1 \input texinfo @c -*-texinfo-*-
2 @setfilename ../../info/tramp
4 @settitle TRAMP User Manual
7 @c This is *so* much nicer :)
10 @c In the Tramp repository, the version number is auto-frobbed from
11 @c configure.ac, so you should edit that file and run
12 @c "autoconf && ./configure" to change the version number.
14 @c Additionally, flags are set with respect to the Emacs flavor; and
15 @c depending whether Tramp is packaged into (X)Emacs, or standalone.
17 @include trampver.texi
19 @c Macro for formatting a filename according to the respective syntax.
20 @c xxx and yyy are auxiliary macros in order to omit leading and
21 @c trailing whitespace. Not very elegant, but I don't know it better.
27 @macro yyy {one, two}@c
35 @macro trampfn {method, user, host, localname}@c
36 @value{prefix}@yyy{\method\,@value{postfixhop}}@yyy{\user\,@@}\host\@value{postfix}\localname\@c
40 Copyright @copyright{} 1999--2013 Free Software Foundation, Inc.
43 Permission is granted to copy, distribute and/or modify this document
44 under the terms of the GNU Free Documentation License, Version 1.3 or
45 any later version published by the Free Software Foundation; with no
46 Invariant Sections, with the Front-Cover texts being ``A GNU Manual'',
47 and with the Back-Cover Texts as in (a) below. A copy of the license
48 is included in the section entitled ``GNU Free Documentation License''.
50 (a) The FSF's Back-Cover Text is: ``You have the freedom to
51 copy and modify this GNU manual.''
55 @c Entries for @command{install-info} to use
56 @dircategory @value{emacsname} network features
58 * TRAMP: (tramp). Transparent Remote Access, Multiple Protocol
59 @value{emacsname} remote file access via rsh and rcp.
63 @title @value{tramp} version @value{trampver} User Manual
64 @author by Daniel Pittman
65 @author based on documentation by Kai Gro@ss{}johann
73 @node Top, Overview, (dir), (dir)
74 @top @value{tramp} version @value{trampver} User Manual
76 This file documents @value{tramp} version @value{trampver}, a remote file
77 editing package for @value{emacsname}.
79 @value{tramp} stands for `Transparent Remote (file) Access, Multiple
80 Protocol'. This package provides remote file editing, similar to
81 @value{ftppackagename}.
83 The difference is that @value{ftppackagename} uses FTP to transfer
84 files between the local and the remote host, whereas @value{tramp} uses a
85 combination of @command{rsh} and @command{rcp} or other work-alike
86 programs, such as @command{ssh}/@command{scp}.
88 You can find the latest version of this document on the web at
89 @uref{http://www.gnu.org/software/tramp/}.
91 @c Pointer to the other Emacs flavor is necessary only in case of
92 @c standalone installation.
94 The manual has been generated for @value{emacsname}.
96 If you want to read the info pages for @value{emacsothername}, you
97 should read in @ref{Installation} how to create them.
100 If you're using the other Emacs flavor, you should read the
101 @uref{@value{emacsotherfilename}, @value{emacsothername}} pages.
106 The latest release of @value{tramp} is available for
107 @uref{ftp://ftp.gnu.org/gnu/tramp/, download}, or you may see
108 @ref{Obtaining Tramp} for more details, including the Git server
111 @value{tramp} also has a @uref{http://savannah.gnu.org/projects/tramp/,
112 Savannah Project Page}.
115 There is a mailing list for @value{tramp}, available at
116 @email{tramp-devel@@gnu.org}, and archived at
117 @uref{http://lists.gnu.org/archive/html/tramp-devel/, the
118 @value{tramp} Mail Archive}.
120 Older archives are located at
121 @uref{http://sourceforge.net/mailarchive/forum.php?forum=tramp-devel,
122 SourceForge Mail Archive} and
123 @uref{http://www.mail-archive.com/emacs-rcp@@ls6.cs.uni-dortmund.de/,
125 @c in HTML output, there's no new paragraph.
134 * Overview:: What @value{tramp} can and cannot do.
138 * Obtaining Tramp:: How to obtain @value{tramp}.
139 * History:: History of @value{tramp}.
140 @ifset installchapter
141 * Installation:: Installing @value{tramp} with your @value{emacsname}.
143 * Configuration:: Configuring @value{tramp} for use.
144 * Usage:: An overview of the operation of @value{tramp}.
145 * Bug Reports:: Reporting Bugs and Problems.
146 * Frequently Asked Questions:: Questions and answers from the mailing list.
147 * Function Index:: @value{tramp} functions.
148 * Variable Index:: User options and variables.
149 * Concept Index:: An item for each concept.
153 * Files directories and localnames:: How file names, directories and localnames are mangled and managed.
154 * Traces and Profiles:: How to Customize Traces.
155 * Issues:: Debatable Issues and What Was Decided.
157 * GNU Free Documentation License:: The license for this documentation.
160 --- The Detailed Node Listing ---
162 @ifset installchapter
163 Installing @value{tramp} with your @value{emacsname}
165 * Installation parameters:: Parameters in order to control installation.
166 * Load paths:: How to plug-in @value{tramp} into your environment.
170 Configuring @value{tramp} for use
172 * Connection types:: Types of connections made to remote machines.
173 * Inline methods:: Inline methods.
174 * External methods:: External methods.
176 * GVFS based methods:: GVFS based external methods.
179 * Gateway methods:: Gateway methods.
181 * Default Method:: Selecting a default method.
182 * Default User:: Selecting a default user.
183 * Default Host:: Selecting a default host.
184 * Multi-hops:: Connecting to a remote host using multiple hops.
185 * Customizing Methods:: Using Non-Standard Methods.
186 * Customizing Completion:: Selecting config files for user/host name completion.
187 * Password handling:: Reusing passwords for several connections.
188 * Connection caching:: Reusing connection related information.
189 * Remote Programs:: How @value{tramp} finds and uses programs on the remote machine.
190 * Remote shell setup:: Remote shell setup hints.
191 * Windows setup hints:: Issues with Cygwin ssh.
192 * Auto-save and Backup:: Auto-save and Backup.
196 * Filename Syntax:: @value{tramp} filename conventions.
197 * Alternative Syntax:: URL-like filename syntax.
198 * Filename completion:: Filename completion.
199 * Ad-hoc multi-hops:: Declaring multiple hops in the file name.
200 * Remote processes:: Integration with other @value{emacsname} packages.
201 * Cleanup remote connections:: Cleanup remote connections.
203 How file names, directories and localnames are mangled and managed
205 * Localname deconstruction:: Breaking a localname into its components.
207 * External packages:: Integration with external Lisp packages.
214 @chapter An overview of @value{tramp}
217 After the installation of @value{tramp} into your @value{emacsname}, you
218 will be able to access files on remote machines as though they were
219 local. Access to the remote file system for editing files, version
220 control, and @code{dired} are transparently enabled.
222 Your access to the remote machine can be with the @command{rsh},
223 @command{rlogin}, @command{telnet} programs or with any similar
224 connection method. This connection must pass @acronym{ASCII}
225 successfully to be usable but need not be 8-bit clean.
227 The package provides support for @command{ssh} connections out of the
228 box, one of the more common uses of the package. This allows
229 relatively secure access to machines, especially if @command{ftp}
232 Under Windows, @value{tramp} is integrated with the PuTTY package,
233 using the @command{plink} program.
235 The majority of activity carried out by @value{tramp} requires only that
236 the remote login is possible and is carried out at the terminal. In
237 order to access remote files @value{tramp} needs to transfer their content
238 to the local machine temporarily.
240 @value{tramp} can transfer files between the machines in a variety of ways.
241 The details are easy to select, depending on your needs and the
242 machines in question.
244 The fastest transfer methods for large files rely on a remote file
245 transfer package such as @command{rcp}, @command{scp}, @command{rsync}
246 or (under Windows) @command{pscp}.
248 If the remote copy methods are not suitable for you, @value{tramp} also
249 supports the use of encoded transfers directly through the shell.
