emacs/doc/misc/tramp.texi

6707 lines
225 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

\input texinfo @c -*- mode: texinfo; coding: utf-8 -*-
@setfilename ../../info/tramp.info
@c %**start of header
@include docstyle.texi
@c In the Tramp GIT, the version number and the bug report address
@c are auto-frobbed from configure.ac.
@include trampver.texi
@settitle @value{tramp} @value{trampver} User Manual
@c %**end of header
@c This is *so* much nicer :)
@footnotestyle end
@copying
Copyright @copyright{} 1999--2024 Free Software Foundation, Inc.
@quotation
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
any later version published by the Free Software Foundation; with no
Invariant Sections, with the Front-Cover Texts being ``A GNU Manual'',
and with the Back-Cover Texts as in (a) below. A copy of the license
is included in the section entitled ``GNU Free Documentation License''.
(a) The FSF's Back-Cover Text is: ``You have the freedom to
copy and modify this GNU manual.''
@end quotation
@end copying
@c Entries for @command{install-info} to use. We cannot use @value{tramp}.
@dircategory Emacs network features
@direntry
* Tramp: (tramp). Transparent Remote Access, Multiple Protocol
Emacs remote file access via ssh and scp.
@end direntry
@titlepage
@title @value{tramp} @value{trampver} User Manual
@author by Daniel Pittman
@author based on documentation by Kai Großjohann
@end titlepage
@contents
@node Top, Overview, (dir), (dir)
@top @value{tramp} @value{trampver} User Manual
This file documents @w{@value{tramp} @value{trampver}}, a remote file
editing package for Emacs.
@value{tramp} stands for ``Transparent Remote (file) Access, Multiple
Protocol''. This package provides an easy, convenient, and consistent
interface to editing remote files transparently, just as if they are
local files. This extends to editing, version control, @code{dired},
and more.
You can find the latest version of this document on the web at
@uref{@value{trampurl}}.
@ifhtml
The latest release of @value{tramp} is available for
@uref{https://ftp.gnu.org/gnu/tramp/, download}, or you may see
@ref{Obtaining @value{tramp}} for more details, including the Git
server details.
@value{tramp} also has a @uref{https://savannah.gnu.org/projects/tramp/,
Savannah Project Page}.
@end ifhtml
There is a mailing list for @value{tramp}, available at
@email{@value{tramp-bug-report-address}}, and archived at
@uref{https://lists.gnu.org/r/tramp-devel/, the @value{tramp} Mail
Archive}.
@page
@insertcopying
@menu
* Overview:: What @value{tramp} can and cannot do.
For the end user:
* Obtaining @value{tramp}:: How to obtain @value{tramp}.
@ifset installchapter
* Installation:: Installing @value{tramp} with your Emacs.
@end ifset
* Quick Start Guide:: Short introduction how to use @value{tramp}.
* Configuration:: Configuring @value{tramp} for use.
* Usage:: An overview of the operation of @value{tramp}.
* Bug Reports:: Reporting Bugs and Problems.
* Frequently Asked Questions:: Questions and answers from the mailing list.
For the developer:
* Files directories and localnames::
How file names, directories and localnames
are mangled and managed.
* Traces and Profiles:: How to Customize Traces.
* GNU Free Documentation License:: The license for this documentation.
* Function Index:: @value{tramp} functions.
* Variable Index:: User options and variables.
* Concept Index:: An item for each concept.
@detailmenu
--- The Detailed Node Listing ---
@c
@ifset installchapter
Installing @value{tramp} with your Emacs
* System Requirements:: Prerequisites for @value{tramp} installation.
* Basic Installation:: Installation steps.
* Installation parameters:: Parameters in order to control installation.
* Testing:: A test suite for @value{tramp}.
* Load paths:: How to plug-in @value{tramp} into your environment.
@end ifset
Configuring @value{tramp} for use
* Optional methods:: Optional methods which must be enabled first.
* Connection types:: Types of connections to remote hosts.
* Inline methods:: Inline methods.
* External methods:: External methods.
* GVFS-based methods:: @acronym{GVFS}-based external methods.
* FUSE-based methods:: @acronym{FUSE}-based external methods.
* Default Method:: Selecting a default method.
* Default User:: Selecting a default user.
* Default Host:: Selecting a default host.
* Multi-hops:: Connecting to a remote host using multiple hops.
* Firewalls:: Passing firewalls.
* Customizing Methods:: Using Non-Standard Methods.
* Customizing Completion:: Selecting config files for user/host name @c
completion.
* Password handling:: Reusing passwords for several connections.
* Connection caching:: Reusing connection related information.
* Predefined connection information::
Setting own connection related information.
* Remote programs:: How @value{tramp} finds and uses programs @c
on the remote host.
* Remote shell setup:: Remote shell setup hints.
* Ssh setup:: Ssh setup hints.
* FUSE setup:: @acronym{FUSE} setup hints.
* Android shell setup:: Android shell setup hints.
* Kubernetes setup:: Kubernetes setup hints.
* Auto-save File Lock and Backup::
Auto-save, File Lock and Backup.
* Keeping files encrypted:: Protect remote files by encryption.
Using @value{tramp}
* File name syntax:: @value{tramp} file name conventions.
@ifset unified
* Change file name syntax:: Alternative file name syntax.
@end ifset
* File name completion:: File name completion.
* Ad-hoc multi-hops:: Declaring multiple hops in the file name.
* Home directories:: Expanding @file{~} to home directory.
* Remote processes:: Integration with other Emacs packages.
* Cleanup remote connections:: Cleanup remote connections.
* Renaming remote files:: Renaming remote files.
* Archive file names:: Access to files in file archives.
How file names, directories and localnames are mangled and managed
* Temporary directory:: Where temporary files are kept.
* Localname deconstruction:: Breaking a localname into its components.
* External packages:: Integration with external Lisp packages.
* Extension packages:: Adding new methods to @value{tramp}.
@end detailmenu
@end menu
@node Overview
@chapter An overview of @value{tramp}
@cindex overview
@value{tramp} is for transparently accessing remote files from within
Emacs. @value{tramp} enables an easy, convenient, and consistent
interface to remote files as if they are local files. @value{tramp}'s
transparency extends to editing, version control, and @code{dired}.
@value{tramp} can access remote hosts using any number of access
methods, such as @command{ssh}, @command{scp}, @command{telnet}, and
related programs. If these programs can successfully pass
@acronym{ASCII} characters, @value{tramp} can use them. @value{tramp}
does not require or mandate 8-bit clean connections.
@value{tramp}'s most common access method is through @command{ssh}, a
more secure alternative to @command{ftp} and other older access
methods.
@value{tramp} on MS Windows operating systems is integrated with the
PuTTY package, and uses the @command{plink} program.
@value{tramp} mostly operates transparently in the background using
the connection programs. As long as these programs enable remote login
and can use the terminal, @value{tramp} can adapt them for seamless
and transparent access.
@value{tramp} temporarily transfers a remote file's contents to the
local host editing and related operations. @value{tramp} can also
transfer files between hosts using standard Emacs interfaces, a
benefit of direct integration of @value{tramp} in Emacs.
@value{tramp} can transfer files using any number of available host
programs for remote files, such as @command{rcp}, @command{scp},
@command{rsync} or (under MS Windows) @command{pscp}. @value{tramp}
provides easy ways to specify these programs and customize them to
specific files, hosts, or access methods.
For faster small-size file transfers, @value{tramp} supports encoded
transfers directly through the shell using @command{mimencode} or
@command{uuencode} provided such tools are available on the remote
host.
@subsubheading @value{tramp} behind the scenes
@cindex behind the scenes
@cindex details of operation
@cindex how it works
Accessing a remote file through @value{tramp} entails a series of
actions, many of which are transparent to the user. Yet some actions
may require user response (such as entering passwords or completing
file names). One typical scenario, opening a file on a remote host, is
presented here to illustrate the steps involved:
@kbd{C-x C-f} to initiate find-file, enter part of the @value{tramp}
file name, then hit @kbd{@key{TAB}} for completion. If this is the
first time connecting to that host, here's what happens:
@itemize
@item
@value{tramp} invokes @samp{telnet @var{host}} or @samp{ssh -l
@var{user} @var{host}} and establishes an external process to connect
to the remote host. @value{tramp} communicates with the process
through an Emacs buffer, which also shows output from the remote host.
@item
The remote host may prompt for a login name (for @command{telnet}, for
example) in the buffer. If on the other hand, the login name was
included in the file name portion, @value{tramp} sends the login name
followed by a newline.
@item
The remote host may then prompt for a password or passphrase (for
@command{ssh} or for @command{telnet}). @value{tramp} displays the
password prompt in the minibuffer. @value{tramp} then sends whatever
is entered to the remote host, followed by a newline.
@item
@value{tramp} now waits for either the shell prompt or a failed login
message.
If @value{tramp} does not receive any messages within a timeout period
(a minute, for example), then @value{tramp} responds with an error
message about not finding the remote shell prompt. If there are any
messages from the remote host, @value{tramp} displays them in the
buffer.
For any @samp{login failed} message from the remote host,
@value{tramp} aborts the login attempt, and repeats the login steps.
@item
Upon successful login, if @value{tramp} recognizes the shell prompt
from the remote host, @value{tramp} prepares the shell environment by
turning off echoing, setting the shell prompt, and other housekeeping
chores.
@strong{Note} that for the remote shell, @value{tramp} invokes
@command{/bin/sh}. The remote host must recognize @samp{exec /bin/sh}
and execute the appropriate shell. This shell must support Bourne
shell syntax.
@item
@value{tramp} executes @command{cd} and @command{ls} commands to find
which files exist on the remote host. @value{tramp} sometimes uses
@command{echo} with globbing. @value{tramp} checks if a file or
directory is writable with @command{test}. After each command,
@value{tramp} parses the output from the remote host for completing
the next operation.
@item
After remote file name completion, @value{tramp} transfers the file
contents from the remote host.
For inline transfers, @value{tramp} sends a command, such as
@samp{mimencode -b /path/to/remote/file}, waits until the output has
accumulated in the buffer, then decodes that output to produce the
file's contents.
For external transfers, @value{tramp} sends a command as follows:
@example
$ scp user@@host:/path/to/remote/file <TMP>/tramp.4711
@end example
@value{tramp} reads the local temporary file @file{<TMP>/tramp.4711}
into a buffer, and then deletes the temporary
file.@footnote{@ref{Temporary directory}}
@item
Edit, modify, change the buffer contents as normal, and then save the
buffer with @kbd{C-x C-s}.
@item
@value{tramp} transfers the buffer contents to the remote host in
a reverse of the process using the appropriate inline or external
program.
@end itemize
I hope this has provided you with a basic overview of what happens
behind the scenes when you open a file with @value{tramp}.
@c For the end user.
@node Obtaining @value{tramp}
@chapter Obtaining @value{tramp}
@cindex obtaining @value{tramp}
@cindex GNU ELPA
@vindex tramp-version
@value{tramp} is included as part of Emacs.
@value{tramp} is also freely packaged for download on the Internet at
@uref{https://ftp.gnu.org/gnu/tramp/}. The version number of
@value{tramp} can be obtained by the variable @code{tramp-version}.
For released @value{tramp} versions, this is a three-number string
like ``2.4.5''.
A @value{tramp} release, which is packaged with Emacs, could differ
slightly from the corresponding standalone release. This is because
it isn't always possible to synchronize release dates between Emacs
and @value{tramp}. Such version numbers have the Emacs version number
as suffix, like ``2.4.5.27.2''. This means @w{@value{tramp} 2.4.5} as
integrated in @w{Emacs 27.2}. A complete list of @value{tramp}
versions packaged with Emacs can be retrieved by
@vindex customize-package-emacs-version-alist
@lisp
(assoc 'Tramp customize-package-emacs-version-alist)
@end lisp
@value{tramp} is also available as @uref{https://elpa.gnu.org, GNU
ELPA} package. Besides the standalone releases, further minor
versions of @value{tramp} will appear on GNU ELPA, until the next
@value{tramp} release appears. These minor versions have a
four-number string, like ``2.4.5.1''. The manual of the latest
@value{tramp} ELPA package is located at
@uref{https://elpa.gnu.org/packages/doc/tramp.html}.
