-proxies-alist
1425 '(nil "\\`root\\'" "@trampfn{ssh, , %h,}"))
1426 (add-to-list 'tramp-default-proxies-alist
1427 '((regexp-quote (system-name)) nil nil))
1430 This is the recommended configuration to work as @samp{root} on remote
1434 Finally, @code{tramp-default-proxies-alist} can be used to pass
1435 firewalls or proxy servers. Imagine your local network has a host
1436 @samp{proxy.your.domain} which is used on port 3128 as HTTP proxy to
1437 the outer world. Your friendly administrator has granted you access
1438 under your user name to @samp{host.other.domain} on that proxy
1439 server.@footnote{HTTP tunnels are intended for secure SSL/TLS
1440 communication. Therefore, many proxy server restrict the tunnels to
1441 related target ports. You might need to run your ssh server on your
1442 target host @samp{host.other.domain} on such a port, like 443 (https).
1443 See @uref{http://savannah.gnu.org/maintenance/CvsFromBehindFirewall}
1444 for discussion of ethical issues.} You would need to add the
1448 (add-to-list 'tramp-default-proxies-alist
1449 '("\\`host\\.other\\.domain\\'" nil
1450 "@trampfn{tunnel, , proxy.your.domain#3128,}"))
1453 Gateway methods can be declared as first hop only in a multiple hop
1458 @node Customizing Methods
1459 @section Using Non-Standard Methods
1460 @cindex customizing methods
1461 @cindex using non-standard methods
1462 @cindex create your own methods
1464 There is a variable @code{tramp-methods} which you can change if the
1465 predefined methods don't seem right.
1467 For the time being, I'll refer you to the Lisp documentation of that
1468 variable, accessible with @kbd{C-h v tramp-methods @key{RET}}.
1471 @node Customizing Completion
1472 @section Selecting config files for user/host name completion
1473 @cindex customizing completion
1474 @cindex selecting config files
1475 @vindex tramp-completion-function-alist
1477 The variable @code{tramp-completion-function-alist} is intended to
1478 customize which files are taken into account for user and host name
1479 completion (@pxref{Filename completion}). For every method, it keeps
1480 a set of configuration files, accompanied by a Lisp function able to
1481 parse that file. Entries in @code{tramp-completion-function-alist}
1482 have the form (@var{method} @var{pair1} @var{pair2} ...).
1484 Each @var{pair} is composed of (@var{function} @var{file}).
1485 @var{function} is responsible to extract user names and host names
1486 from @var{file} for completion. There are two functions which access
1489 @defun tramp-get-completion-function method
1490 This function returns the list of completion functions for @var{method}.
1494 (tramp-get-completion-function "rsh")
1496 @result{} ((tramp-parse-rhosts "/etc/hosts.equiv")
1497 (tramp-parse-rhosts "~/.rhosts"))
1501 @defun tramp-set-completion-function method function-list
1502 This function sets @var{function-list} as list of completion functions
1507 (tramp-set-completion-function "ssh"
1508 '((tramp-parse-sconfig "/etc/ssh_config")
1509 (tramp-parse-sconfig "~/.ssh/config")))
1511 @result{} ((tramp-parse-sconfig "/etc/ssh_config")
1512 (tramp-parse-sconfig "~/.ssh/config"))
1516 The following predefined functions parsing configuration files exist:
1519 @item @code{tramp-parse-rhosts}
1520 @findex tramp-parse-rhosts
1522 This function parses files which are syntactical equivalent to
1523 @file{~/.rhosts}. It returns both host names and user names, if
1526 @item @code{tramp-parse-shosts}
1527 @findex tramp-parse-shosts
1529 This function parses files which are syntactical equivalent to
1530 @file{~/.ssh/known_hosts}. Since there are no user names specified
1531 in such files, it can return host names only.
1533 @item @code{tramp-parse-sconfig}
1534 @findex tramp-parse-shosts
1536 This function returns the host nicknames defined by @code{Host} entries
1537 in @file{~/.ssh/config} style files.
1539 @item @code{tramp-parse-shostkeys}
1540 @findex tramp-parse-shostkeys
1542 SSH2 parsing of directories @file{/etc/ssh2/hostkeys/*} and
1543 @file{~/ssh2/hostkeys/*}. Hosts are coded in file names
1544 @file{hostkey_@var{portnumber}_@var{host-name}.pub}. User names
1545 are always @code{nil}.