250 This requires that the @command{mimencode} or @command{uuencode} tools
251 are available on the remote machine. These methods are generally
252 faster for small files.
254 @value{tramp} is still under active development and any problems you encounter,
255 trivial or major, should be reported to the @value{tramp} developers.
259 @subsubheading Behind the scenes
260 @cindex behind the scenes
261 @cindex details of operation
264 This section tries to explain what goes on behind the scenes when you
265 access a remote file through @value{tramp}.
267 Suppose you type @kbd{C-x C-f} and enter part of an @value{tramp} file name,
268 then hit @kbd{@key{TAB}} for completion. Suppose further that this is
269 the first time that @value{tramp} is invoked for the host in question. Here's
274 @value{tramp} discovers that it needs a connection to the host. So it
275 invokes @samp{telnet @var{host}} or @samp{rsh @var{host} -l
276 @var{user}} or a similar tool to connect to the remote host.
277 Communication with this process happens through an
278 @value{emacsname} buffer, that is, the output from the remote end
282 The remote host may prompt for a login name (for @command{telnet}).
283 The login name is given in the file name, so @value{tramp} sends the
284 login name and a newline.
287 The remote host may prompt for a password or pass phrase (for
288 @command{rsh} or for @command{telnet} after sending the login name).
289 @value{tramp} displays the prompt in the minibuffer, asking you for the
290 password or pass phrase.
292 You enter the password or pass phrase. @value{tramp} sends it to the remote
293 host, followed by a newline.
296 @value{tramp} now waits for the shell prompt or for a message that the login
299 If @value{tramp} sees neither of them after a certain period of time
300 (a minute, say), then it issues an error message saying that it
301 couldn't find the remote shell prompt and shows you what the remote
304 If @value{tramp} sees a @samp{login failed} message, it tells you so,
305 aborts the login attempt and allows you to try again.
308 Suppose that the login was successful and @value{tramp} sees the shell prompt
309 from the remote host. Now @value{tramp} invokes @command{/bin/sh} because
310 Bourne shells and C shells have different command
311 syntaxes.@footnote{Invoking @command{/bin/sh} will fail if your login
312 shell doesn't recognize @samp{exec /bin/sh} as a valid command.
313 Maybe you use the Scheme shell @command{scsh}@dots{}}
315 After the Bourne shell has come up, @value{tramp} sends a few commands to
316 ensure a good working environment. It turns off echoing, it sets the
317 shell prompt, and a few other things.
320 Now the remote shell is up and it good working order. Remember, what
321 was supposed to happen is that @value{tramp} tries to find out what files exist
322 on the remote host so that it can do filename completion.
324 So, @value{tramp} basically issues @command{cd} and @command{ls} commands and
325 also sometimes @command{echo} with globbing. Another command that is
326 often used is @command{test} to find out whether a file is writable or a
327 directory or the like. The output of each command is parsed for the
331 Suppose you are finished with filename completion, have entered @kbd{C-x
332 C-f}, a full file name and hit @kbd{@key{RET}}. Now comes the time to
333 transfer the file contents from the remote host to the local host so
334 that you can edit them.
336 See above for an explanation of how @value{tramp} transfers the file contents.
338 For inline transfers, @value{tramp} issues a command like @samp{mimencode -b
339 /path/to/remote/file}, waits until the output has accumulated in the
340 buffer that's used for communication, then decodes that output to
341 produce the file contents.
343 For external transfers, @value{tramp} issues a command like the
346 rcp user@@host:/path/to/remote/file /tmp/tramp.4711
348 It then reads the local temporary file @file{/tmp/tramp.4711} into a
349 buffer and deletes the temporary file.
352 You now edit the buffer contents, blithely unaware of what has happened
353 behind the scenes. (Unless you have read this section, that is.) When
354 you are finished, you type @kbd{C-x C-s} to save the buffer.
357 Again, @value{tramp} transfers the file contents to the remote host
358 either inline or external. This is the reverse of what happens when
362 I hope this has provided you with a basic overview of what happens
363 behind the scenes when you open a file with @value{tramp}.
367 @node Obtaining Tramp
368 @chapter Obtaining Tramp.
369 @cindex obtaining Tramp
371 @value{tramp} is freely available on the Internet and the latest
372 release may be downloaded from @uref{ftp://ftp.gnu.org/gnu/tramp/}.
373 This release includes the full documentation and code for
374 @value{tramp}, suitable for installation. But Emacs (22 or later)
375 includes @value{tramp} already, and there is a @value{tramp} package
376 for XEmacs, as well. So maybe it is easier to just use those. But if
377 you want the bleeding edge, read on@dots{...}
379 For the especially brave, @value{tramp} is available from Git. The Git
380 version is the latest version of the code and may contain incomplete
381 features or new issues. Use these versions at your own risk.
383 Instructions for obtaining the latest development version of @value{tramp}
384 from Git can be found by going to the Savannah project page at the
385 following URL and then clicking on the Git link in the navigation bar
389 @uref{http://savannah.gnu.org/projects/tramp/}
392 Or follow the example session below:
395 ] @strong{cd ~/@value{emacsdir}}
396 ] @strong{git clone git://git.savannah.gnu.org/tramp.git}
400 Tramp developers use instead
403 ] @strong{git clone login@@git.sv.gnu.org:/srv/git/tramp.git}
407 You should now have a directory @file{~/@value{emacsdir}/tramp}
408 containing the latest version of @value{tramp}. You can fetch the latest
409 updates from the repository by issuing the command:
412 ] @strong{cd ~/@value{emacsdir}/tramp}
417 Once you've got updated files from the Git repository, you need to run
418 @command{autoconf} in order to get an up-to-date @file{configure}
422 ] @strong{cd ~/@value{emacsdir}/tramp}
428 @chapter History of @value{tramp}
430 @cindex development history
432 Development was started end of November 1998. The package was called
433 @file{rssh.el}, back then. It only provided one method to access a
434 file, using @command{ssh} to log in to a remote host and using
435 @command{scp} to transfer the file contents. After a while, the name
436 was changed to @file{rcp.el}, and now it's @value{tramp}. Along the way,
437 many more methods for getting a remote shell and for transferring the
438 file contents were added. Support for VC was added.
440 After that, there were added the multi-hop methods in April 2000 and
441 the unification of @value{tramp} and Ange-FTP filenames in July 2002.
442 In July 2004, multi-hop methods have been replaced by proxy hosts.
443 Running commands on remote hosts was introduced in December 2005.
445 Support of gateways exists since April 2007.
448 GVFS integration started in February 2009.
451 Remote commands on Windows hosts are available since September 2011.
453 Ad-hoc multi-hop methods (with a changed syntax) have been reenabled
456 In December 2001, @value{tramp} has been added to the XEmacs package
457 repository. Being part of the Emacs repository happened in June 2002,
458 the first release including @value{tramp} was Emacs 22.1.
460 @value{tramp} is also a Debian GNU/Linux package since February 2001.
463 @c Installation chapter is necessary only in case of standalone
464 @c installation. Text taken from trampinst.texi.
465 @ifset installchapter
466 @include trampinst.texi
470 @chapter Configuring @value{tramp} for use
471 @cindex configuration
473 @cindex default configuration
474 @value{tramp} is (normally) fully functional when it is initially
475 installed. It is initially configured to use the @command{scp}
476 program to connect to the remote host. So in the easiest case, you
477 just type @kbd{C-x C-f} and then enter the filename
478 @file{@trampfn{, user, machine, /path/to.file}}.
480 On some hosts, there are problems with opening a connection. These are
481 related to the behavior of the remote shell. See @xref{Remote shell
482 setup}, for details on this.
484 If you do not wish to use these commands to connect to the remote
485 host, you should change the default connection and transfer method
486 that @value{tramp} uses. There are several different methods that @value{tramp}
487 can use to connect to remote machines and transfer files
488 (@pxref{Connection types}).
490 If you don't know which method is right for you, see @xref{Default
495 * Connection types:: Types of connections made to remote machines.
496 * Inline methods:: Inline methods.
497 * External methods:: External methods.