@value{tramp} development versions are available on Git servers.
Development versions contain new and incomplete features. The
development version of @value{tramp} is always the version number of
the next release, plus the suffix ``-pre'', like ``2.4.4-pre''.
One way to obtain @value{tramp} from the Git server is to visit the
Savannah project page at the following URL and then clicking on the
Git link in the navigation bar at the top.
@noindent
@uref{https://savannah.gnu.org/projects/tramp/}
@noindent
Another way is to follow the terminal session below:
@example
@group
$ cd ~/emacs
$ git clone https://git.savannah.gnu.org/git/tramp.git
@end group
@end example
@noindent
From behind a proxy:
@example
@group
$ git config --global http.proxy https://user:pwd@@proxy.server.com:8080
$ git clone https://git.savannah.gnu.org/r/tramp.git
@end group
@end example
@noindent
@value{tramp} developers:
@example
$ git clone login@@git.sv.gnu.org:/srv/git/tramp.git
@end example
@noindent
After one of the above commands, @file{~/emacs/tramp} will
containing the latest version of @value{tramp}.
@noindent
To fetch updates from the repository, use @code{git pull}:
@example
@group
$ cd ~/emacs/tramp
$ git pull
@end group
@end example
@noindent
Run @command{autoconf} as follows to generate an up-to-date
@file{configure} script:
@example
@group
$ cd ~/emacs/tramp
$ autoconf
@end group
@end example
@ifset installchapter
@c Installation chapter is necessary only in case of standalone
@c installation.
@include trampinst.texi
@end ifset
@ifclear installchapter
See the file @file{INSTALL} in that directory for further information
on how to install @value{tramp}.
@end ifclear
@node Quick Start Guide
@chapter Short introduction how to use @value{tramp}
@cindex quick start guide
@value{tramp} extends the Emacs file name syntax by adding a remote
component. A remote file name always looks like
@file{@trampfn{method,user@@host,/path/to/file}}.
You can use remote files exactly like ordinary files, that means you
can open a file or directory by @kbd{C-x C-f
@trampfn{method,user@@host,/path/to/file} @key{RET}}, edit the file,
and save it. You can also mix local files and remote files in file
operations with two arguments, like @code{copy-file} or
@code{rename-file}. And finally, you can even run processes on a
remote host, when the buffer you call the process from has a remote
@code{default-directory}.
@anchor{Quick Start Guide File name syntax}
@section File name syntax
@cindex file name syntax
Remote file names have @code{method}, @code{user} and @code{host}
parts prepended. All of them, and also the local file name part, are
optional, in case of a missing part a default value is assumed. The
default value for an empty local file name part is the remote user's
home directory. The shortest remote file name is thus
@file{@trampfn{-,,}}. The @samp{-} notation for the default method is
used for syntactical reasons, @pxref{Default Method}.
The @code{method} part describes the connection method used to reach
the remote host, see below.
The @code{user} part is the user name for accessing the remote host.
For the @option{smb} method, this could also require a domain name, in
which case it is written as @code{user%domain}.
The @code{host} part must be a host name which can be resolved on
your local host. It could be a short host name, a fully qualified
domain name, an IPv4 or IPv6 address, @pxref{File name syntax}. Some
connection methods also support a notation for the port to be used, in
which case it is written as @code{host#port}.
@anchor{Quick Start Guide ssh and plink methods}
@section Using @option{ssh} and @option{plink}
@cindex method @option{ssh}
@cindex @option{ssh} method
@cindex method @option{plink}
@cindex @option{plink} method
If your local host runs an SSH client, and the remote host runs an SSH
server, the simplest remote file name is
@file{@trampfn{ssh,user@@host,/path/to/file}}. The remote file name
@file{@trampfn{ssh,,}} opens a remote connection to yourself on the
local host, and is often used for testing @value{tramp}.
On MS Windows, PuTTY is often used as the SSH client. Its @command{plink}
method can be used there to open a connection to a remote host running
an @command{ssh} server:
@file{@trampfn{plink,user@@host,/path/to/file}}.
@anchor{Quick Start Guide su, sudo, doas, run0, androidsu and sg methods}
@section Using @option{su}, @option{sudo}, @option{doas}, @option{run0}, @option{androidsu} and @option{sg}
@cindex method @option{su}
@cindex @option{su} method
@cindex method @option{sudo}
@cindex @option{sudo} method
@cindex method @option{doas}
@cindex @option{doas} method
@cindex method @option{run0}
@cindex @option{run0} method
@cindex method @option{androidsu}
@cindex @option{androidsu} method
@cindex method @option{sg}
@cindex @option{sg} method
Sometimes, it is necessary to work on your local host under different
permissions. For this, you can use the @option{su} or @option{sudo}
connection method. If your system is @code{systemd}-based, there is
the @option{run0} connection method. On OpenBSD systems, the
@option{doas} connection method offers the same functionality. If
your local system is Android, use the method @option{androidsu}
instead of @option{su}.
These methods use @samp{root} as default user name and the return
value of @code{(system-name)} as default host name. Therefore, it is
convenient to open a file as @file{@trampfn{sudo,,/path/to/file}}.
The method @option{sg} stands for ``switch group''; here the user name
is used as the group to change to. The default host name is the same.
@anchor{Quick Start Guide Combining ssh, plink, su, sudo, doas and run0 methods}
@section Combining @option{ssh} or @option{plink} with @option{su}, @option{sudo}, @option{doas} or @option{run0}
@cindex method @option{ssh}
@cindex @option{ssh} method
@cindex method @option{plink}
@cindex @option{plink} method
@cindex method @option{su}
@cindex @option{su} method
@cindex method @option{sudo}
@cindex @option{sudo} method
@cindex method @option{doas}
@cindex @option{doas} method
@cindex method @option{run0}
@cindex @option{run0} method
If the @option{su}, @option{sudo}, @option{doas} or @option{run0}
method should be performed on another host, it can be combined with a
leading @option{ssh} or @option{plink} method. That means that
@value{tramp} connects first to the other host with non-administrative
credentials, and changes to administrative credentials on that host
afterwards. In a simple case, the syntax looks like
@file{@trampfn{ssh@value{postfixhop}user@@host|sudo,,/path/to/file}}.
@xref{Ad-hoc multi-hops}.
@anchor{Quick Start Guide sudoedit method}
@section Using @command{sudoedit}
@cindex method @option{sudoedit}
@cindex @option{sudoedit} method
The @option{sudoedit} method is similar to the @option{sudo} method.
However, it is a different implementation: it does not keep an open
session running in the background. This is for security reasons; on
the backside this method has worse performance than the @option{sudo}
method, it is restricted to @samp{localhost} only, and it does not
support external processes.
@anchor{Quick Start Guide smb method}
@section Using @command{smbclient}
@cindex method @option{smb}
@cindex @option{smb} method
@cindex ms windows (with @option{smb} method)
@cindex @command{smbclient}
In order to access a remote MS Windows host or Samba server, the
@command{smbclient} client is used. The remote file name syntax is
@file{@trampfn{smb,user%domain@@host,/path/to/file}}. The first part
of the local file name is the share exported by the remote host,
@samp{path} in this example.
@anchor{Quick Start Guide GVFS-based methods}
@section Using @acronym{GVFS}-based methods
@cindex methods, gvfs
@cindex gvfs-based methods
@cindex method @option{sftp}
@cindex @option{sftp} method
@cindex method @option{afp}
@cindex @option{afp} method
@cindex method @option{dav}
@cindex method @option{davs}
@cindex @option{dav} method
@cindex @option{davs} method
@cindex method @option{mtp}
@cindex @option{mtp} method
On systems which have @acronym{GVFS, the GNOME Virtual File System}
installed, its offered methods can be used by @value{tramp}.
Examples are @file{@trampfn{sftp,user@@host,/path/to/file}},
@file{@trampfn{afp,user@@host,/path/to/file}} (accessing Apple's AFP
file system), @file{@trampfn{dav,user@@host,/path/to/file}},
@file{@trampfn{davs,user@@host,/path/to/file}} (for WebDAV shares) and
@file{@trampfn{mtp,device,/path/to/file}} (for media devices).
@anchor{Quick Start Guide GNOME Online Accounts based methods}
@section Using @acronym{GNOME} Online Accounts based methods
@cindex @acronym{GNOME} Online Accounts
@cindex method @option{gdrive}
@cindex @option{gdrive} method
@cindex google drive
@cindex method @option{nextcloud}
@cindex @option{nextcloud} method
@cindex nextcloud
@acronym{GVFS}-based methods also include @acronym{GNOME} Online
Accounts, which support the @option{Files} service. These are the
Google Drive file system, and the OwnCloud/NextCloud file system. The
file name syntax here is always
@file{@trampfn{gdrive,john.doe@@gmail.com,/path/to/file}}
(@samp{john.doe@@gmail.com} stands here for your Google Drive
account), or @file{@trampfn{nextcloud,user@@host#8081,/path/to/file}}
(@samp{8081} stands for the port number) for OwnCloud/NextCloud files.
@anchor{Quick Start Guide FUSE-based methods}
@section Using @acronym{FUSE}-based methods
@cindex methods, fuse
@cindex fuse-based methods
@cindex method @option{rclone}
@cindex @option{rclone} method
@cindex method @option{sshfs}
@cindex @option{sshfs} method
@acronym{FUSE, Filesystem in Userspace} allows users to mount a
virtual file system. It is also used by @acronym{GVFS} internally,
but here we discuss methods which do not use the @acronym{GVFS} API.
A convenient way to access system storages is the @command{rclone}
program. If you have configured a storage in @command{rclone} under a
name @samp{storage} (for example), you can access it via the remote
file name syntax @file{@trampfn{rclone,storage,/path/to/file}}. User
names are not needed.
On local hosts which have installed the @command{sshfs} client for
mounting a file system based on @command{sftp}, this method can be
used. All remote files are available via the local mount point.
@value{tramp} aids in mounting the file system if it isn't mounted
yet, and it supports the access with the usual file name syntax
@file{@trampfn{sshfs,user@@host,/path/to/file}}.
@anchor{Quick Start Guide Android}
@section Using Android
@cindex method @option{adb}
@cindex @option{adb} method
@cindex android
An Android device, which is connected via USB to your local host, can
be accessed via the @command{adb} command. No user or host name is
needed. The file name syntax is @file{@trampfn{adb,,/path/to/file}}.
@node Configuration
@chapter Configuring @value{tramp}
@cindex configuration
@cindex default configuration
@value{tramp} is initially configured to use the @command{scp} program
to connect to the remote host. Just type @kbd{C-x C-f} and then enter
file name @file{@trampfn{scp,user@@host,/path/to/file}}. For details,
@xref{Default Method}, @xref{Default User}, @xref{Default Host}.
For problems related to the behavior of the remote shell, @xref{Remote
shell setup}.
For changing the connection type and file access method from the
defaults to one of several other options, @xref{Connection types}.
@strong{Note} that some user options described in these examples are
not auto loaded by Emacs. All examples require @value{tramp} to be
installed and loaded:
@lisp
(customize-set-variable 'tramp-verbose 6 "Enable remote command traces")
@end lisp
For functions used to configure @value{tramp}, the following clause
may be used in your init file:
@lisp
(with-eval-after-load 'tramp (tramp-change-syntax 'simplified))
@end lisp
@vindex enable-remote-dir-locals
Changing other variables via directory-local variables on a remote
directory must be enabled by setting @code{enable-remote-dir-locals}
to non-@code{nil}, @xref{Directory Variables, , , emacs}.
@menu
* Optional methods:: Optional methods which must be enabled first.
* Connection types:: Types of connections to remote hosts.
* Inline methods:: Inline methods.
* External methods:: External methods.
* GVFS-based methods:: @acronym{GVFS}-based external methods.
* FUSE-based methods:: @acronym{FUSE}-based external methods.