1547 @item @code{tramp-parse-sknownhosts}
1548 @findex tramp-parse-shostkeys
1550 Another SSH2 style parsing of directories like
1551 @file{/etc/ssh2/knownhosts/*} and @file{~/ssh2/knownhosts/*}. This
1552 case, hosts names are coded in file names
1553 @file{@var{host-name}.@var{algorithm}.pub}. User names are always @code{nil}.
1555 @item @code{tramp-parse-hosts}
1556 @findex tramp-parse-hosts
1558 A function dedicated to @file{/etc/hosts} style files. It returns
1561 @item @code{tramp-parse-passwd}
1562 @findex tramp-parse-passwd
1564 A function which parses @file{/etc/passwd} like files. Obviously, it
1565 can return user names only.
1567 @item @code{tramp-parse-netrc}
1568 @findex tramp-parse-netrc
1570 Finally, a function which parses @file{~/.netrc} like files.
1573 If you want to keep your own data in a file, with your own structure,
1574 you might provide such a function as well. This function must meet
1575 the following conventions:
1577 @defun my-tramp-parse file
1578 @var{file} must be either a file name on your host, or @code{nil}.
1579 The function must return a list of (@var{user} @var{host}), which are
1580 taken as candidates for user and host name completion.
1584 (my-tramp-parse "~/.my-tramp-hosts")
1586 @result{} ((nil "toto") ("daniel" "melancholia"))
1591 @node Password handling
1592 @section Reusing passwords for several connections.
1595 Sometimes it is necessary to connect to the same remote host several
1596 times. Reentering passwords again and again would be annoying, when
1597 the chosen method does not support access without password prompt
1598 through own configuration.
1600 The best recommendation is to use the method's own mechanism for
1601 password handling. Consider @command{ssh-agent} for @option{ssh}-like
1602 methods, or @command{pageant} for @option{plink}-like methods.
1604 However, if you cannot apply such native password handling,
1605 @value{tramp} offers altenatives.
1608 @anchor{Using an authentication file}
1609 @subsection Using an authentication file
1611 @vindex auth-sources
1612 The package @file{auth-source.el}, originally developed in No Gnus,
1613 offers the possibility to read passwords from a file, like FTP does it
1614 from @file{~/.netrc}. The default authentication file is
1615 @file{~/.authinfo.gpg}, this can be changed via the variable
1616 @code{auth-sources}.
1619 A typical entry in the authentication file would be
1622 machine melancholia port scp login daniel password geheim
1625 The port can be any @value{tramp} method (@pxref{Inline methods},
1626 @pxref{External methods}), to match only this method. When you omit
1627 the port, you match all @value{tramp} methods.
1630 A special case are @option{imap}-like methods. Authentication with
1631 the IMAP server is performed via @file{imap.el}, there is no special
1632 need from @value{tramp} point of view. An additional passphrase, used
1633 for symmetric encryption and decryption of the stored messages, should
1634 be given with the special port indication @option{tramp-imap}:
1637 machine melancholia port tramp-imap login daniel password ultrageheim
1641 @anchor{Caching passwords}
1642 @subsection Caching passwords
1644 If there is no authentication file, @value{tramp} caches the passwords
1645 entered by you. They will be reused next time if a connection needs
1646 them for the same user name and host name, independently of the
1649 @vindex password-cache-expiry
1650 Passwords are not saved permanently, that means the password caching
1651 is limited to the lifetime of your @value{emacsname} session. You
1652 can influence the lifetime of password caching by customizing the
1653 variable @code{password-cache-expiry}. The value is the number of
1654 seconds how long passwords are cached. Setting it to @code{nil}
1655 disables the expiration.
1657 @vindex password-cache
1658 If you don't like this feature for security reasons, password caching
1659 can be disabled totally by customizing the variable
1660 @code{password-cache} (setting it to @code{nil}).
1662 Implementation Note: password caching is based on the package
1663 @file{password-cache.el}. For the time being, it is activated only
1664 when this package is seen in the @code{load-path} while loading
1666 @ifset installchapter
1667 If you don't use No Gnus, you can take @file{password.el} from the
1668 @value{tramp} @file{contrib} directory, see @ref{Installation
1673 @node Connection caching
1674 @section Reusing connection related information.