499 * GVFS based methods:: GVFS based external methods.
502 * Gateway methods:: Gateway methods.
504 * Default Method:: Selecting a default method.
505 Here we also try to help those who
506 don't have the foggiest which method
508 * Default User:: Selecting a default user.
509 * Default Host:: Selecting a default host.
510 * Multi-hops:: Connecting to a remote host using multiple hops.
511 * Customizing Methods:: Using Non-Standard Methods.
512 * Customizing Completion:: Selecting config files for user/host name completion.
513 * Password handling:: Reusing passwords for several connections.
514 * Connection caching:: Reusing connection related information.
515 * Remote Programs:: How @value{tramp} finds and uses programs on the remote machine.
516 * Remote shell setup:: Remote shell setup hints.
517 * Windows setup hints:: Issues with Cygwin ssh.
518 * Auto-save and Backup:: Auto-save and Backup.
522 @node Connection types
523 @section Types of connections made to remote machines
524 @cindex connection types, overview
526 There are two basic types of transfer methods, each with its own
527 advantages and limitations. Both types of connection make use of a
528 remote shell access program such as @command{rsh}, @command{ssh} or
529 @command{telnet} to connect to the remote machine.
531 This connection is used to perform many of the operations that @value{tramp}
532 requires to make the remote file system transparently accessible from
533 the local machine. It is only when visiting files that the methods
536 @cindex inline methods
537 @cindex external methods
538 @cindex methods, inline
539 @cindex methods, external
540 Loading or saving a remote file requires that the content of the file
541 be transferred between the two machines. The content of the file can
542 be transferred using one of two methods: the @dfn{inline method} over
543 the same connection used to log in to the remote machine, or the
544 @dfn{external method} through another connection using a remote copy
545 program such as @command{rcp}, @command{scp} or @command{rsync}.
547 The performance of the external methods is generally better than that
548 of the inline methods, at least for large files. This is caused by
549 the need to encode and decode the data when transferring inline.
551 The one exception to this rule are the @command{scp} based transfer
552 methods. While these methods do see better performance when actually
553 transferring files, the overhead of the cryptographic negotiation at
554 startup may drown out the improvement in file transfer times.
556 External methods should be configured such a way that they don't
557 require a password (with @command{ssh-agent}, or such alike). Modern
558 @command{scp} implementations offer options to reuse existing
559 @command{ssh} connections, see method @command{scpc}. If it isn't
560 possible, you should consider @ref{Password handling}, otherwise you
561 will be prompted for a password every copy action.
565 @section Inline methods
566 @cindex inline methods
567 @cindex methods, inline
569 The inline methods in @value{tramp} are quite powerful and can work in
570 situations where you cannot use an external transfer program to connect.
571 Inline methods are the only methods that work when connecting to the
572 remote machine via telnet. (There are also strange inline methods which
573 allow you to transfer files between @emph{user identities} rather than
576 These methods depend on the existence of a suitable encoding and
577 decoding command on remote machine. Locally, @value{tramp} may be able to
578 use features of @value{emacsname} to decode and encode the files or
579 it may require access to external commands to perform that task.
583 @cindex base-64 encoding
584 @value{tramp} checks the availability and usability of commands like
585 @command{mimencode} (part of the @command{metamail} package) or
586 @command{uuencode} on the remote host. The first reliable command
587 will be used. The search path can be customized, see @ref{Remote
590 If both commands aren't available on the remote host, @value{tramp}
591 transfers a small piece of Perl code to the remote host, and tries to
592 apply it for encoding and decoding.
594 The variable @var{tramp-inline-compress-start-size} controls, whether
595 a file shall be compressed before encoding. This could increase
596 transfer speed for large text files.
604 Connect to the remote host with @command{rsh}. Due to the unsecure
605 connection it is recommended for very local host topology only.
607 On operating systems which provide the command @command{remsh} instead
608 of @command{rsh}, you can use the method @option{remsh}. This is true
609 for HP-UX or Cray UNICOS, for example.
616 Connect to the remote host with @command{ssh}. This is identical to
617 the previous option except that the @command{ssh} package is used,
618 making the connection more secure.
620 There are also two variants, @option{ssh1} and @option{ssh2}, that
621 call @samp{ssh -1} and @samp{ssh -2}, respectively. This way, you can
622 explicitly select whether you want to use the SSH protocol version 1
623 or 2 to connect to the remote host. (You can also specify in
624 @file{~/.ssh/config}, the SSH configuration file, which protocol
625 should be used, and use the regular @option{ssh} method.)
627 All the methods based on @command{ssh} have an additional feature: you
628 can specify a host name which looks like @file{host#42} (the real host
629 name, then a hash sign, then a port number). This means to connect to
630 the given host but to also pass @code{-p 42} as arguments to the
631 @command{ssh} command.
634 @item @option{telnet}
635 @cindex method telnet
636 @cindex telnet method
638 Connect to the remote host with @command{telnet}. This is as unsecure
639 as the @option{rsh} method.
646 This method does not connect to a remote host at all, rather it uses
647 the @command{su} program to allow you to edit files as another user.
648 That means, the specified host name in the file name must be either
649 @samp{localhost} or the host name as returned by the function
650 @command{(system-name)}. For an exception of this rule see
658 This is similar to the @option{su} method, but it uses @command{sudo}
659 rather than @command{su} to become a different user.
661 Note that @command{sudo} must be configured to allow you to start a
662 shell as the user. It would be nice if it was sufficient if
663 @command{ls} and @command{mimencode} were allowed, but that is not
664 easy to implement, so I haven't got around to it, yet.
671 As you would expect, this is similar to @option{ssh}, only a little
672 different. Whereas @option{ssh} opens a normal interactive shell on
673 the remote host, this option uses @samp{ssh -t -t @var{host} -l
674 @var{user} /bin/sh} to open a connection. This is useful for users
675 where the normal login shell is set up to ask them a number of
676 questions when logging in. This procedure avoids these questions, and
677 just gives @value{tramp} a more-or-less `standard' login shell to work
680 Note that this procedure does not eliminate questions asked by
681 @command{ssh} itself. For example, @command{ssh} might ask ``Are you
682 sure you want to continue connecting?'' if the host key of the remote
683 host is not known. @value{tramp} does not know how to deal with such a
684 question (yet), therefore you will need to make sure that you can log
685 in without such questions.
687 This is also useful for Windows users where @command{ssh}, when
688 invoked from an @value{emacsname} buffer, tells them that it is not
689 allocating a pseudo tty. When this happens, the login shell is wont
690 to not print any shell prompt, which confuses @value{tramp} mightily.
692 This supports the @samp{-p} argument.
695 @item @option{krlogin}
696 @cindex method krlogin
697 @cindex krlogin method
698 @cindex Kerberos (with krlogin method)
700 This method is also similar to @option{ssh}. It only uses the
701 @command{krlogin -x} command to log in to the remote host.
707 @cindex Kerberos (with ksu method)
709 This is another method from the Kerberos suite. It behaves like @option{su}.
716 This method is mostly interesting for Windows users using the PuTTY
717 implementation of SSH@. It uses @samp{plink -ssh} to log in to the
720 This supports the @samp{-P} argument.
722 Additionally, the methods @option{plink1} and @option{plink2} are
723 provided, which call @samp{plink -1 -ssh} or @samp{plink -2 -ssh} in
724 order to use SSH protocol version 1 or 2 explicitly.
726 CCC: Do we have to connect to the remote host once from the command
727 line to accept the SSH key? Maybe this can be made automatic?
729 CCC: Say something about the first shell command failing. This might
730 be due to a wrong setting of @code{tramp-rsh-end-of-line}.
733 @item @option{plinkx}
734 @cindex method plinkx
735 @cindex plinkx method
737 Another method using PuTTY on Windows. Instead of host names, it
738 expects PuTTY session names, calling @samp{plink -load @var{session}
739 -t"}. User names are relevant only in case the corresponding session
740 hasn't defined a user name. Different port numbers must be defined in
746 @node External methods
747 @section External methods
748 @cindex methods, external
749 @cindex external methods
751 The external methods operate through multiple channels, using the
752 remote shell connection for many actions while delegating file
753 transfers to an external transfer utility.