* Default Method:: Selecting a default method.
Here we also try to help those who
don't have the foggiest which method
is right for them.
* Default User:: Selecting a default user.
* Default Host:: Selecting a default host.
* Multi-hops:: Connecting to a remote host using multiple hops.
* Firewalls:: Passing firewalls.
* Customizing Methods:: Using Non-Standard Methods.
* Customizing Completion:: Selecting config files for user/host name @c
completion.
* Password handling:: Reusing passwords for several connections.
* Connection caching:: Reusing connection related information.
* Predefined connection information::
Setting own connection related information.
* Remote programs:: How @value{tramp} finds and uses programs @c
on the remote host.
* Remote shell setup:: Remote shell setup hints.
* Ssh setup:: Ssh setup hints.
* FUSE setup:: @acronym{FUSE} setup hints.
* Android shell setup:: Android shell setup hints.
* Kubernetes setup:: Kubernetes setup hints.
* Auto-save File Lock and Backup::
Auto-save, File Lock and Backup.
* Keeping files encrypted:: Protect remote files by encryption.
@end menu
@node Optional methods
@section Optional methods which must be enabled first
@cindex optional methods
Not all methods are enabled by default after loading @value{tramp}.
Some of them don't work on the local host. Some of them are optional,
and must be enabled if it is intended to use them. For all methods
described in this manual, it is indicated when the method is optional.
@deffn Command tramp-enable-method method
This command enables the optional method @var{method}, a string. The
command can be invoked interactively like @kbd{M-x tramp-enable-method
@key{RET} toolbox @key{RET}}, with @option{toolbox} being an optional
method.
@end deffn
If you want to enable an optional method permanently, add something
like this to your @file{.emacs} file:
@lisp
(with-eval-after-load 'tramp (tramp-enable-method "toolbox"))
@end lisp
@node Connection types
@section Types of connections to remote hosts
@cindex connection types, overview
@dfn{Inline method} and @dfn{external method} are the two basic types
of access methods. While they both use the same remote shell access
programs, such as @command{rsh}, @command{ssh}, or @command{telnet},
they differ in the file access methods. Choosing the right method
becomes important for editing files, transferring large files, or
operating on a large number of files.
The performance of the external methods is generally better than that
of the inline methods, at least for large files. This is caused by
the need to encode and decode the data when transferring inline.
The one exception to this rule are the @option{scp}-based access
methods. While these methods do see better performance when actually
transferring files, the overhead of the cryptographic negotiation at
startup may drown out the improvement in file transfer times.
External methods should be configured in such a way that they don't
require a password (with @command{ssh-agent}, or similar). Modern
@command{scp} implementations offer options to reuse existing
@command{ssh} connections, which @value{tramp} enables by default if
available. If that is not possible, you should consider @ref{Password
handling}, otherwise you will be prompted for a password for every
copy action.
@node Inline methods
@section Inline methods
@cindex inline methods
@cindex methods, inline
Inline methods use the same login connection to transfer file
contents. Inline methods are quick and easy for small files. They
depend on the availability of suitable encoding and decoding programs
on the remote host. For local source and destination, @value{tramp}
may use built-in equivalents of such programs in Emacs.
Inline methods can work in situations where an external transfer
program is unavailable. Inline methods also work when transferring
files between different @emph{user identities} on the same host.
@cindex base-64 encoding
@cindex base-64 encoding
@cindex uu encoding
@vindex tramp-remote-coding-commands
@value{tramp} checks the remote host for the availability and
usability of one of the commands defined in
@code{tramp-remote-coding-commands}. @value{tramp} uses the first
reliable command it finds. @value{tramp}'s search path can be
customized, @pxref{Remote programs}.
In case none of the commands are available, @value{tramp} first
transfers a small Perl program to the remote host, and then tries to
use that program for encoding and decoding.
@vindex tramp-inline-compress-start-size
@vindex tramp-inline-compress-commands
To increase transfer speeds for large text files, @value{tramp} can
use compression before encoding. The user option
@code{tramp-inline-compress-start-size} specifies the file size above
which to use this optimization. This feature depends on the
availability and usability of one of the commands defined in
@code{tramp-inline-compress-commands}.
@table @asis
@cindex method @option{rsh}
@cindex @option{rsh} method
@item @option{rsh}
@command{rsh} is an option for connecting to hosts within local
networks since @command{rsh} is not as secure as other methods.
There should be no reason to use it, as @command{ssh} is a both a
complete replacement and ubiquitous.
@cindex method @option{ssh}
@cindex @option{ssh} method
@item @option{ssh}
@command{ssh} is a more secure option than others to connect to a
remote host.
@command{ssh} can also take extra parameters as port numbers. For
example, a host on port 42 is specified as @file{host#42} (the real
host name, a hash sign, then a port number). It is the same as passing
@samp{-p 42} to the @command{ssh} command.
@cindex method @option{telnet}
@cindex @option{telnet} method
@item @option{telnet}
Connecting to a remote host with @command{telnet} is as insecure
as the @option{rsh} method.
@cindex method @option{su}
@cindex @option{su} method
@item @option{su}
Instead of connecting to a remote host, @command{su} program allows
editing as another user. The host can be either @samp{localhost} or
the host returned by the function @command{(system-name)}. See
@ref{Multi-hops} for an exception to this behavior.
@cindex method @option{androidsu}
@cindex @option{androidsu} method
@item @option{androidsu}
Because the default implementation of the @option{su} method and other
shell-based methods conflict with non-standard @command{su}
implementations popular among Android users and the restricted
command-line utilities distributed with that system, a largely
equivalent @option{androidsu} method is provided for that system with
workarounds for its many idiosyncrasies, with the exception that
multi-hops are unsupported.
This is an optional method, @pxref{Optional methods}. It is enabled by
default on @code{android} systems only.
@cindex method @option{sudo}
@cindex @option{sudo} method
@item @option{sudo}
Similar to @option{su} method, @option{sudo} uses @command{sudo}.
@command{sudo} must have sufficient rights to start a shell.
For security reasons, a @option{sudo} connection is disabled after a
predefined timeout (5 minutes by default). This can be changed,
@pxref{Predefined connection information}.
@cindex method @option{doas}
@cindex @option{doas} method
@item @option{doas}
This method is used on OpenBSD like the @command{sudo} command. Like
the @option{sudo} method, a @option{doas} connection is disabled after
a predefined timeout.
@cindex method @option{run0}
@cindex @option{run0} method
@item @option{run0}
@c This requires systemd 256. Check with 'systemd-run --version'.
This method is used on @code{systemd}-based hosts. A @option{run0}
connection is disabled after a predefined timeout as well.
This is an optional method, @pxref{Optional methods}.
@cindex method @option{sg}
@cindex @option{sg} method
@item @option{sg}
The @command{sg} program allows editing as different group. The host
can be either @samp{localhost} or the host returned by the function
@command{(system-name)}. The user name must be specified, but it
denotes a group name. See @ref{Multi-hops} for an exception to this
behavior.
@cindex method @option{sshx}
@cindex @option{sshx} method
@item @option{sshx}
Works like @option{ssh} but without the extra authentication prompts.
@option{sshx} uses @samp{ssh -t -t -l @var{user} -o
RemoteCommand='/bin/sh -i' @var{host}} to open a connection with a
``standard'' login shell. It supports changing the remote login shell
@command{/bin/sh}.
@strong{Note} that @option{sshx} does not bypass authentication
questions. For example, if the host key of the remote host is not
known, @option{sshx} will still ask ``Are you sure you want to
continue connecting?''. @value{tramp} cannot handle such questions.
Connections will have to be setup where logins can proceed without
such questions.
@option{sshx} is useful for MS Windows users when @command{ssh}
triggers an error about allocating a pseudo tty. This happens due to
missing shell prompts that confuses @value{tramp}.
@option{sshx} supports the @samp{-p} argument.
@cindex method @option{krlogin}
@cindex @option{krlogin} method
@cindex kerberos (with @option{krlogin} method)
@item @option{krlogin}
This method is also similar to @option{ssh}. It uses the
@command{krlogin -x} command only for remote host login.
This method is an optional method, @pxref{Optional methods}.
@cindex method @option{ksu}
@cindex @option{ksu} method
@cindex kerberos (with @option{ksu} method)
@item @option{ksu}
This is another method from the Kerberos suite. It behaves like
@option{su}. It is an optional method, @pxref{Optional methods}.
@cindex method @option{plink}
@cindex @option{plink} method
@item @option{plink}
@option{plink} method is for MS Windows users with the PuTTY
implementation of SSH@. It uses @samp{plink -ssh} to log in to the
remote host. It supports changing the remote login shell @command{/bin/sh}.
Check the @samp{Share SSH connections if possible} control for that
session.
@option{plink} method supports the @samp{-P} argument.
@cindex method @option{plinkx}
@cindex @option{plinkx} method
@item @option{plinkx}
Another method using PuTTY on MS Windows with session names instead of
host names. @option{plinkx} calls @samp{plink -load @var{session}
-t}. User names and port numbers must be defined in the session. It
supports changing the remote login shell @command{/bin/sh}.
Check the @samp{Share SSH connections if possible} control for that
session.
@end table
@noindent
The following methods allow to access running containers in different
ways:
@table @asis
@cindex method @option{docker}
@cindex @option{docker} method
@item @option{docker}
Integration for Docker containers. The host name may be either a
running container's name or ID, as returned by @samp{docker ps}.
@vindex tramp-docker-program
If the @command{docker} program isn't found in your @env{PATH}
environment variable, you can tell @value{tramp} its absolute path via
the user option @code{tramp-docker-program}.
@cindex method @option{podman}
@cindex @option{podman} method
@item @option{podman}
Podman is an alternative to @option{docker} which may be run rootless,
if desired.
@vindex tramp-podman-program
If the @command{podman} program isn't found in your @env{PATH}
environment variable, you can tell @value{tramp} its absolute path via
the user option @code{tramp-podman-program}.
@cindex method @option{kubernetes}
@cindex @option{kubernetes} method
@item @option{kubernetes}
Integration for containers in Kubernetes pods. The host name is
@samp{@var{pod}}, or @samp{@var{container}.@var{pod}} if an explicit
container name shall be used. Otherwise, the first container in a pod
is used. @samp{@var{pod}%@var{namespace}} as host name allows to use
another namespace but the default one. This can also be combined with
the @samp{@var{container}.} prefix.
@vindex tramp-kubernetes-program
Internally, @value{tramp} uses the @command{kubectl} program. If this
program isn't found in your @env{PATH} environment variable, you can
tell @value{tramp} its absolute path via the user option
@code{tramp-kubernetes-program}.
This method does not support user names.
@cindex method @option{toolbox}
@cindex @option{toolbox} method
@item @option{toolbox}
@cindex method @option{distrobox}
@cindex @option{distrobox} method
@item @option{distrobox}
Integration of Toolbox or Distrobox system containers, respectively.
The host name may be either a container's name or ID, as returned by
@samp{toolbox list -c} or @samp{distrobox list}. Without a host name,
the default Toolbox container for the host will be used. There is no
such default for Distrobox.
Contrary to the other container-based methods, these two methods start
a created container, if it isn't running yet.
@vindex tramp-toolbox-program
@vindex tramp-distrobox-program
If the @command{toolbox} or @command{distrobox} program isn't found in
your @env{PATH} environment variable, you can tell @value{tramp} its
absolute path via the user option @code{tramp-toolbox-program} or
@code{tramp-distrobox-program}, respectively.
These are optional methods, @pxref{Optional methods}. They do not
support user names.
@cindex method @option{flatpak}
@cindex @option{flatpak} method
@item @option{flatpak}
Integration of Flatpak sandboxes. The host name may be either an
application ID, a sandbox instance ID, or a PID, as returned by
@samp{flatpak ps}.
@vindex tramp-flatpak-program
If the @command{flatpak} program isn't found in your @env{PATH}
environment variable, you can tell @value{tramp} its absolute path via
the user option @code{tramp-flatpak-program}.