1677 @vindex tramp-persistency-file-name
1678 In order to reduce initial connection time, @value{tramp} stores
1679 connection related information persistently. The variable
1680 @code{tramp-persistency-file-name} keeps the file name where these
1681 information are written. Its default value is
1683 @file{~/.emacs.d/tramp}.
1686 @file{~/.xemacs/tramp}.
1688 It is recommended to choose a local file name.
1690 @value{tramp} reads this file during startup, and writes it when
1691 exiting @value{emacsname}. You can simply remove this file if
1692 @value{tramp} shall be urged to recompute these information next
1693 @value{emacsname} startup time.
1695 Using such persistent information can be disabled by setting
1696 @code{tramp-persistency-file-name} to @code{nil}.
1698 Once consequence of reusing connection related information is that
1699 @var{tramp} needs to distinguish hosts. If you, for example, run a
1700 local @code{sshd} on port 3001, which tunnels @command{ssh} to another
1701 host, you could access both @file{@trampfn{ssh, , localhost,}} and
1702 @file{@trampfn{ssh, , localhost#3001,}}. @var{tramp} would use the
1703 same host related information (like paths, Perl variants, etc) for
1704 both connections, although the information is valid only for one of
1707 In order to avoid trouble, you must use another host name for one of
1708 the connections, like introducing a @option{Host} section in
1709 @file{~/.ssh/config} (@pxref{Frequently Asked Questions}) or applying
1710 multiple hops (@pxref{Multi-hops}).
1712 When @value{tramp} detects a changed operating system version on a
1713 remote host (via the command @command{uname -sr}), it flushes all
1714 connection related information for this host, and opens the
1718 @node Remote Programs
1719 @section How @value{tramp} finds and uses programs on the remote machine.
1721 @value{tramp} depends on a number of programs on the remote host in order to
1722 function, including @command{ls}, @command{test}, @command{find} and
1725 In addition to these required tools, there are various tools that may be
1726 required based on the connection method. See @ref{Inline methods} and
1727 @ref{External methods} for details on these.
1729 Certain other tools, such as @command{perl} (or @command{perl5}) and
1730 @command{grep} will be used if they can be found. When they are
1731 available, they are used to improve the performance and accuracy of
1734 @vindex tramp-remote-path
1735 @vindex tramp-default-remote-path
1736 @vindex tramp-own-remote-path
1737 @defopt tramp-remote-path
1738 When @value{tramp} connects to the remote machine, it searches for the
1739 programs that it can use. The variable @code{tramp-remote-path}
1740 controls the directories searched on the remote machine.
1742 By default, this is set to a reasonable set of defaults for most
1743 machines. The symbol @code{tramp-default-remote-path} is a place
1744 holder, it is replaced by the list of directories received via the
1745 command @command{getconf PATH} on your remote machine. For example,
1746 on GNU Debian this is @file{/bin:/usr/bin}, whereas on Solaris this is
1747 @file{/usr/xpg4/bin:/usr/ccs/bin:/usr/bin:/opt/SUNWspro/bin}. It is
1748 recommended to apply this symbol on top of @code{tramp-remote-path}.
1750 It is possible, however, that your local (or remote ;) system
1751 administrator has put the tools you want in some obscure local
1754 In this case, you can still use them with @value{tramp}. You simply
1755 need to add code to your @file{.emacs} to add the directory to the
1756 remote path. This will then be searched by @value{tramp} when you
1757 connect and the software found.
1759 To add a directory to the remote search path, you could use code such
1763 @i{;; We load @value{tramp} to define the variable.}
1765 @i{;; We have @command{perl} in "/usr/local/perl/bin"}
1766 (add-to-list 'tramp-remote-path "/usr/local/perl/bin")
1769 Another possibility is to reuse the path settings of your remote
1770 account, when you log in. Usually, these settings are overwritten,
1771 because they might not be useful for @value{tramp}. The place holder
1772 @code{tramp-own-remote-path} preserves these settings. You can
1776 (add-to-list 'tramp-remote-path 'tramp-own-remote-path)
1780 @value{tramp} caches several information, like the Perl binary
1781 location. The changed remote search path wouldn't affect these
1782 settings. In order to force @value{tramp} to recompute these values,
1783 you must exit @value{emacsname}, remove your persistency file
1784 (@pxref{Connection caching}), and restart @value{emacsname}.