755 This saves the overhead of encoding and decoding that multiplexing the
756 transfer through the one connection has with the inline methods.
758 Since external methods need their own overhead opening a new channel,
759 all files which are smaller than @var{tramp-copy-size-limit} are still
760 transferred with the corresponding inline method. It should provide a
761 fair trade-off between both approaches.
764 @item @option{rcp}---@command{rsh} and @command{rcp}
767 @cindex rcp (with rcp method)
768 @cindex rsh (with rcp method)
770 This method uses the @command{rsh} and @command{rcp} commands to connect
771 to the remote machine and transfer files. This is probably the fastest
772 connection method available.
774 The alternative method @option{remcp} uses the @command{remsh} and
775 @command{rcp} commands. It should be applied on machines where
776 @command{remsh} is used instead of @command{rsh}.
779 @item @option{scp}---@command{ssh} and @command{scp}
782 @cindex scp (with scp method)
783 @cindex ssh (with scp method)
785 Using @command{ssh} to connect to the remote host and @command{scp} to
786 transfer files between the machines is the best method for securely
787 connecting to a remote machine and accessing files.
789 The performance of this option is also quite good. It may be slower than
790 the inline methods when you often open and close small files however.
791 The cost of the cryptographic handshake at the start of an @command{scp}
792 session can begin to absorb the advantage that the lack of encoding and
795 There are also two variants, @option{scp1} and @option{scp2}, that
796 call @samp{ssh -1} and @samp{ssh -2}, respectively. This way, you can
797 explicitly select whether you want to use the SSH protocol version 1
798 or 2 to connect to the remote host. (You can also specify in
799 @file{~/.ssh/config}, the SSH configuration file, which protocol
800 should be used, and use the regular @option{scp} method.)
802 All the @command{ssh} based methods support the @samp{-p} feature
803 where you can specify a port number to connect to in the host name.
804 For example, the host name @file{host#42} tells @value{tramp} to
805 specify @samp{-p 42} in the argument list for @command{ssh}, and to
806 specify @samp{-P 42} in the argument list for @command{scp}.
809 @item @option{sftp}---@command{ssh} and @command{sftp}
812 @cindex sftp (with sftp method)
813 @cindex ssh (with sftp method)
815 That is mostly the same method as @option{scp}, but using
816 @command{sftp} as transfer command. So the same remarks are valid.
818 This command does not work like @value{ftppackagename}, where
819 @command{ftp} is called interactively, and all commands are send from
820 within this session. Instead of, @command{ssh} is used for login.
822 This method supports the @samp{-p} argument.
825 @item @option{rsync}---@command{ssh} and @command{rsync}
828 @cindex rsync (with rsync method)
829 @cindex ssh (with rsync method)
831 Using the @command{ssh} command to connect securely to the remote
832 machine and the @command{rsync} command to transfer files is almost
833 identical to the @option{scp} method.
835 While @command{rsync} performs much better than @command{scp} when
836 transferring files that exist on both hosts, this advantage is lost if
837 the file exists only on one side of the connection. A file can exists
838 on both the remote and local host, when you copy a file from/to a
839 remote host. When you just open a file from the remote host (or write
840 a file there), a temporary file on the local side is kept as long as
841 the corresponding buffer, visiting this file, is alive.
843 This method supports the @samp{-p} argument.
846 @item @option{scpx}---@command{ssh} and @command{scp}
849 @cindex scp (with scpx method)
850 @cindex ssh (with scpx method)
852 As you would expect, this is similar to @option{scp}, only a little
853 different. Whereas @option{scp} opens a normal interactive shell on
854 the remote host, this option uses @samp{ssh -t -t @var{host} -l
855 @var{user} /bin/sh} to open a connection. This is useful for users
856 where the normal login shell is set up to ask them a number of
857 questions when logging in. This procedure avoids these questions, and
858 just gives @value{tramp} a more-or-less `standard' login shell to work
861 This is also useful for Windows users where @command{ssh}, when
862 invoked from an @value{emacsname} buffer, tells them that it is not
863 allocating a pseudo tty. When this happens, the login shell is wont
864 to not print any shell prompt, which confuses @value{tramp} mightily.
866 This method supports the @samp{-p} argument.
869 @item @option{scpc}---@command{ssh} and @command{scp}
872 @cindex scp (with scpc method)
873 @cindex ssh (with scpc method)
875 Newer versions of @option{ssh} (for example OpenSSH 4) offer an option
876 @option{ControlMaster}. This allows @option{scp} to reuse an existing
877 @option{ssh} channel, which increases performance.
879 Before you use this method, you should check whether your @option{ssh}
880 implementation supports this option. Try from the command line
883 ssh localhost -o ControlMaster=yes /bin/true
886 If that command succeeds silently, then you can use @option{scpc}; but
890 command-line: line 0: Bad configuration option: ControlMaster
893 then you cannot use it. Note, that the option
894 @option{ControlPersist}, if it is supported by your @option{ssh}
895 version, must be set to @option{no}.
897 This method supports the @samp{-p} argument.
900 @item @option{rsyncc}---@command{ssh} and @command{rsync}
901 @cindex method rsyncc
902 @cindex rsyncc method
903 @cindex rsync (with rsyncc method)
904 @cindex ssh (with rsyncc method)
906 Like the @option{scpc} method, @option{rsyncc} improves the underlying
907 @command{ssh} connection by the option @option{ControlMaster}. This
908 allows @command{rsync} to reuse an existing @command{ssh} channel,
909 which increases performance.
911 This method supports the @samp{-p} argument.
914 @item @option{pscp}---@command{plink} and @command{pscp}
917 @cindex pscp (with pscp method)
918 @cindex plink (with pscp method)
919 @cindex PuTTY (with pscp method)
921 This method is similar to @option{scp}, but it uses the
922 @command{plink} command to connect to the remote host, and it uses
923 @command{pscp} for transferring the files. These programs are part
924 of PuTTY, an SSH implementation for Windows.
926 This method supports the @samp{-P} argument.
929 @item @option{psftp}---@command{plink} and @command{psftp}
932 @cindex psftp (with psftp method)
933 @cindex plink (with psftp method)
934 @cindex PuTTY (with psftp method)
936 As you would expect, this method is similar to @option{sftp}, but it
937 uses the @command{plink} command to connect to the remote host, and it
938 uses @command{psftp} for transferring the files. These programs are
939 part of PuTTY, an SSH implementation for Windows.
941 This method supports the @samp{-P} argument.
944 @item @option{fcp}---@command{fsh} and @command{fcp}
947 @cindex fsh (with fcp method)
948 @cindex fcp (with fcp method)
950 This method is similar to @option{scp}, but it uses the @command{fsh}
951 command to connect to the remote host, and it uses @command{fcp} for
952 transferring the files. @command{fsh/fcp} are a front-end for
953 @command{ssh} which allow for reusing the same @command{ssh} session
954 for submitting several commands. This avoids the startup overhead of
955 @command{scp} (which has to establish a secure connection whenever it
956 is called). Note, however, that you can also use one of the inline
957 methods to achieve a similar effect.
959 This method uses the command @samp{fsh @var{host} -l @var{user}
960 /bin/sh -i} to establish the connection, it does not work to just say
961 @command{fsh @var{host} -l @var{user}}.
966 There is no inline method using @command{fsh} as the multiplexing
967 provided by the program is not very useful in our context. @value{tramp}
968 opens just one connection to the remote host and then keeps it open,
976 This is not a native @value{tramp} method. Instead, it forwards all
977 requests to @value{ftppackagename}.
979 This works only for unified filenames, see @ref{Issues}.
983 @item @option{smb}---@command{smbclient}
987 This is another not native @value{tramp} method. It uses the
988 @command{smbclient} command on different Unices in order to connect to
989 an SMB server. An SMB server might be a Samba (or CIFS) server on
990 another UNIX host or, more interesting, a host running MS Windows. So
991 far, it is tested against MS Windows NT, MS Windows 2000, MS Windows
992 XP, MS Windows Vista, and MS Windows 7.
994 The first directory in the localname must be a share name on the remote
995 host. Remember that the @code{$} character, in which default shares
996 usually end, must be written @code{$$} due to environment variable
997 substitution in file names. If no share name is given (i.e., remote
998 directory @code{/}), all available shares are listed.