This is an optional method, @pxref{Optional methods}. It does not
support user names.
@cindex method @option{apptainer}
@cindex @option{apptainer} method
@item @option{apptainer}
Integration of Apptainer instances. The host name is the instance
name, as returned by @samp{apptainer instance list}.
@vindex tramp-apptainer-program
If the @command{apptainer} program isn't found in your @env{PATH}
environment variable, you can tell @value{tramp} its absolute path via
the user option @code{tramp-apptainer-program}.
This is an optional method, @pxref{Optional methods}. It does not
support user names.
@cindex method @option{nspawn}
@cindex @option{nspawn} method
@item @option{nspawn}
Integration of @code{systemd-nspawn} instances. The host name is the
instance name, as returned by @samp{machinectl list --all}.
@vindex tramp-nspawn-program
Internally, @value{tramp} uses the @command{machinectl} program. If this
program isn't found in your @env{PATH} environment variable, you can
tell @value{tramp} its absolute path via the user option
@code{tramp-nspawn-program}.
This is an optional method, @pxref{Optional methods}.
@end table
@node External methods
@section External methods
@cindex methods, external
@cindex external methods
External methods operate over multiple channels, using the remote
shell connection for some actions while delegating file transfers to
an external transfer program.
External methods save on the overhead of encoding and decoding of
inline methods.
Since external methods have the overhead of opening a new channel,
files smaller than @code{tramp-copy-size-limit} still use inline
methods.
@table @asis
@cindex method @option{rcp}
@cindex @option{rcp} method
@cindex @command{rsh} (with @option{rcp} method)
@item @option{rcp}
This method uses the @command{rsh} and @command{rcp} commands to
connect to the remote host and transfer files. This is the fastest
access method available.
The alternative method @option{remcp} uses the @command{remsh} and
@command{rcp} commands.
@cindex method @option{scp}
@cindex @option{scp} method
@cindex @command{ssh} (with @option{scp} method)
@item @option{scp}
Using a combination of @command{ssh} to connect and @command{scp} to
transfer is the most secure. While the performance is good, it is
slower than the inline methods for smaller files. Though there is no
overhead of encoding and decoding of the inline methods,
@command{scp}'s cryptographic handshake negates those speed gains.
@option{ssh}-based methods support @samp{-p} feature for specifying
port numbers. For example, @file{host#42} passes @samp{-p 42} in the
argument list to @command{ssh}, and @samp{-P 42} in the argument list
to @command{scp}.
@cindex method @option{rsync}
@cindex @option{rsync} method
@cindex @command{ssh} (with @option{rsync} method)
@item @option{rsync}
@command{ssh} command to connect in combination with @command{rsync}
command to transfer is similar to the @option{scp} method.
@command{rsync} performs much better than @command{scp} when
transferring files that exist on both hosts. However, this advantage
is lost if the file exists only on one side of the connection.
This method supports the @samp{-p} argument.
@cindex method @option{scpx}
@cindex @option{scpx} method
@cindex @command{ssh} (with @option{scpx} method)
@item @option{scpx}
@option{scpx} is useful to avoid login shell questions. It is similar
in performance to @option{scp}. @option{scpx} uses @samp{ssh -t -t -l
@var{user} -o RemoteCommand='/bin/sh -i' @var{host}} to open a
connection. It supports changing the remote login shell
@command{/bin/sh}.
@option{scpx} is useful for MS Windows users when @command{ssh}
triggers an error about allocating a pseudo tty. This happens due to
missing shell prompts that confuses @value{tramp}.
This method supports the @samp{-p} argument.
@cindex method @option{pscp}
@cindex @option{pscp} method
@cindex @command{plink} (with @option{pscp} method)
@cindex @command{putty} (with @option{pscp} method)
@item @option{pscp}
@cindex method @option{psftp}
@cindex @option{psftp} method
@cindex @command{plink} (with @option{psftp} method)
@cindex @command{putty} (with @option{psftp} method)
@item @option{psftp}
These methods are similar to @option{scp} or @option{sftp}, but they
use the @command{plink} command to connect to the remote host, and
they use @command{pscp} or @command{psftp} for transferring the files.
These programs are part of PuTTY, an SSH implementation for MS Windows.
They support changing the remote login shell @command{/bin/sh}.
Check the @samp{Share SSH connections if possible} control for that
session.
These methods support the @samp{-P} argument.
@cindex method @option{dockercp}
@cindex @option{dockercp} method
@item @option{dockercp}
@cindex method @option{podmancp}
@cindex @option{podmancp} method
@item @option{podmancp}
These methods are similar to @option{docker} or @option{podman}, but
they use the command @command{docker cp} or @command{podman cp} for
transferring large files.
These copy commands do not support file globs, and they ignore a user
name.
@cindex method @option{fcp}
@cindex @option{fcp} method
@cindex @command{fsh} (with @option{fcp} method)
@item @option{fcp}
This method is similar to @option{scp}, but uses @command{fsh} to
connect and @command{fcp} to transfer files. @command{fsh/fcp}, a
front-end for @command{ssh}, reuse @command{ssh} session by
submitting several commands. This avoids the startup overhead due to
@command{scp}'s secure connection. Inline methods have similar
benefits.
The command used for this connection is: @samp{fsh @var{host} -l
@var{user} /bin/sh -i}
@cindex method @option{fsh}
@cindex @option{fsh} method
@option{fsh} has no inline method since the multiplexing it offers is
not useful for @value{tramp}. @command{fsh} connects to remote host
and @value{tramp} keeps that one connection open.
This is an optional method, @pxref{Optional methods}.
@cindex method @option{nc}
@cindex @option{nc} method
@cindex @command{telnet} (with @option{nc} method)
@item @option{nc}
Using @command{telnet} to connect and @command{nc} to transfer files
is sometimes the only combination suitable for accessing routers or
NAS hosts. These dumb devices have severely restricted local shells,
such as the @command{busybox} and do not host any other encode or
decode programs.
This is an optional method, @pxref{Optional methods}.
@cindex method @option{sudoedit}
@cindex @option{sudoedit} method
@item @option{sudoedit}
The @option{sudoedit} method facilitates editing a file as a different
user on the local host. You could regard this as @value{tramp}'s
implementation of the @command{sudoedit}. Contrary to the
@option{sudo} method, all magic file name functions are implemented by
single @command{sudo @dots{}} commands. The purpose is to make
editing such a file as secure as possible; there must be no session
running in the Emacs background which could be attacked from inside
Emacs.
Consequently, external processes are not implemented.
The host name of such remote file names must represent the local host.
Since the default value is already proper, it is recommended not to
use any host name in the remote file name, like
@file{@trampfn{sudoedit,,/path/to/file}} or
@file{@trampfn{sudoedit,user@@,/path/to/file}}.
Like the @option{sudo} method, a @option{sudoedit} password expires
after a predefined timeout.
@cindex method @option{ftp}
@cindex @option{ftp} method
@item @option{ftp}
When @value{tramp} uses @option{ftp}, it forwards requests to whatever
ftp program is specified by Ange FTP@. This external program must be
capable of servicing requests from @value{tramp}.
@cindex method @option{smb}
@cindex @option{smb} method
@cindex ms windows (with @option{smb} method)
@cindex @command{smbclient}
@item @option{smb}
This non-native @value{tramp} method connects via the Server Message
Block (SMB) networking protocol to hosts running file servers that are
typically based on @uref{https://www.samba.org/,,Samba} or MS Windows.
Using @command{smbclient} requires a few tweaks when working with
@value{tramp}:
The first directory in the localname must be a share name on the
remote host.
Since some SMB share names end in the @code{$} character,
@value{tramp} must use @code{$$} when specifying those shares to avoid
environment variable substitutions.
When @value{tramp} is not specific about the share name or uses the
generic remote directory @file{/}, @command{smbclient} returns all
available shares.
Since SMB authentication is based on each SMB share, @value{tramp}
prompts for a password even when accessing a different share on the
same SMB host. This prompting can be suppressed by @ref{Password
handling}.
To accommodate user name/domain name syntax required by MS Windows
authorization, @value{tramp} provides for an extended syntax in
@code{user%domain} format (where @code{user} is the user name,
@code{%} is the percent symbol, and @code{domain} is the MS Windows
domain name). An example:
@example
@trampfn{smb,daniel%BIZARRE@@melancholia,/daniel$$/.emacs}
@end example
where user @samp{daniel} connects as a domain user to the SMB host
@samp{melancholia} in the MS Windows domain @samp{BIZARRE} to edit
@file{.emacs} located in the home directory (share @samp{daniel$}).
Alternatively, for local WINS users (as opposed to domain users),
substitute the domain name with the name of the local host in
UPPERCASE as shown here:
@example
@trampfn{smb,daniel%MELANCHOLIA@@melancholia,/daniel$$/.emacs}
@end example
where user @samp{daniel} connects as local user to the SMB host
@samp{melancholia} in the local domain @samp{MELANCHOLIA} to edit
@file{.emacs} located in the home directory (share @samp{daniel$}).
The domain name and user name are optional for @command{smbclient}
authentication. When user name is not specified, @command{smbclient}
uses the anonymous user (without prompting for password). This
behavior is unlike other @value{tramp} methods, where local user name
is substituted.
The @option{smb} method is unavailable if Emacs is run under a local
user authentication context in MS Windows. However such users can
still access remote files using UNC file names instead of @value{tramp}:
@example
//melancholia/daniel$$/.emacs
@end example
UNC file name specification does not allow the specification of a
different user name for authentication like the @command{smbclient}
can.
@cindex method @option{adb}
@cindex @option{adb} method
@cindex android (with @option{adb} method)
@item @option{adb}
@vindex tramp-adb-program
@vindex PATH@r{, environment variable}
This method uses Android Debug Bridge program for accessing Android
devices. The Android Debug Bridge must be installed locally for
@value{tramp} to work. Some GNU/Linux distributions provide Android
Debug Bridge as an installation package. Alternatively, the program
is installed as part of the Android SDK@. @value{tramp} finds the
@command{adb} program either via the @env{PATH} environment variable
or the absolute path set in the user option @code{tramp-adb-program}.
@vindex tramp-adb-connect-if-not-connected
@value{tramp} connects to Android devices with @option{adb} only when
the user option @code{tramp-adb-connect-if-not-connected} is not
@code{nil}. Otherwise, the connection must be established outside
Emacs.
@value{tramp} does not require a host name part of the remote file
name when a single Android device is connected to @command{adb}.
@value{tramp} instead uses @file{@trampfn{adb,,}} as the default name.
@command{adb devices}, run in a shell outside Emacs, shows available
host names.
@option{adb} method normally does not need user name to authenticate
on the Android device because it runs under the @command{adbd}
process. But when a user name is specified, however, @value{tramp}
applies an @command{su} in the syntax. When authentication does not
succeed, especially on un-rooted Android devices, @value{tramp}
displays login errors.
For Android devices connected through TCP/IP, a port number can be
specified using @file{device#42} host name syntax or @value{tramp} can
use the default value as declared in @command{adb} command. Port
numbers are not applicable to Android devices connected through USB@.
@end table
@node GVFS-based methods
@section @acronym{GVFS}-based external methods
@cindex methods, gvfs
@cindex gvfs-based methods
@cindex dbus
@acronym{GVFS} is the virtual file system for the @acronym{GNOME}
Desktop, @uref{https://en.wikipedia.org/wiki/GVFS}. Remote files on
@acronym{GVFS} are mounted locally through @acronym{FUSE} and
@value{tramp} uses this locally mounted directory internally.
Emacs uses the D-Bus mechanism to communicate with @acronym{GVFS}@.
Emacs must have the message bus system, D-Bus integration active,
@pxref{Top, , D-Bus, dbus}.
@table @asis
@cindex method @option{afp}
@cindex @option{afp} method
@item @option{afp}
This method is for connecting to remote hosts with the Apple Filing
Protocol for accessing files on macOS volumes. @value{tramp} access
syntax requires a leading volume (share) name, for example:
@file{@trampfn{afp,user@@host,/volume}}.