1787 @node Remote shell setup
1788 @section Remote shell setup hints
1789 @cindex remote shell setup
1790 @cindex @file{.profile} file
1791 @cindex @file{.login} file
1792 @cindex shell init files
1794 As explained in the @ref{Overview} section, @value{tramp} connects to the
1795 remote host and talks to the shell it finds there. Of course, when you
1796 log in, the shell executes its init files. Suppose your init file
1797 requires you to enter the birth date of your mother; clearly @value{tramp}
1798 does not know this and hence fails to log you in to that host.
1800 There are different possible strategies for pursuing this problem. One
1801 strategy is to enable @value{tramp} to deal with all possible situations.
1802 This is a losing battle, since it is not possible to deal with
1803 @emph{all} situations. The other strategy is to require you to set up
1804 the remote host such that it behaves like @value{tramp} expects. This might
1805 be inconvenient because you have to invest a lot of effort into shell
1806 setup before you can begin to use @value{tramp}.
1808 The package, therefore, pursues a combined approach. It tries to
1809 figure out some of the more common setups, and only requires you to
1810 avoid really exotic stuff. For example, it looks through a list of
1811 directories to find some programs on the remote host. And also, it
1812 knows that it is not obvious how to check whether a file exists, and
1813 therefore it tries different possibilities. (On some hosts and
1814 shells, the command @command{test -e} does the trick, on some hosts
1815 the shell builtin doesn't work but the program @command{/usr/bin/test
1816 -e} or @command{/bin/test -e} works. And on still other hosts,
1817 @command{ls -d} is the right way to do this.)
1819 Below you find a discussion of a few things that @value{tramp} does not deal
1820 with, and that you therefore have to set up correctly.
1823 @item @var{shell-prompt-pattern}
1824 @vindex shell-prompt-pattern
1826 After logging in to the remote host, @value{tramp} has to wait for the remote
1827 shell startup to finish before it can send commands to the remote
1828 shell. The strategy here is to wait for the shell prompt. In order to
1829 recognize the shell prompt, the variable @code{shell-prompt-pattern} has
1830 to be set correctly to recognize the shell prompt on the remote host.
1832 Note that @value{tramp} requires the match for @code{shell-prompt-pattern}
1833 to be at the end of the buffer. Many people have something like the
1834 following as the value for the variable: @code{"^[^>$][>$] *"}. Now
1835 suppose your shell prompt is @code{a <b> c $ }. In this case,
1836 @value{tramp} recognizes the @code{>} character as the end of the prompt,
1837 but it is not at the end of the buffer.
1839 @item @var{tramp-shell-prompt-pattern}
1840 @vindex tramp-shell-prompt-pattern
1842 This regular expression is used by @value{tramp} in the same way as
1843 @code{shell-prompt-pattern}, to match prompts from the remote shell.
1844 This second variable exists because the prompt from the remote shell
1845 might be different from the prompt from a local shell --- after all,
1846 the whole point of @value{tramp} is to log in to remote hosts as a
1847 different user. The default value of
1848 @code{tramp-shell-prompt-pattern} is the same as the default value of
1849 @code{shell-prompt-pattern}, which is reported to work well in many
1852 @item @var{tramp-password-prompt-regexp}
1853 @vindex tramp-password-prompt-regexp
1854 @vindex tramp-wrong-passwd-regexp
1856 During login, @value{tramp} might be forced to enter a password or a
1857 passphrase. The difference between both is that a password is
1858 requested from the shell on the remote host, while a passphrase is
1859 needed for accessing local authentication information, like your ssh
1862 @var{tramp-password-prompt-regexp} handles the detection of such
1863 requests for English environments. When you use another localization
1864 of your (local or remote) host, you might need to adapt this. Example:
1868 tramp-password-prompt-regexp
1872 '("passphrase" "Passphrase"
1874 "password" "Password"
1876 "passwort" "Passwort"
1878 "mot de passe" "Mot de passe") t)