1000 Since authorization is done on share level, you will always be
1001 prompted for a password if you access another share on the same host.
1002 This can be suppressed by @ref{Password handling}.
1004 For authorization, MS Windows uses both a user name and a domain name.
1005 Because of this, the @value{tramp} syntax has been extended: you can
1006 specify a user name which looks like @code{user%domain} (the real user
1007 name, then a percent sign, then the domain name). So, to connect to
1008 the machine @code{melancholia} as user @code{daniel} of the domain
1009 @code{BIZARRE}, and edit @file{.emacs} in the home directory (share
1010 @code{daniel$}) I would specify the filename @file{@trampfn{smb,
1011 daniel%BIZARRE, melancholia, /daniel$$/.emacs}}.
1013 Depending on the Windows domain configuration, a Windows user might be
1014 considered as domain user per default. In order to connect as local
1015 user, the WINS name of that machine must be given as domain name.
1016 Usually, it is the machine name in capital letters. In the example
1017 above, the local user @code{daniel} would be specified as
1018 @file{@trampfn{smb, daniel%MELANCHOLIA, melancholia, /daniel$$/.emacs}}.
1020 The domain name as well as the user name are optional. If no user
1021 name is specified at all, the anonymous user (without password
1022 prompting) is assumed. This is different from all other @value{tramp}
1023 methods, where in such a case the local user name is taken.
1025 The @option{smb} method supports the @samp{-p} argument.
1027 @strong{Please note:} If @value{emacsname} runs locally under MS
1028 Windows, this method isn't available. Instead, you can use UNC
1029 file names like @file{//melancholia/daniel$$/.emacs}. The only
1030 disadvantage is that there's no possibility to specify another user
1036 @node GVFS based methods
1037 @section GVFS based external methods
1038 @cindex methods, gvfs
1039 @cindex gvfs based methods
1042 The connection methods described in this section are based on GVFS
1043 @uref{http://en.wikipedia.org/wiki/GVFS}. Via GVFS, the remote
1044 filesystem is mounted locally through FUSE@. @value{tramp} uses
1045 this local mounted directory internally.
1047 The communication with GVFS is implemented via D-Bus messages.
1048 Therefore, your @value{emacsname} must have D-Bus integration,
1049 @pxref{Top, , D-Bus, dbus}.
1058 This method provides access to WebDAV files and directories. There
1059 exists also the external method @option{davs}, which uses SSL
1060 encryption for the access.
1062 Both methods support the port number specification as discussed above.
1069 OBEX is an FTP-like access protocol for simple devices, like cell
1070 phones. For the time being, @value{tramp} only supports OBEX over Bluetooth.
1073 @item @option{synce}
1074 @cindex method synce
1075 @cindex synce method
1077 The @option{synce} method allows communication with Windows Mobile
1078 devices. Beside GVFS for mounting remote files and directories via
1079 FUSE, it also needs the SYNCE-GVFS plugin.
1082 @defopt tramp-gvfs-methods
1083 This customer option, a list, defines the external methods which
1084 shall be used with GVFS@. Per default, these are @option{dav},
1085 @option{davs}, @option{obex} and @option{synce}. Other possible
1086 values are @option{ftp}, @option{sftp} and @option{smb}.
1092 @node Gateway methods
1093 @section Gateway methods
1094 @cindex methods, gateway
1095 @cindex gateway methods
1097 Gateway methods are not methods to access a remote host directly.
1098 These methods are intended to pass firewalls or proxy servers.
1099 Therefore, they can be used for proxy host declarations
1100 (@pxref{Multi-hops}) only.
1102 A gateway method must always come along with a method which supports
1103 port setting. This is because @value{tramp} targets the accompanied
1104 method to @file{localhost#random_port}, from where the firewall or
1105 proxy server is accessed.
1107 Gateway methods support user name and password declarations. These
1108 are used to authenticate towards the corresponding firewall or proxy
1109 server. They can be passed only if your friendly administrator has
1110 granted your access.
1113 @item @option{tunnel}
1114 @cindex method tunnel
1115 @cindex tunnel method
1117 This method implements an HTTP tunnel via the @command{CONNECT}
1118 command (see RFC 2616, 2817). Any HTTP 1.1 compliant (proxy) server
1119 shall support this command.
1121 As authentication method, only @option{Basic Authentication} (see RFC
1122 2617) is implemented so far. If no port number is given in the
1123 declaration, port @option{8080} is used for the proxy server.
1126 @item @option{socks}
1127 @cindex method socks
1128 @cindex socks method
1130 The @command{socks} method provides access to SOCKSv5 servers (see
1131 RFC 1928). @option{Username/Password Authentication} according to RFC
1134 The default port number of the socks server is @option{1080}, if not
1135 specified otherwise.
1141 @node Default Method
1142 @section Selecting a default method
1143 @cindex default method
1145 @vindex tramp-default-method
1146 When you select an appropriate transfer method for your typical usage
1147 you should set the variable @code{tramp-default-method} to reflect that
1148 choice. This variable controls which method will be used when a method
1149 is not specified in the @value{tramp} file name. For example:
1152 (setq tramp-default-method "ssh")
1155 @vindex tramp-default-method-alist
1156 You can also specify different methods for certain user/host
1157 combinations, via the variable @code{tramp-default-method-alist}. For
1158 example, the following two lines specify to use the @option{ssh}
1159 method for all user names matching @samp{john} and the @option{rsync}
1160 method for all host names matching @samp{lily}. The third line
1161 specifies to use the @option{su} method for the user @samp{root} on
1162 the machine @samp{localhost}.
1165 (add-to-list 'tramp-default-method-alist '("" "john" "ssh"))
1166 (add-to-list 'tramp-default-method-alist '("lily" "" "rsync"))
1167 (add-to-list 'tramp-default-method-alist
1168 '("\\`localhost\\'" "\\`root\\'" "su"))
1172 See the documentation for the variable
1173 @code{tramp-default-method-alist} for more details.
1175 External methods are normally preferable to inline methods, giving
1178 @xref{Inline methods}.
1179 @xref{External methods}.
1181 Another consideration with the selection of transfer methods is the
1182 environment you will use them in and, especially when used over the
1183 Internet, the security implications of your preferred method.
1185 The @option{rsh} and @option{telnet} methods send your password as
1186 plain text as you log in to the remote machine, as well as
1187 transferring the files in such a way that the content can easily be
1188 read from other machines.
1190 If you need to connect to remote systems that are accessible from the
1191 Internet, you should give serious thought to using @option{ssh} based
1192 methods to connect. These provide a much higher level of security,
1193 making it a non-trivial exercise for someone to obtain your password
1194 or read the content of the files you are editing.
1197 @subsection Which method is the right one for me?
1198 @cindex choosing the right method
1200 Given all of the above, you are probably thinking that this is all fine
1201 and good, but it's not helping you to choose a method! Right you are.
1202 As a developer, we don't want to boss our users around but give them
1203 maximum freedom instead. However, the reality is that some users would
1204 like to have some guidance, so here I'll try to give you this guidance
1205 without bossing you around. You tell me whether it works @dots{}
1207 My suggestion is to use an inline method. For large files, external
1208 methods might be more efficient, but I guess that most people will
1209 want to edit mostly small files. And if you access large text files,
1210 compression (driven by @var{tramp-inline-compress-start-size}) shall
1211 still result in good performance.