@cindex WebDAV
@cindex method @option{dav}
@cindex @option{dav} method
@item @option{dav}
@cindex method @option{davs}
@cindex @option{davs} method
@item @option{davs}
@option{dav} method provides access to WebDAV files and directories
based on standard protocols, such as HTTP@. @option{davs} does the same
but with SSL encryption. Both methods support the port numbers.
Paths being part of the WebDAV volume to be mounted by @acronym{GVFS},
as it is common for OwnCloud or NextCloud file names, are not
supported by these methods. See method @option{nextcloud} for
handling them.
@cindex @acronym{GNOME} Online Accounts
@cindex method @option{gdrive}
@cindex @option{gdrive} method
@cindex google drive
@item @option{gdrive}
Via the @option{gdrive} method it is possible to access your Google
Drive online storage. User and host name of the remote file name are
your email address of the Google Drive credentials, like
@file{@trampfn{gdrive,john.doe@@gmail.com,/}}. These credentials must
be populated in your @command{Online Accounts} application outside Emacs.
Since Google Drive uses cryptic blob file names internally,
@value{tramp} works with the @code{display-name} of the files. This
could produce unexpected behavior in case two files in the same
directory have the same @code{display-name}, such a situation must be
avoided.
@cindex method @option{mtp}
@cindex @option{mtp} method
@cindex media
@item @option{mtp}
Media devices, like cell phones, tablets, cameras, can be accessed via
the @option{mtp} method. Just the device name is needed in order to
specify the host in the file name. However, the device must already
be connected via USB, before accessing it. Possible device names are
visible via host name completion, @pxref{File name completion}.
Depending on the device type, the access could be read-only. Some
devices are accessible under different names in parallel, offering
different parts of their file system.
@value{tramp} does not require a host name as part of the remote file
name when a single media device is connected. @value{tramp} instead
uses @file{@trampfn{mtp,,}} as the default name.
@cindex method @option{nextcloud}
@cindex @option{nextcloud} method
@cindex nextcloud
@item @option{nextcloud}
As the name indicates, the method @option{nextcloud} allows you to
access OwnCloud or NextCloud hosted files and directories. Like the
@option{gdrive} method, your credentials must be populated in your
@command{Online Accounts} application outside Emacs. The method
supports port numbers.
@cindex method @option{sftp}
@cindex @option{sftp} method
@item @option{sftp}
This method uses @command{sftp} in order to securely access remote
hosts. @command{sftp} is a more secure option for connecting to hosts
that for security reasons refuse @command{ssh} connections.
When there is a respective entry in your @command{ssh} configuration,
do @emph{not} set the @option{RemoteCommand} option.
@end table
@defopt tramp-gvfs-methods
This user option is a list of external methods for @acronym{GVFS}@.
By default, this list includes @option{afp}, @option{dav},
@option{davs}, @option{gdrive}, @option{mtp}, @option{nextcloud} and
@option{sftp}. Other methods to include are @option{ftp},
@option{http}, @option{https} and @option{smb}. These methods are not
intended to be used directly as @acronym{GVFS}-based method. Instead,
they are added here for the benefit of @ref{Archive file names}.
If you want to use @acronym{GVFS}-based @option{ftp} or @option{smb}
methods, you must add them to @code{tramp-gvfs-methods}, and you must
disable the corresponding @value{tramp} package by setting
@code{tramp-ftp-method} or @code{tramp-smb-method} to @code{nil},
respectively:
@lisp
@group
(add-to-list 'tramp-gvfs-methods "ftp")
(customize-set-variable 'tramp-ftp-method nil)
@end group
@end lisp
@end defopt
@node FUSE-based methods
@section @acronym{FUSE}-based external methods
@cindex methods, fuse
@cindex fuse-based methods
Besides @acronym{GVFS}, there are other virtual file systems using the
@acronym{FUSE} interface. Remote files are mounted locally through
@acronym{FUSE} and @value{tramp} uses this locally mounted directory
internally. When possible, @value{tramp} maps the remote file names
to their respective local file name, and applies the file name
operation on them. For some of the file name operations this is not
possible, @value{tramp} emulates those operations otherwise.
@table @asis
@cindex method @option{rclone}
@cindex @option{rclone} method
@item @option{rclone}
@vindex tramp-rclone-program
The program @command{rclone} enables accessing different system
storages in the cloud, see @uref{https://rclone.org/} for a list of
supported systems. If the @command{rclone} program isn't found in
your @env{PATH} environment variable, you can tell @value{tramp} its
absolute path via the user option @code{tramp-rclone-program}.
A system storage must be configured via the @command{rclone config}
command, outside Emacs. If you have configured a storage in
@command{rclone} under a name @samp{storage} (for example), you can
access it via the remote file name
@example
@trampfn{rclone,storage,/path/to/file}
@end example
User names are part of the @command{rclone} configuration, and not
needed in the remote file name. If a user name is contained in the
remote file name, it is ignored.
Access via @option{rclone} is slow. If you have an alternative method
for accessing the system storage, you should use it.
@ref{GVFS-based methods} for example, methods @option{gdrive} and
@option{nextcloud}.
@cindex method @option{sshfs}
@cindex @option{sshfs} method
@item @option{sshfs}
@vindex tramp-sshfs-program
On local hosts which have installed the @command{sshfs} client for
mounting a file system based on @command{sftp}, this method can be
used, see
@uref{https://github.com/libfuse/sshfs/blob/master/README.rst/}. If
the @command{sshfs} program isn't found in your @env{PATH} environment
variable, you can tell @value{tramp} its absolute path via the user
option @code{tramp-sshfs-program}.
All remote files are available via the local mount point.
@value{tramp} aids in mounting the file system if it isn't mounted
yet. The remote file name syntax is
@example
@trampfn{sshfs,user@@host#port,/path/to/file}
@end example
User name and port number are optional. This method does not support
password handling, the file system must either be mounted already, or
the connection must be established passwordless via ssh keys.
The mount point and mount arguments can be passed as connection
properties, @xref{Setup of sshfs method}.
@end table
@node Default Method
@section Selecting a default method
@cindex default method
In a remote file name, the use of a default method is indicated by the
pseudo method @option{-}, @pxref{File name syntax}.
@defopt tramp-default-method
Default method is for transferring files. The user option
@code{tramp-default-method} sets it. @value{tramp} uses this user
option to determine the default method for remote file names that do
not have one specified.
@lisp
(customize-set-variable 'tramp-default-method "ssh")
@end lisp
@end defopt
@defopt tramp-default-method-alist
Default methods for transferring files can be customized for specific
user and host combinations through the user option
@code{tramp-default-method-alist}.
For example, the following two lines specify to use the @option{ssh}
method for all user names matching @samp{john} and the @option{rsync}
method for all host names matching @samp{lily}. The third line
specifies to use the @option{su} method for the user @samp{root} on
the host @samp{localhost}.
@lisp
@group
(add-to-list 'tramp-default-method-alist '("" "john" "ssh"))
(add-to-list 'tramp-default-method-alist '("lily" "" "rsync"))
(add-to-list 'tramp-default-method-alist
'("\\`localhost\\'" "\\`root\\'" "su"))
@end group
@end lisp
@end defopt
@noindent
External methods performance faster for large files. @pxref{Inline
methods}. @pxref{External methods}.
Choosing the access method also depends on the security environment.
For example, @option{rsh} and @option{telnet} methods that use clear
text password transfers are inappropriate for over the Internet
connections. Secure remote connections should use @option{ssh} that
provide encryption.
@subsection Which method to use?
@cindex choosing the right method
@value{tramp} provides maximum number of choices for maximum
flexibility. Choosing which method depends on the hosts, clients,
network speeds, and the security context.
Start by using an inline method.
External methods might be more efficient for large files, but most
@value{tramp} users edit small files more often than large files.
Enable compression, @code{tramp-inline-compress-start-size}, for a
performance boost for large files with inline methods.
Since @command{ssh} has become the most common method of remote host
access and it has the most reasonable security protocols, use
@option{ssh} method. Typical @option{ssh} usage to edit the
@file{/etc/motd} file on the otherhost:
@example
@kbd{C-x C-f @trampfn{ssh,root@@otherhost,/etc/motd} @key{RET}}
@end example
If @option{ssh} is unavailable for whatever reason, look for other
obvious options. For MS Windows, try the @option{plink}
method@footnote{This shouldn't be needed with recent @code{OpenSSH}
versions for MS Windows. Use method @option{sshx}.}. For Kerberos,
try @option{krlogin}.
For editing local files as @option{su} or @option{sudo} methods, try
the shortened syntax of @samp{root}:
@example
@kbd{C-x C-f @trampfn{su,,/etc/motd} @key{RET}}
@end example
For editing large files, @option{scp} is faster than @option{ssh}.
@option{pscp} is faster than @option{plink}. But this speed
improvement is not always true.
When copying large files between two different remote hosts via
@option{scp}, set @code{tramp-use-scp-direct-remote-copying} to
non-@code{nil}.
@node Default User
@section Selecting a default user
@cindex default user
@defopt tramp-default-user
A @value{tramp} file name can omit the user name part since
@value{tramp} substitutes the currently logged-in user name. However
this substitution can be overridden with @code{tramp-default-user}.
For example:
@lisp
(customize-set-variable 'tramp-default-user "root")
@end lisp
@end defopt
@defopt tramp-default-user-alist
Instead of a single default user, @code{tramp-default-user-alist}
allows multiple default user values based on access method or host
name combinations. The alist can hold multiple values. For example, to
use the @samp{john} as the default user for the domain
@samp{somewhere.else} only:
@lisp
@group
(add-to-list 'tramp-default-user-alist
'("ssh" ".*\\.somewhere\\.else\\'" "john"))
@end group
@end lisp
A Caution: @value{tramp} will override any default user specified in
the configuration files outside Emacs, such as @file{~/.ssh/config}.
To stop @value{tramp} from applying the default value, set the
corresponding alist entry to @code{nil}:
@lisp
@group
(add-to-list 'tramp-default-user-alist
'("ssh" "\\`here\\.somewhere\\.else\\'" nil))
@end group
@end lisp
The last entry in @code{tramp-default-user-alist} should be reserved
for catch-all or most often used login.
@lisp
@group
(add-to-list 'tramp-default-user-alist
'(nil nil "jonas") t)
@end group
@end lisp
@end defopt
@node Default Host
@section Selecting a default host
@cindex default host
@defopt tramp-default-host
When host name is omitted, @value{tramp} substitutes the value from
the @code{tramp-default-host} user option. It is initially
populated with the local host name where Emacs is running. The
default method, default user and default host can be overridden as
follows:
@lisp
@group
(custom-set-variables
'(tramp-default-method "ssh")
'(tramp-default-user "john")
'(tramp-default-host "target"))
@end group
@end lisp
With all defaults set, @file{@trampfn{-,,}} will connect @value{tramp}
to John's home directory on @samp{target} via method @option{ssh}.
@end defopt
@defopt tramp-default-host-alist
Instead of a single default host, @code{tramp-default-host-alist}
allows multiple default host values based on access method or user
name combinations. The alist can hold multiple values. While
@code{tramp-default-host} is sufficient in most cases, some methods,
like @option{adb}, require defaults overwritten.
The default host name for @option{nspawn} is @samp{.host}. Therefore,
@file{@trampfn{nspawn,,}} and @file{@trampfn{sudo,,}} have the same
effect.
@end defopt
@node Multi-hops
@section Connecting to a remote host using multiple hops
@cindex multi-hop
@cindex proxy hosts
Multi-hops are methods to reach hosts behind firewalls or to reach the
outside world from inside a bastion host. With multi-hops,
@value{tramp} can negotiate these hops with the appropriate user/host
authentication at each hop. All methods until now have been the single
hop kind, where the start and end points of the connection did not
have intermediate check points.
@defopt tramp-default-proxies-alist
@code{tramp-default-proxies-alist} specifies proxy hosts to pass
through. This user option is list of triples consisting of
@code{(@var{host} @var{user} @var{proxy})}.