1213 I guess that these days, most people can access a remote machine by
1214 using @command{ssh}. So I suggest that you use the @option{ssh}
1215 method. So, type @kbd{C-x C-f @trampfn{ssh, root, otherhost,
1216 /etc/motd} @key{RET}} to edit the @file{/etc/motd} file on the other
1219 If you can't use @option{ssh} to log in to the remote host, then
1220 select a method that uses a program that works. For instance, Windows
1221 users might like the @option{plink} method which uses the PuTTY
1222 implementation of @command{ssh}. Or you use Kerberos and thus like
1225 For the special case of editing files on the local host as another
1226 user, see the @option{su} or @option{sudo} methods. They offer
1227 shortened syntax for the @samp{root} account, like
1228 @file{@trampfn{su, , , /etc/motd}}.
1230 People who edit large files may want to consider @option{scpc} instead
1231 of @option{ssh}, or @option{pscp} instead of @option{plink}. These
1232 external methods are faster than inline methods for large files.
1233 Note, however, that external methods suffer from some limitations.
1234 Please try first whether you really get a noticeable speed advantage
1235 from using an external method! Maybe even for large files, inline
1236 methods are fast enough.
1240 @section Selecting a default user
1241 @cindex default user
1243 The user part of a @value{tramp} file name can be omitted. Usually,
1244 it is replaced by the user name you are logged in. Often, this is not
1245 what you want. A typical use of @value{tramp} might be to edit some
1246 files with root permissions on the local host. This case, you should
1247 set the variable @code{tramp-default-user} to reflect that choice.
1251 (setq tramp-default-user "root")
1254 @code{tramp-default-user} is regarded as obsolete, and will be removed
1257 @vindex tramp-default-user-alist
1258 You can also specify different users for certain method/host
1259 combinations, via the variable @code{tramp-default-user-alist}. For
1260 example, if you always have to use the user @samp{john} in the domain
1261 @samp{somewhere.else}, you can specify the following:
1264 (add-to-list 'tramp-default-user-alist
1265 '("ssh" ".*\\.somewhere\\.else\\'" "john"))
1269 See the documentation for the variable
1270 @code{tramp-default-user-alist} for more details.
1272 One trap to fall in must be known. If @value{tramp} finds a default
1273 user, this user will be passed always to the connection command as
1274 parameter (for example @command{ssh here.somewhere.else -l john}. If
1275 you have specified another user for your command in its configuration
1276 files, @value{tramp} cannot know it, and the remote access will fail.
1277 If you have specified in the given example in @file{~/.ssh/config} the
1281 Host here.somewhere.else
1286 than you must discard selecting a default user by @value{tramp}. This
1287 will be done by setting it to @code{nil} (or @samp{lily}, likewise):
1290 (add-to-list 'tramp-default-user-alist
1291 '("ssh" "\\`here\\.somewhere\\.else\\'" nil))
1294 The last entry in @code{tramp-default-user-alist} could be your
1295 default user you'll apply predominantly. You shall @emph{append} it
1296 to that list at the end:
1299 (add-to-list 'tramp-default-user-alist '(nil nil "jonas") t)
1304 @section Selecting a default host
1305 @cindex default host
1307 @vindex tramp-default-host
1308 Finally, it is even possible to omit the host name part of a
1309 @value{tramp} file name. This case, the value of the variable
1310 @code{tramp-default-host} is used. Per default, it is initialized
1311 with the host name your local @value{emacsname} is running.
1313 If you, for example, use @value{tramp} mainly to contact the host
1314 @samp{target} as user @samp{john}, you can specify:
1317 (setq tramp-default-user "john"
1318 tramp-default-host "target")
1321 Then the simple file name @samp{@trampfn{ssh, , ,}} will connect you
1322 to John's home directory on target.
1324 Note, however, that the most simplification @samp{/::} won't work,
1325 because @samp{/:} is the prefix for quoted file names.
1330 @section Connecting to a remote host using multiple hops
1334 Sometimes, the methods described before are not sufficient.
1335 Sometimes, it is not possible to connect to a remote host using a
1336 simple command. For example, if you are in a secured network, you
1337 might have to log in to a bastion host first before you can connect to
1338 the outside world. Of course, the target host may also require a
1341 @vindex tramp-default-proxies-alist
1342 @defopt tramp-default-proxies-alist
1343 In order to specify multiple hops, it is possible to define a proxy
1344 host to pass through, via the variable
1345 @code{tramp-default-proxies-alist}. This variable keeps a list of
1346 triples (@var{host} @var{user} @var{proxy}).
1348 The first matching item specifies the proxy host to be passed for a
1349 file name located on a remote target matching @var{user}@@@var{host}.
1350 @var{host} and @var{user} are regular expressions or @code{nil}, which
1351 is interpreted as a regular expression which always matches.
1353 @var{proxy} must be a Tramp filename which localname part is ignored.
1354 Method and user name on @var{proxy} are optional, which is interpreted
1355 with the default values.
1357 The method must be an inline or gateway method (@pxref{Inline
1358 methods}, @pxref{Gateway methods}).
1361 The method must be an inline method (@pxref{Inline methods}).
1363 If @var{proxy} is @code{nil}, no additional hop is required reaching
1364 @var{user}@@@var{host}.
1366 If you, for example, must pass the host @samp{bastion.your.domain} as
1367 user @samp{bird} for any remote host which is not located in your local
1371 (add-to-list 'tramp-default-proxies-alist
1372 '("\\." nil "@trampfn{ssh, bird, bastion.your.domain,}"))
1373 (add-to-list 'tramp-default-proxies-alist
1374 '("\\.your\\.domain\\'" nil nil))
1377 Please note the order of the code. @code{add-to-list} adds elements at the
1378 beginning of a list. Therefore, most relevant rules must be added last.
1380 Proxy hosts can be cascaded. If there is another host called
1381 @samp{jump.your.domain}, which is the only one in your local domain who
1382 is allowed connecting @samp{bastion.your.domain}, you can add another
1386 (add-to-list 'tramp-default-proxies-alist
1387 '("\\`bastion\\.your\\.domain\\'"
1389 "@trampfn{ssh, , jump.your.domain,}"))
1392 @var{proxy} can contain the patterns @code{%h} or @code{%u}. These
1393 patterns are replaced by the strings matching @var{host} or
1394 @var{user}, respectively.
1396 If you, for example, wants to work as @samp{root} on hosts in the
1397 domain @samp{your.domain}, but login as @samp{root} is disabled for
1398 non-local access, you might add the following rule:
1401 (add-to-list 'tramp-default-proxies-alist
1402 '("\\.your\\.domain\\'" "\\`root\\'" "@trampfn{ssh, , %h,}"))
1405 Opening @file{@trampfn{sudo, , randomhost.your.domain,}} would connect
1406 first @samp{randomhost.your.domain} via @code{ssh} under your account
1407 name, and perform @code{sudo -u root} on that host afterwards. It is
1408 important to know that the given method is applied on the host which
1409 has been reached so far. @code{sudo -u root}, applied on your local
1410 host, wouldn't be useful here.
1412 @var{host}, @var{user} and @var{proxy} can also be Lisp forms. These
1413 forms are evaluated, and must return a string, or @code{nil}. The
1414 previous example could be generalized then: For all hosts except my
1415 local one connect via @command{ssh} first, and apply @command{sudo -u
1419 (add-to-list 'tramp-default-proxies-alist
1420 '(nil "\\`root\\'" "@trampfn{ssh, , %h,}"))
1421 (add-to-list 'tramp-default-proxies-alist
1422 '((regexp-quote (system-name)) nil nil))
1425 This is the recommended configuration to work as @samp{root} on remote
1429 Finally, @code{tramp-default-proxies-alist} can be used to pass
1430 firewalls or proxy servers. Imagine your local network has a host
1431 @samp{proxy.your.domain} which is used on port 3128 as HTTP proxy to
1432 the outer world. Your friendly administrator has granted you access
1433 under your user name to @samp{host.other.domain} on that proxy
1434 server.@footnote{HTTP tunnels are intended for secure SSL/TLS
1435 communication. Therefore, many proxy server restrict the tunnels to
1436 related target ports. You might need to run your ssh server on your
1437 target host @samp{host.other.domain} on such a port, like 443 (https).