The first match is the proxy host through which passes the file name
and the target host matching @var{user}@@@var{host}. @var{host} and
@var{user} are regular expressions or @code{nil}, interpreted as a
regular expression which always matches.
@var{proxy} is a literal @value{tramp} file name whose local name part
is ignored, and the method and user name parts are optional.
The method must be an inline method (@pxref{Inline methods}). If
@var{proxy} is @code{nil}, no additional hop is required reaching
@var{user}@@@var{host}.
For example, to pass through the host @samp{bastion.your.domain} as
user @samp{bird} to reach remote hosts outside the local domain:
@lisp
@group
(add-to-list 'tramp-default-proxies-alist
'("\\." nil "@trampfn{ssh,bird@@bastion.your.domain,}"))
(add-to-list 'tramp-default-proxies-alist
'("\\.your\\.domain\\'" nil nil))
@end group
@end lisp
@strong{Note}: @code{add-to-list} adds elements at the beginning of a
list. Therefore, most relevant rules must come last in the list.
Proxy hosts can be cascaded in the alist. If there is another host
called @samp{jump.your.domain}, which is the only host allowed to
connect to @samp{bastion.your.domain}, then:
@lisp
@group
(add-to-list 'tramp-default-proxies-alist
'("\\`bastion\\.your\\.domain\\'"
"\\`bird\\'"
"@trampfn{ssh,jump.your.domain,}"))
@end group
@end lisp
@var{proxy} can take patterns @code{%h} or @code{%u} for @var{host} or
@var{user} respectively. Ports or domains, if they are part of
a hop file name, are not expanded by those patterns.
To login as @samp{root} on remote hosts in the domain
@samp{your.domain}, but login as @samp{root} is disabled for non-local
access, then use this alist entry:
@lisp
@group
(add-to-list 'tramp-default-proxies-alist
'("\\.your\\.domain\\'" "\\`root\\'" "@trampfn{ssh,%h,}"))
@end group
@end lisp
Opening @file{@trampfn{sudo,randomhost.your.domain,}} first connects
to @samp{randomhost.your.domain} via @code{ssh} under your account
name, and then performs @code{sudo -u root} on that host.
It is key for the @option{sudo} method in the above example to be
applied on the host after reaching it and not on the local host.
@value{tramp} checks therefore, that the host name for such hops
matches the host name of the previous hop.
@var{host}, @var{user} and @var{proxy} can also take Lisp forms. These
forms when evaluated must return either a string or @code{nil}.
To generalize (from the previous example): For all hosts, except my
local one, first connect via @command{ssh}, and then apply
@command{sudo -u root}:
@lisp
@group
(add-to-list 'tramp-default-proxies-alist
'(nil "\\`root\\'" "@trampfn{ssh,%h,}"))
(add-to-list 'tramp-default-proxies-alist
`(,(regexp-quote (system-name)) nil nil))
@end group
@end lisp
@end defopt
Passing through hops involves dealing with restricted shells, such as
@command{rbash}. If @value{tramp} is made aware, then it would use
them for proxies only.
@defopt tramp-restricted-shell-hosts-alist
An alist of regular expressions of hosts running restricted shells,
such as @command{rbash}. @value{tramp} will then use them only as
proxies.
To specify the bastion host from the example above as running a
restricted shell:
@lisp
@group
(add-to-list 'tramp-restricted-shell-hosts-alist
"\\`bastion\\.your\\.domain\\'")
@end group
@end lisp
@end defopt
@node Firewalls
@section Passing firewalls
@cindex http tunnel
@cindex proxy hosts, http tunnel
Sometimes, it is not possible to reach a remote host directly. A
firewall might be in the way, which could be passed via a proxy
server.
Both OpenSSH and PuTTY support such proxy settings, using an HTTP
tunnel via the @command{CONNECT} command (conforming to RFC 2616, 2817
specifications). Proxy servers using HTTP 1.1 or later protocol
support this command.
@subsection Tunneling with ssh
@vindex ProxyCommand@r{, ssh option}
With @command{ssh}, you can use the @option{ProxyCommand} entry in
@file{~/.ssh/config}:
@example
@group
Host host.other.domain
ProxyCommand nc -X connect -x proxy.your.domain:3128 %h %p
@end group
@end example
@code{nc} is BSD's netcat program, which establishes HTTP tunnels.
Any other program with such a feature could be used as well.
In the example, opening @file{@trampfn{ssh,host.your.domain,}} passes
the HTTP proxy server @samp{proxy.your.domain} on port 3128.
@subsection Tunneling with PuTTY
PuTTY does not need an external program, HTTP tunnel support is
built-in. In the PuTTY config program, create a session for
@samp{host.your.domain}. In the @option{Connection/Data} entry,
select the @option{HTTP} option, and add @samp{proxy.your.domain} as
@option{Proxy hostname}, and 3128 as @option{Port}.
Opening @file{@trampfn{plinkx,host.your.domain,}} passes the HTTP
proxy server @samp{proxy.your.domain} on port 3128.
@node Customizing Methods
@section Using Non-Standard Methods
@cindex customizing methods
@cindex using non-standard methods
@cindex create your own methods
@vindex tramp-methods
The @code{tramp-methods} variable currently has an exhaustive list of
predefined methods. Any part of this list can be modified with more
suitable settings. Refer to the Lisp documentation of that variable,
accessible with @kbd{C-h v tramp-methods @key{RET}}.
In the ELPA archives, there are several examples of such extensions.
They can be installed with Emacs's Package Manager. This includes
@table @samp
@c @item anything-tramp
@c @item counsel-tramp
@c @item helm-tramp
@c Contact Masashí Míyaura <masasam@users.noreply.github.com>
@c @item ibuffer-tramp.el
@c Contact Svend Sorensen <svend@@ciffer.net>
@cindex method @option{incus}
@cindex @option{incus} method
@item incus-tramp
Integration for Incus containers. A container is accessed via
@file{@trampfn{incus,user@@container,/path/to/file}}, @samp{user} and
@samp{container} have the same meaning as with the @option{docker}
method.
@cindex method @option{lxc}
@cindex @option{lxc} method
@item lxc-tramp
Integration for LXC containers. A container is accessed via
@file{@trampfn{lxc,container,/path/to/file}}, @samp{container} has the
same meaning as with the @option{docker} method. A @samp{user}
specification is ignored.
@cindex method @option{lxd}
@cindex @option{lxd} method
@item lxd-tramp
Integration for LXD containers. A container is accessed via
@file{@trampfn{lxd,user@@container,/path/to/file}}, @samp{user} and
@samp{container} have the same meaning as with the @option{docker}
method.
@cindex method @option{git}
@cindex @option{git} method
@item magit-tramp
Browsing Git repositories with @code{magit}. A versioned file is
accessed via @file{@trampfn{git,rev@@root-dir,/path/to/file}}.
@samp{rev} is a Git revision, and @samp{root-dir} is a virtual host
name for the root directory, specified in
@code{magit-tramp-hosts-alist}.
@cindex method @option{hdfs}
@cindex @option{hdfs} method
@item tramp-hdfs
Access of a hadoop/hdfs file system. A file is accessed via
@file{@trampfn{hdfs,user@@node,/path/to/file}}, where @samp{user} is
the user that you want to use, and @samp{node} is the name of the
hadoop server.
@cindex method @option{vagrant}
@cindex @option{vagrant} method
@item vagrant-tramp
Convenience method to access vagrant boxes. It is often used in
multi-hop file names like
@file{@trampfn{vagrant@value{postfixhop}box|sudo,box,/path/to/file}},
where @samp{box} is the name of the vagrant box.
@end table
@node Customizing Completion
@section Selecting config files for user/host name completion
@cindex customizing completion
@cindex selecting config files
@vindex tramp-completion-function-alist
@code{tramp-completion-function-alist} uses predefined files for user
and host name completion (@pxref{File name completion}). For each
method, it keeps a set of configuration files and a function that can
parse that file. Each entry in @code{tramp-completion-function-alist}
is of the form (@var{method} @var{pair1} @var{pair2} @dots{}).
Each @var{pair} is composed of (@var{function} @var{file}).
@var{function} is responsible for extracting user names and host names
from @var{file} for completion. There are two functions which access
this variable:
@defun tramp-get-completion-function method
This function returns the list of completion functions for @var{method}.
Example:
@example
@group
(tramp-get-completion-function "rsh")
@result{} ((tramp-parse-rhosts "/etc/hosts.equiv")
(tramp-parse-rhosts "~/.rhosts"))
@end group
@end example
@end defun
@defun tramp-set-completion-function method function-list
This function sets @var{function-list} as list of completion functions
for @var{method}.
Example:
@example
@group
(tramp-set-completion-function "ssh"
'((tramp-parse-sconfig "/etc/ssh_config")
(tramp-parse-sconfig "~/.ssh/config")))
@result{} ((tramp-parse-sconfig "/etc/ssh_config")
(tramp-parse-sconfig "~/.ssh/config"))
@end group
@end example
@end defun
The following predefined functions parsing configuration files exist:
@ftable @asis
@item @code{tramp-parse-rhosts}
This function parses files which are syntactical equivalent to
@file{~/.rhosts}. It returns both host names and user names, if
specified.
@item @code{tramp-parse-shosts}
This function parses files which are syntactical equivalent to
@file{~/.ssh/known_hosts}. Since there are no user names specified
in such files, it can return host names only.
@item @code{tramp-parse-sconfig}
This function returns the host nicknames defined by @option{Host}
entries in @file{~/.ssh/config} style files.
@item @code{tramp-parse-shostkeys}
SSH2 parsing of directories @file{/etc/ssh2/hostkeys/*} and
@file{~/ssh2/hostkeys/*}. Hosts are coded in file names
@file{hostkey_@var{portnumber}_@var{host-name}.pub}. User names
are always @code{nil}.
@item @code{tramp-parse-sknownhosts}
Another SSH2 style parsing of directories like
@file{/etc/ssh2/knownhosts/*} and @file{~/ssh2/knownhosts/*}. This
case, hosts names are coded in file names
@file{@var{host-name}.@var{algorithm}.pub}. User names are always @code{nil}.
@item @code{tramp-parse-hosts}
A function dedicated to @file{/etc/hosts} for host names.
@item @code{tramp-parse-passwd}
A function which parses @file{/etc/passwd} for user names.
@item @code{tramp-parse-etc-group}
A function which parses @file{/etc/group} for group names.
@item @code{tramp-parse-netrc}
A function which parses @file{~/.netrc} and @file{~/.authinfo}-style files.
@end ftable
To keep a custom file with custom data in a custom structure, a custom
function has to be provided. This function must meet the following
conventions:
@defun my-tramp-parse file
@var{file} must be either a file on the host, or @code{nil}. The
function must return a list of (@var{user} @var{host}), which are
taken as candidates for completion for user and host names.
Example:
@example
@group
(my-tramp-parse "~/.my-tramp-hosts")
@result{} ((nil "toto") ("daniel" "melancholia"))
@end group
@end example
@end defun
@node Password handling
@section Reusing passwords for several connections
@cindex passwords
To avoid repeated prompts for passwords, consider native caching
mechanisms, such as @command{ssh-agent} for @option{ssh}-like
methods, or @command{pageant} for @option{plink}-like methods.
@value{tramp} offers alternatives when native solutions cannot meet
the need.
@anchor{Using an authentication file}
@subsection Using an authentication file
@vindex auth-sources
The package @file{auth-source.el}, originally developed for No Gnus,
reads passwords from different sources, @xref{Help for users, ,
auth-source, auth}. The default authentication file is
@file{~/.authinfo.gpg}, but this can be changed via the user option
@code{auth-sources}.