1438 See @uref{http://savannah.gnu.org/maintenance/CvsFromBehindFirewall}
1439 for discussion of ethical issues.} You would need to add the
1443 (add-to-list 'tramp-default-proxies-alist
1444 '("\\`host\\.other\\.domain\\'" nil
1445 "@trampfn{tunnel, , proxy.your.domain#3128,}"))
1448 Gateway methods can be declared as first hop only in a multiple hop
1453 Hops to be passed tend to be restricted firewalls and alike.
1454 Sometimes they offer limited features only, like running @command{rbash}
1455 (restricted bash). This must be told to @value{tramp}.
1457 @vindex tramp-restricted-shell-hosts-alist
1458 @defopt tramp-restricted-shell-hosts-alist
1459 This variable keeps a list of regular expressions, which denote hosts
1460 running a registered shell like "rbash". Those hosts can be used as
1463 If the bastion host from the example above runs a restricted shell,
1467 (add-to-list 'tramp-restricted-shell-hosts-alist
1468 "\\`bastion\\.your\\.domain\\'")
1473 @node Customizing Methods
1474 @section Using Non-Standard Methods
1475 @cindex customizing methods
1476 @cindex using non-standard methods
1477 @cindex create your own methods
1479 There is a variable @code{tramp-methods} which you can change if the
1480 predefined methods don't seem right.
1482 For the time being, I'll refer you to the Lisp documentation of that
1483 variable, accessible with @kbd{C-h v tramp-methods @key{RET}}.
1486 @node Customizing Completion
1487 @section Selecting config files for user/host name completion
1488 @cindex customizing completion
1489 @cindex selecting config files
1490 @vindex tramp-completion-function-alist
1492 The variable @code{tramp-completion-function-alist} is intended to
1493 customize which files are taken into account for user and host name
1494 completion (@pxref{Filename completion}). For every method, it keeps
1495 a set of configuration files, accompanied by a Lisp function able to
1496 parse that file. Entries in @code{tramp-completion-function-alist}
1497 have the form (@var{method} @var{pair1} @var{pair2} ...).
1499 Each @var{pair} is composed of (@var{function} @var{file}).
1500 @var{function} is responsible to extract user names and host names
1501 from @var{file} for completion. There are two functions which access
1504 @defun tramp-get-completion-function method
1505 This function returns the list of completion functions for @var{method}.
1509 (tramp-get-completion-function "rsh")
1511 @result{} ((tramp-parse-rhosts "/etc/hosts.equiv")
1512 (tramp-parse-rhosts "~/.rhosts"))
1516 @defun tramp-set-completion-function method function-list
1517 This function sets @var{function-list} as list of completion functions
1522 (tramp-set-completion-function "ssh"
1523 '((tramp-parse-sconfig "/etc/ssh_config")
1524 (tramp-parse-sconfig "~/.ssh/config")))
1526 @result{} ((tramp-parse-sconfig "/etc/ssh_config")
1527 (tramp-parse-sconfig "~/.ssh/config"))
1531 The following predefined functions parsing configuration files exist:
1534 @item @code{tramp-parse-rhosts}
1535 @findex tramp-parse-rhosts
1537 This function parses files which are syntactical equivalent to
1538 @file{~/.rhosts}. It returns both host names and user names, if
1541 @item @code{tramp-parse-shosts}
1542 @findex tramp-parse-shosts
1544 This function parses files which are syntactical equivalent to
1545 @file{~/.ssh/known_hosts}. Since there are no user names specified
1546 in such files, it can return host names only.
1548 @item @code{tramp-parse-sconfig}
1549 @findex tramp-parse-shosts
1551 This function returns the host nicknames defined by @code{Host} entries
1552 in @file{~/.ssh/config} style files.
1554 @item @code{tramp-parse-shostkeys}
1555 @findex tramp-parse-shostkeys
1557 SSH2 parsing of directories @file{/etc/ssh2/hostkeys/*} and
1558 @file{~/ssh2/hostkeys/*}. Hosts are coded in file names
1559 @file{hostkey_@var{portnumber}_@var{host-name}.pub}. User names
1560 are always @code{nil}.
1562 @item @code{tramp-parse-sknownhosts}
1563 @findex tramp-parse-shostkeys
1565 Another SSH2 style parsing of directories like
1566 @file{/etc/ssh2/knownhosts/*} and @file{~/ssh2/knownhosts/*}. This
1567 case, hosts names are coded in file names
1568 @file{@var{host-name}.@var{algorithm}.pub}. User names are always @code{nil}.
1570 @item @code{tramp-parse-hosts}
1571 @findex tramp-parse-hosts
1573 A function dedicated to @file{/etc/hosts} style files. It returns
1576 @item @code{tramp-parse-passwd}
1577 @findex tramp-parse-passwd
1579 A function which parses @file{/etc/passwd} like files. Obviously, it
1580 can return user names only.
1582 @item @code{tramp-parse-netrc}
1583 @findex tramp-parse-netrc
1585 Finally, a function which parses @file{~/.netrc} like files. This
1586 includes also @file{~/.authinfo}-style files.
1589 If you want to keep your own data in a file, with your own structure,
1590 you might provide such a function as well. This function must meet
1591 the following conventions:
1593 @defun my-tramp-parse file
1594 @var{file} must be either a file name on your host, or @code{nil}.
1595 The function must return a list of (@var{user} @var{host}), which are
1596 taken as candidates for user and host name completion.
1600 (my-tramp-parse "~/.my-tramp-hosts")
1602 @result{} ((nil "toto") ("daniel" "melancholia"))
1607 @node Password handling
1608 @section Reusing passwords for several connections
1611 Sometimes it is necessary to connect to the same remote host several
1612 times. Reentering passwords again and again would be annoying, when
1613 the chosen method does not support access without password prompt
1614 through own configuration.
1616 The best recommendation is to use the method's own mechanism for
1617 password handling. Consider @command{ssh-agent} for @option{ssh}-like
1618 methods, or @command{pageant} for @option{plink}-like methods.
1620 However, if you cannot apply such native password handling,
1621 @value{tramp} offers alternatives.
1624 @anchor{Using an authentication file}
1625 @subsection Using an authentication file
1627 @vindex auth-sources
1628 The package @file{auth-source.el}, originally developed in No Gnus,
1629 offers the possibility to read passwords from a file, like FTP does it
1630 from @file{~/.netrc}. The default authentication file is
1631 @file{~/.authinfo.gpg}, this can be changed via the variable
1632 @code{auth-sources}.
1635 A typical entry in the authentication file would be
1638 machine melancholia port scp login daniel password geheim
1641 The port can be any @value{tramp} method (@pxref{Inline methods},
1642 @pxref{External methods}), to match only this method. When you omit
1643 the port, you match all @value{tramp} methods.
1645 In case of problems, setting @code{auth-source-debug} to @code{t}
1646 gives useful debug messages.
1649 @anchor{Caching passwords}
1650 @subsection Caching passwords
1652 If there is no authentication file, @value{tramp} caches the passwords
1653 entered by you. They will be reused next time if a connection needs
1654 them for the same user name and host name, independently of the
1657 @vindex password-cache-expiry
1658 Passwords are not saved permanently, that means the password caching
1659 is limited to the lifetime of your @value{emacsname} session. You
1660 can influence the lifetime of password caching by customizing the
1661 variable @code{password-cache-expiry}. The value is the number of
1662 seconds how long passwords are cached. Setting it to @code{nil}
1663 disables the expiration.
1665 @vindex password-cache
1666 If you don't like this feature for security reasons, password caching
1667 can be disabled totally by customizing the variable
1668 @code{password-cache} (setting it to @code{nil}).
1670 Implementation Note: password caching is based on the package
1671 @file{password-cache.el}. For the time being, it is activated only
1672 when this package is seen in the @code{load-path} while loading
1674 @ifset installchapter
1675 If you don't use No Gnus, you can take @file{password.el} from the
1676 @value{tramp} @file{contrib} directory, see @ref{Installation
1681 @node Connection caching
1682 @section Reusing connection related information
1685 @vindex tramp-persistency-file-name
1686 In order to reduce initial connection time, @value{tramp} stores
1687 connection related information persistently. The variable
1688 @code{tramp-persistency-file-name} keeps the file name where these
1689 information are written. Its default value is
1691 @file{~/.emacs.d/tramp}.