@noindent
A typical entry in the authentication file:
@example
machine melancholia port scp login daniel password geheim
@end example
The port can take any @value{tramp} method (@pxref{Inline methods},
@pxref{External methods}). Omitting port values matches all
@value{tramp} methods. Domain and ports, as used in @value{tramp}
file name syntax, must be appended to the machine and login items:
@example
machine melancholia#4711 port davs login daniel%BIZARRE password geheim
@end example
For the methods @option{doas}, @option{sudo}, @option{sudoedit} and
@option{nspawn} the password of the user requesting the connection is
needed, and not the password of the target user@footnote{On the local
host, @code{run0} uses a graphical password agent.}. If these
connections happen on the local host, an entry with the local user and
local host is used:
@example
machine @var{host} port sudo login @var{user} password secret
@end example
@var{user} and @var{host} are the strings returned by
@code{(user-login-name)} and @code{(system-name)}. If one of these
methods is connected via a multi-hop (@pxref{Multi-hops}), the
credentials of the previous hop are used.
@vindex auth-source-save-behavior
If no proper entry exists, the password is read
interactively. After successful login (verification of the password),
Emacs offers to save a corresponding entry for further use by
@code{auth-source} backends which support this. This can be changed
by setting the user option @code{auth-source-save-behavior} to @code{nil}.
@vindex auth-source-debug
Set @code{auth-source-debug} to @code{t} to debug messages.
@vindex ange-ftp-netrc-filename
@strong{Note} that @file{auth-source.el} is not used for @option{ftp}
connections, because @value{tramp} passes the work to Ange FTP@. If
you want, for example, use your @file{~/.authinfo.gpg} authentication
file, you must customize @code{ange-ftp-netrc-filename}:
@lisp
(customize-set-variable 'ange-ftp-netrc-filename "~/.authinfo.gpg")
@end lisp
In case you do not want to use an authentication file for
@value{tramp} passwords, use connection-local variables
@ifinfo
(@pxref{Connection Variables, , , emacs})
@end ifinfo
like this:
@lisp
@group
(connection-local-set-profile-variables
'remote-without-auth-sources '((auth-sources . nil)))
@end group
@group
(connection-local-set-profiles
'(:application tramp) 'remote-without-auth-sources)
@end group
@end lisp
@anchor{Caching passwords}
@subsection Caching passwords
@value{tramp} can cache passwords as entered and reuse when needed for
the same user or host name independent of the access method.
@vindex auth-source-cache-expiry
@code{auth-source-cache-expiry}@footnote{It overrides
@code{password-cache-expiry}.} sets the duration (in seconds) the
passwords are remembered. Set @code{auth-source-cache-expiry} to
@code{nil} to disable expiration.
Cached passwords are never saved permanently nor can they extend
beyond the lifetime of the current Emacs session unless you confirm
this interactively.
@vindex auth-source-do-cache
Set @code{auth-source-do-cache} to @code{nil} to disable password caching.
For connections which use a session-timeout, like @option{sudo},
@option{doas} and @option{run0}, the password cache is expired by
@value{tramp} when the session expires (@pxref{Predefined connection
information}). However, this makes only sense if the password cannot
be retrieved from a persistent authentication file or store.
@node Connection caching
@section Reusing connection related information
@cindex caching
@vindex tramp-persistency-file-name
For faster initial connection times, @value{tramp} stores previous
connection properties in a file specified by the user option
@code{tramp-persistency-file-name}.
The default file name for @code{tramp-persistency-file-name} is
@file{~/.emacs.d/tramp}.
@value{tramp} reads this file during Emacs startup, and writes to it
when exiting Emacs. Delete this file for @value{tramp} to recreate a
new one on next Emacs startup.
Set @code{tramp-persistency-file-name} to @code{nil} to disable
storing connections persistently.
When @value{tramp} detects a change in the operating system version in
a remote host (via the command @command{uname -sr}), it flushes all
connection related information for that host and creates a new entry.
@node Predefined connection information
@section Setting own connection related information
For more precise customization, parameters specified by
@code{tramp-methods} can be overwritten manually.
@vindex tramp-connection-properties
Set @code{tramp-connection-properties} to manually override
@code{tramp-methods}. Properties in this list are in the form
@code{(@var{regexp} @var{property} @var{value})}. @var{regexp}
matches remote file names. Use @code{nil} to match all.
@var{property} is the property's name, and @var{value} is the
property's value.
@var{property} is any method specific parameter contained in
@code{tramp-methods}. The parameter key in @code{tramp-methods} is a
symbol name @code{tramp-<foo>}. To overwrite that property, use the
string @t{"<foo>"} for @var{property}. For example, this changes the
remote shell:
@lisp
@group
(add-to-list 'tramp-connection-properties
(list (regexp-quote "@trampfn{ssh,user@@randomhost.your.domain,}")
"remote-shell" "/bin/ksh"))
@end group
@group
(add-to-list 'tramp-connection-properties
(list (regexp-quote "@trampfn{ssh,user@@randomhost.your.domain,}")
"remote-shell-login" '("-")))
@end group
@end lisp
The parameters @code{tramp-remote-shell} and
@code{tramp-remote-shell-login} in @code{tramp-methods} now have new
values for the remote host.
@var{property} can also be any property found in
@code{tramp-persistency-file-name}.
@subsection Relevant connection properties to override
Not all connection properties need to be changed. The most relevant
properties are listed here:
@itemize
@item @t{"login-program"}
The property @t{"login-program"} stores the program to be used to
connect to the remote host. Sometimes, the program might have another
name on your host, or it might be located in another path. In this case,
you can overwrite the default value, which is special for every
connection method. It is used in all connection methods of
@file{tramp-sh.el}.
@item @t{"login-args"}
@t{"login-args"} specifies a list of lists of arguments to pass to
@t{"login-program"}. Read the docstring of @code{tramp-methods} how
to construct these lists.
@item @t{"remote-shell"}
This property tells @value{tramp} which remote shell to apply on the
remote host. It is used in all connection methods of
@file{tramp-sh.el}. The default value is @t{"/bin/sh"}.
@item @t{"remote-shell-login"}
A property to be used in conjunction with @t{"remote-shell"}. It
specifies, which shell argument triggers a login shell. Its default
value is @t{"-l"}, but some shells, like @command{ksh}, prefer
@t{"-"}.
@item @t{"session-timeout"}
All @file{tramp-sh.el} based methods accept the property
@t{"session-timeout"}. This is the time (in seconds) after a
connection is disabled for security reasons, and must be
reestablished. A value of @code{nil} disables this feature. Most of
the methods do not set this property except the @option{sudo},
@option{doas} and @option{run0} methods, which use predefined values.
@item @t{"~"}@*
@t{"~user"}
This is the home directory on the remote host. Setting this
connection property helps especially for methods which cannot expand
to a remote home directory, like @option{adb}, @option{rclone} and
@option{sshfs}. @ref{Home directories} for an example.
@item @t{"tmpdir"}
The temporary directory on the remote host. If not specified, the
default value is @t{"/data/local/tmp"} for the @option{adb} method,
@t{"/C$/Temp"} for the @option{smb} method, and @t{"/tmp"} otherwise.
@ref{Temporary directory}.
@item @t{"posix"}
Connections using the @option{smb} method check, whether the remote
host supports posix commands. If the remote host runs Samba, it
confirms this capability. However, some very old Samba versions have
errors in their implementation. In order to suppress the posix
commands for those hosts, the property @t{"posix"} should be set to
@code{nil}.
The default value of this property is @code{t} (not specified in
@code{tramp-methods}). If the remote host runs native MS Windows,
this property has no effect.
@item @t{"mount-point"}
The directory file name an @acronym{FUSE}-based file system is mounted
on. The default value of this property is
@t{"<TMP>/tramp.method.user@@host#port"} (not specified in
@code{tramp-methods}). @ref{Temporary directory}.
@item @t{"mount-args"}@*
@t{"copyto-args"}@*
@t{"moveto-args"}@*
@t{"about-args"}
These properties keep optional flags to the different @option{rclone}
operations. See their default values in @code{tramp-methods} if you
want to change their values.
@end itemize
@node Remote programs
@section How @value{tramp} finds and uses programs on the remote host
@value{tramp} requires access to and rights to several commands on
remote hosts: @command{ls}, @command{test}, @command{find} and
@command{cat}.
Besides there are other required programs for @ref{Inline methods} and
@ref{External methods} of connection.
To improve performance and accuracy of remote file access,
@value{tramp} uses @command{perl} (or @command{perl5}) and
@command{grep} when available.
@defopt tramp-remote-path
@code{tramp-remote-path} specifies which remote directory paths
@value{tramp} can search for @ref{Remote programs}.
@vindex tramp-default-remote-path
@value{tramp} uses standard defaults, such as @file{/bin} and
@file{/usr/bin}, which are reasonable for most hosts. To accommodate
differences in hosts and paths, for example, @file{/bin:/usr/bin} on
Debian GNU/Linux or
@file{/usr/xpg4/bin:/usr/ccs/bin:/usr/bin:/opt/developerstudio12.6/bin} on
Solaris, @value{tramp} queries the remote host with @command{getconf
PATH} and updates the symbol @code{tramp-default-remote-path}.
For instances where hosts keep obscure locations for paths for
security reasons, manually add such paths to local @file{.emacs} as
shown below for @value{tramp} to use when connecting.
@lisp
(add-to-list 'tramp-remote-path "/usr/local/perl/bin")
@end lisp
@vindex tramp-own-remote-path
Another way to find the remote path is to use the path assigned to the
remote user by the remote host. @value{tramp} does not normally retain
this remote path after login. However, @code{tramp-own-remote-path}
preserves the path value, which can be used to update
@code{tramp-remote-path}.
@lisp
(add-to-list 'tramp-remote-path 'tramp-own-remote-path)
@end lisp
@strong{Note} that this works only if your remote @command{/bin/sh}
shell supports the login argument @samp{-l}.
@end defopt
@code{tramp-remote-path} can also be set per host via connection-local
@ifinfo
variables, @xref{Connection Variables, , , emacs}.
@end ifinfo
@ifnotinfo
variables.
@end ifnotinfo
You can define your own search directories like this:
@lisp
@group
(connection-local-set-profile-variables
'remote-path-with-bin
'((tramp-remote-path . ("~/bin" tramp-default-remote-path))))
@end group
@group
(connection-local-set-profile-variables
'remote-path-with-apply-pub-bin
'((tramp-remote-path . ("/appli/pub/bin" tramp-default-remote-path))))
@end group
@group
(connection-local-set-profiles
'(:application tramp :machine "randomhost") 'remote-path-with-bin)
@end group
@group
(connection-local-set-profiles
'(:application tramp :user "anotheruser" :machine "anotherhost")
'remote-path-with-apply-pub-bin)
@end group
@end lisp
When remote search paths are changed, local @value{tramp} caches must
be recomputed. To force @value{tramp} to recompute afresh, call
@kbd{M-x tramp-cleanup-this-connection @key{RET}} or friends
(@pxref{Cleanup remote connections}).
@node Remote shell setup
@section Remote shell setup hints
@subsection Changing the default remote or local shell
@cindex zsh setup
By default, @value{tramp} uses the command @command{/bin/sh} for
starting a shell on the remote host. This can be changed by setting
the connection property @t{"remote-shell"}; @pxref{Predefined
connection information}. If you want, for example, use
@command{/usr/bin/zsh} on a remote host, you might apply
@lisp
@group
(add-to-list 'tramp-connection-properties
(list (regexp-quote "@trampfn{sshx,user@@host,}")
"remote-shell" "/usr/bin/zsh"))
@end group
@end lisp
This works only for connection methods which allow overriding the
remote login shell, like @option{sshx} or @option{plink}. See
@ref{Inline methods} and @ref{External methods} for connection methods
which support this.
@vindex tramp-sh-extra-args
This approach has also the advantage, that settings in
@code{tramp-sh-extra-args} will be applied. For @command{zsh}, the
trouble with the shell prompt due to set zle options will be avoided.
For @command{bash}, loading @file{~/.editrc} or @file{~/.inputrc} is
suppressed.
Similar problems can happen with the local shell @value{tramp} uses to
create a process. By default, it uses the command @command{/bin/sh}
for this, which could also be a link to another shell. In order to
overwrite this, you might apply
@vindex tramp-encoding-shell
@lisp
(customize-set-variable 'tramp-encoding-shell "/usr/bin/zsh")
@end lisp
This uses also the settings in @code{tramp-sh-extra-args}.