1694 @file{~/.xemacs/tramp}.
1696 It is recommended to choose a local file name.
1698 @value{tramp} reads this file during startup, and writes it when
1699 exiting @value{emacsname}. You can simply remove this file if
1700 @value{tramp} shall be urged to recompute these information next
1701 @value{emacsname} startup time.
1703 Using such persistent information can be disabled by setting
1704 @code{tramp-persistency-file-name} to @code{nil}.
1706 Once consequence of reusing connection related information is that
1707 @var{tramp} needs to distinguish hosts. If you, for example, run a
1708 local @code{sshd} on port 3001, which tunnels @command{ssh} to another
1709 host, you could access both @file{@trampfn{ssh, , localhost,}} and
1710 @file{@trampfn{ssh, , localhost#3001,}}. @var{tramp} would use the
1711 same host related information (like paths, Perl variants, etc) for
1712 both connections, although the information is valid only for one of
1715 In order to avoid trouble, you must use another host name for one of
1716 the connections, like introducing a @option{Host} section in
1717 @file{~/.ssh/config} (@pxref{Frequently Asked Questions}) or applying
1718 multiple hops (@pxref{Multi-hops}).
1720 When @value{tramp} detects a changed operating system version on a
1721 remote host (via the command @command{uname -sr}), it flushes all
1722 connection related information for this host, and opens the
1726 @node Remote Programs
1727 @section How @value{tramp} finds and uses programs on the remote machine
1729 @value{tramp} depends on a number of programs on the remote host in order to
1730 function, including @command{ls}, @command{test}, @command{find} and
1733 In addition to these required tools, there are various tools that may be
1734 required based on the connection method. See @ref{Inline methods} and
1735 @ref{External methods} for details on these.
1737 Certain other tools, such as @command{perl} (or @command{perl5}) and
1738 @command{grep} will be used if they can be found. When they are
1739 available, they are used to improve the performance and accuracy of
1742 @vindex tramp-remote-path
1743 @vindex tramp-default-remote-path
1744 @vindex tramp-own-remote-path
1745 @defopt tramp-remote-path
1746 When @value{tramp} connects to the remote machine, it searches for the
1747 programs that it can use. The variable @code{tramp-remote-path}
1748 controls the directories searched on the remote machine.
1750 By default, this is set to a reasonable set of defaults for most
1751 machines. The symbol @code{tramp-default-remote-path} is a place
1752 holder, it is replaced by the list of directories received via the
1753 command @command{getconf PATH} on your remote machine. For example,
1754 on Debian GNU/Linux this is @file{/bin:/usr/bin}, whereas on Solaris
1755 this is @file{/usr/xpg4/bin:/usr/ccs/bin:/usr/bin:/opt/SUNWspro/bin}.
1756 It is recommended to apply this symbol on top of
1757 @code{tramp-remote-path}.
1759 It is possible, however, that your local (or remote ;) system
1760 administrator has put the tools you want in some obscure local
1763 In this case, you can still use them with @value{tramp}. You simply
1764 need to add code to your @file{.emacs} to add the directory to the
1765 remote path. This will then be searched by @value{tramp} when you
1766 connect and the software found.
1768 To add a directory to the remote search path, you could use code such
1772 @i{;; We load @value{tramp} to define the variable.}
1774 @i{;; We have @command{perl} in "/usr/local/perl/bin"}
1775 (add-to-list 'tramp-remote-path "/usr/local/perl/bin")
1778 Another possibility is to reuse the path settings of your remote
1779 account when you log in. Usually, these settings are overwritten,
1780 because they might not be useful for @value{tramp}. The place holder
1781 @code{tramp-own-remote-path} preserves these settings. You can
1785 (add-to-list 'tramp-remote-path 'tramp-own-remote-path)
1789 @value{tramp} caches several information, like the Perl binary
1790 location. The changed remote search path wouldn't affect these
1791 settings. In order to force @value{tramp} to recompute these values,
1792 you must exit @value{emacsname}, remove your persistency file
1793 (@pxref{Connection caching}), and restart @value{emacsname}.
1796 @node Remote shell setup
1797 @section Remote shell setup hints
1798 @cindex remote shell setup
1799 @cindex @file{.profile} file
1800 @cindex @file{.login} file
1801 @cindex shell init files
1803 As explained in the @ref{Overview} section, @value{tramp} connects to the
1804 remote host and talks to the shell it finds there. Of course, when you
1805 log in, the shell executes its init files. Suppose your init file
1806 requires you to enter the birth date of your mother; clearly @value{tramp}
1807 does not know this and hence fails to log you in to that host.
1809 There are different possible strategies for pursuing this problem. One
1810 strategy is to enable @value{tramp} to deal with all possible situations.
1811 This is a losing battle, since it is not possible to deal with
1812 @emph{all} situations. The other strategy is to require you to set up
1813 the remote host such that it behaves like @value{tramp} expects. This might
1814 be inconvenient because you have to invest a lot of effort into shell
1815 setup before you can begin to use @value{tramp}.
1817 The package, therefore, pursues a combined approach. It tries to
1818 figure out some of the more common setups, and only requires you to
1819 avoid really exotic stuff. For example, it looks through a list of
1820 directories to find some programs on the remote host. And also, it
1821 knows that it is not obvious how to check whether a file exists, and
1822 therefore it tries different possibilities. (On some hosts and
1823 shells, the command @command{test -e} does the trick, on some hosts
1824 the shell builtin doesn't work but the program @command{/usr/bin/test
1825 -e} or @command{/bin/test -e} works. And on still other hosts,
1826 @command{ls -d} is the right way to do this.)
1828 Below you find a discussion of a few things that @value{tramp} does not deal
1829 with, and that you therefore have to set up correctly.
1832 @item @var{shell-prompt-pattern}
1833 @vindex shell-prompt-pattern
1835 After logging in to the remote host, @value{tramp} has to wait for the remote
1836 shell startup to finish before it can send commands to the remote
1837 shell. The strategy here is to wait for the shell prompt. In order to
1838 recognize the shell prompt, the variable @code{shell-prompt-pattern} has
1839 to be set correctly to recognize the shell prompt on the remote host.
1841 Note that @value{tramp} requires the match for @code{shell-prompt-pattern}
1842 to be at the end of the buffer. Many people have something like the
1843 following as the value for the variable: @code{"^[^>$][>$] *"}. Now
1844 suppose your shell prompt is @code{a <b> c $ }. In this case,
1845 @value{tramp} recognizes the @code{>} character as the end of the prompt,
1846 but it is not at the end of the buffer.
1848 @item @var{tramp-shell-prompt-pattern}
1849 @vindex tramp-shell-prompt-pattern
1851 This regular expression is used by @value{tramp} in the same way as
1852 @code{shell-prompt-pattern}, to match prompts from the remote shell.
1853 This second variable exists because the prompt from the remote shell
1854 might be different from the prompt from a local shell---after all,
1855 the whole point of @value{tramp} is to log in to remote hosts as a
1856 different user. The default value of
1857 @code{tramp-shell-prompt-pattern} is the same as the default value of
1858 @code{shell-prompt-pattern}, which is reported to work well in many
1861 @item @var{tramp-password-prompt-regexp}
1862 @vindex tramp-password-prompt-regexp
1863 @vindex tramp-wrong-passwd-regexp
1865 During login, @value{tramp} might be forced to enter a password or a
1866 passphrase. The difference between both is that a password is
1867 requested from the shell on the remote host, while a passphrase is
1868 needed for accessing local authentication information, like your ssh
1871 @var{tramp-password-prompt-regexp} handles the detection of such
1872 requests for English environments. When you use another localization
1873 of your (local or remote) host, you might need to adapt this. Example:
1877 tramp-password-prompt-regexp
1881 '("passphrase" "Passphrase"
1883 "password" "Password"
1885 "passwort" "Passwort"
1887 "mot de passe" "Mot de passe") t)