@vindex RemoteCommand@r{, ssh option}
@strong{Note}: If you use an @option{ssh}-based method for connection,
do @emph{not} set the @option{RemoteCommand} option in your
@command{ssh} configuration to something like @command{screen}. If
used, @option{RemoteCommand} must open an interactive shell on the
remote host. On the other hand, some @option{ssh}-based methods, like
@option{sshx} or @option{scpx}, silently overwrite a
@option{RemoteCommand} option of the configuration file.
@subsection Other remote shell setup hints
@cindex remote shell setup
@cindex @file{.profile} file
@cindex @file{.login} file
@cindex shell init files
@value{tramp} checks for the availability of standard programs in the
usual locations. Common tactics include successively trying
@command{test -e}, @command{/usr/bin/test -e}, and @command{/bin/test
-e}. @command{ls -d} is another approach. But these approaches do not
help with these new login patterns.
When @value{tramp} encounters two-factor logins or additional challenge
questions, such as entering birth date or security code or passphrase,
@value{tramp} needs a few more configuration steps to accommodate
them.
The difference between a password prompt and a passphrase prompt is
that the password for completing the login while the passphrase is
for authorizing access to local authentication information, such as
the ssh key.
There is no one configuration to accommodate all the variations in
login security, especially not the exotic ones. However, @value{tramp}
provides a few tweaks to address the most common ones.
@table @asis
@vindex tramp-shell-prompt-pattern
@item @code{tramp-shell-prompt-pattern}
@code{tramp-shell-prompt-pattern} is for remote login shell prompt,
which may not be the same as the local login shell prompt,
@code{shell-prompt-pattern}. Since most hosts use identical prompts,
@value{tramp} sets a similar default value for both prompts.
@vindex tramp-password-prompt-regexp
@item @code{tramp-password-prompt-regexp}
@vindex tramp-otp-password-prompt-regexp
@item @code{tramp-otp-password-prompt-regexp}
@vindex tramp-wrong-passwd-regexp
@item @code{tramp-wrong-passwd-regexp}
@value{tramp} uses @code{tramp-password-prompt-regexp} to
distinguish between prompts for passwords and prompts for passphrases.
By default, @code{tramp-password-prompt-regexp} handles the
detection in English language environments. See a localization
example below:
@lisp
@group
(customize-set-variable
'tramp-password-prompt-regexp
(concat
"^.*"
(regexp-opt
'("passphrase" "Passphrase"
;; English
"password" "Password"
;; Deutsch
"passwort" "Passwort"
;; Français
"mot de passe" "Mot de passe")
t)
".*:\0? *"))
@end group
@end lisp
@vindex password-word-equivalents
This user option is, by default, initialized from
@code{password-word-equivalents} when @value{tramp} is loaded, and it
is usually more convenient to add new passphrases to that user option
instead of altering this user option.
The user option @code{tramp-otp-password-prompt-regexp} has a similar
purpose, but for one-time passwords. Those passwords are not cached
by @value{tramp} for reuse.
Similar localization may be necessary for handling wrong password
prompts, for which @value{tramp} uses @code{tramp-wrong-passwd-regexp}.
@vindex tramp-terminal-type
@vindex TERM@r{, environment variable}
@item @code{tramp-terminal-type}
@value{tramp} uses the user option @code{tramp-terminal-type} to set
the remote environment variable @env{TERM} for the shells it runs.
By default, it is @t{"dumb"}, but this can be changed. A dumb
terminal is best suited to run the background sessions of
@value{tramp}. However, running interactive remote shells might
require a different setting. This can be achieved by tweaking the
@env{TERM} environment variable in @code{process-environment}.
@lisp
@group
(let ((process-environment
(cons "TERM=xterm-256color" process-environment)))
(shell))
@end group
@end lisp
@vindex TERM@r{, environment variable}
@vindex INSIDE_EMACS@r{, environment variable}
@item Determining a @value{tramp} session
Sometimes, it is needed to identify whether a shell runs under
@value{tramp} control. The setting of environment variable @env{TERM}
will help:
@example
@group
if test "$TERM" = "dumb"; then
@dots{}
fi
@end group
@end example
Another possibility is to check the environment variable
@env{INSIDE_EMACS}. Like for all subprocesses of Emacs, this is set
to the version of the parent Emacs
@ifinfo
process, @xref{Interactive Shell, , , emacs}.
@end ifinfo
@ifnotinfo
process.
@end ifnotinfo
@value{tramp} adds its own package version to this string, which can
be used for further tests in an inferior shell. The string of that
environment variable looks always like
@example
@group
echo $INSIDE_EMACS
@result{} 27.2,tramp:2.4.5
@end group
@end example
@cindex unix command @command{tset}
@cindex @command{tset} unix command
@item @command{tset} and other questions
To suppress inappropriate prompts for terminal type, @value{tramp}
sets the @env{TERM} environment variable before the remote login
process begins via the user option @code{tramp-terminal-type} (see
above). This will silence common @command{tset} related prompts.
@value{tramp}'s strategy for handling such prompts (commonly triggered
from login scripts on remote hosts) is to set the environment
variables so that no prompts interrupt the shell initialization
process.
@vindex tramp-actions-before-shell
An alternative approach is to configure @value{tramp} with strings
that can identify such questions using
@code{tramp-actions-before-shell}. Example:
@lisp
@group
(defconst my-tramp-prompt-regexp
"Enter the birth date of your mother:\\s-*"
"Regular expression matching my login prompt question.")
@end group
@group
(defun my-tramp-action (proc vec)
"Enter \"19000101\" in order to give a correct answer."
(save-window-excursion
(with-current-buffer (tramp-get-connection-buffer vec)
(tramp-message vec 6 "\n%s" (buffer-string))
(tramp-send-string vec "19000101"))))
@end group
@group
(add-to-list 'tramp-actions-before-shell
'(my-tramp-prompt-regexp my-tramp-action))
@end group
@end lisp
The regular expressions used in @code{tramp-actions-before-shell} must
match the end of the connection buffer. Due to performance reasons,
this search starts at the end of the buffer, and it is limited to 256
characters backwards.
@item Conflicting names for users and variables in @file{.profile}
When a user name is the same as a variable name in a local file, such
as @file{.profile}, then @value{tramp} may send incorrect values for
environment variables. To avoid incorrect values, change the local
variable name to something different from the user name. For example,
if the user name is @env{FRUMPLE}, then change the variable name to
@env{FRUMPLE_DIR}.
@item Non-Bourne commands in @file{.profile}
When the remote host's @file{.profile} is also used for shells other
than Bourne shell, then some incompatible syntaxes for commands in
@file{.profile} may trigger errors in Bourne shell on the host and may
not complete client's @value{tramp} connections.
One example of a Bourne shell incompatible syntax in @file{.profile}:
using @command{export FOO=bar} instead of @command{FOO=bar; export
FOO}. After remote login, @value{tramp} will trigger an error during
its execution of @command{/bin/sh} on the remote host because Bourne
shell does not recognize the export command as entered in
@file{.profile}.
Likewise, (@samp{~}) character in paths will cause errors because
Bourne shell does not do (@samp{~}) character expansions.
One approach to avoiding these incompatibilities is to make all
commands in @file{~/.shrc} and @file{~/.profile} Bourne shell
compatible so @value{tramp} can complete connections to that remote.
To accommodate using non-Bourne shells on that remote, use other
shell-specific config files. For example, bash can use
@file{~/.bash_profile} and ignore @file{.profile}.
@vindex INSIDE_EMACS@r{, environment variable}
@vindex SHELLNAME@r{, environment variable}
@vindex ESHELL@r{, environment variable}
@item Interactive shell prompt
@value{tramp} redefines the remote shell prompt internally for robust
parsing. This redefinition affects the looks of a prompt in an
interactive remote shell through commands, such as @kbd{M-x shell
@key{RET}}. Such prompts, however, can be reset to something more
readable and recognizable using these environment variables.
@value{tramp} sets the @env{INSIDE_EMACS} environment variable in the
startup script file @file{~/.emacs_SHELLNAME}.
@env{SHELLNAME} is @code{bash} or equivalent shell names. Change it by
setting the environment variable @env{ESHELL} in the @file{.emacs} as
follows:
@lisp
(setenv "ESHELL" "bash")
@end lisp
Then re-set the prompt string in @file{~/.emacs_SHELLNAME} as follows:
@example
@group
# Reset the prompt for remote @value{tramp} shells.
if [ "$@{INSIDE_EMACS/*tramp*/tramp@}" == "tramp" ] ; then
PS1="[\u@@\h \w]$ "
fi
@end group
@end example
@ifinfo
@xref{Interactive Shell, , , emacs}.
@end ifinfo
@cindex unix command @command{nc}
@cindex @command{nc} unix command
@item @command{busybox} / @command{nc}
@value{tramp}'s @option{nc} method uses the @command{nc} command to
install and execute a listener as follows (see @code{tramp-methods}):
@example
$ nc -l -p 42
@end example
The above command-line syntax has changed with @command{busybox}
versions. If @command{nc} refuses the @samp{-p} parameter, then
overwrite as follows:
@lisp
@group
(add-to-list 'tramp-connection-properties
`(,(regexp-quote "192.168.0.1")
"remote-copy-args" (("-l") ("%r"))))
@end group
@end lisp
@noindent
where @samp{192.168.0.1} is the remote host IP address
(@pxref{Predefined connection information}).
@end table
@node Ssh setup
@section Ssh setup hints
The most common @value{tramp} connection family is based on either
@command{ssh} or @command{scp} of OpenSSH, or @command{plink} or
@command{pscp} of PuTTY on MS Windows. In the following, some
configuration recommendations are given.
@subsection Using ssh config include for host name completion
@vindex Include@r{, ssh option}
@findex tramp-set-completion-function
@findex tramp-get-completion-function
OpenSSH configuration files can use an @option{Include} option for
further configuration files. Default @value{tramp} host name
completion ignores this option. However, you can configure this
yourself.
Given, your @file{~/.ssh/config} file contains the following option:
@example
Include ~/.ssh/conf.d/*
@end example
The following code snippet in your @file{.emacs} uses all files in
that directory for host name completion:
@lisp
@group
(tramp-set-completion-function
"ssh" (append (tramp-get-completion-function "ssh")
(mapcar (lambda (file) `(tramp-parse-sconfig ,file))
(directory-files
"~/.ssh/conf.d/"
'full directory-files-no-dot-files-regexp))))
@end group
@end lisp
This code snippet does it for the @option{ssh} method. If you replace
@t{"ssh"} by @t{"scp"}, it does it also for that method (or any other
method you like).
@subsection Detection of session hangouts
@vindex ServerAliveInterval@r{, ssh option}
@vindex ServerAliveCountMax@r{, ssh option}
@command{ssh} sessions on the local host hang when the network is
down. @value{tramp} cannot safely detect such hangs. OpenSSH can be
configured to kill such hangs with the following settings in
@file{~/.ssh/config}:
@example
@group
Host *
ServerAliveInterval 5
ServerAliveCountMax 2
@end group
@end example
The corresponding PuTTY configuration is in the @option{Connection}
entry, @option{Seconds between keepalives} option. Set this to 5.
PuTTY does not have a configuration option equivalent to OpenSSH's
@option{ServerAliveCountMax}.
@anchor{Using ssh connection sharing}
@subsection Using ssh connection sharing
@vindex ControlPath@r{, ssh option}
@vindex ControlPersist@r{, ssh option}
@value{tramp} uses the @option{ControlMaster=auto} OpenSSH option by
default, if possible. However, it overwrites @option{ControlPath}
settings when initiating @command{ssh} sessions. @value{tramp} does
this to fend off a stall if a master session opened outside the Emacs
session is no longer open. That is why @value{tramp} prompts for the
password again even if there is an @command{ssh} already open.
@vindex tramp-ssh-controlmaster-options
Some OpenSSH versions support a @option{ControlPersist} option, which
allows you to set the @option{ControlPath} provided the variable
@code{tramp-ssh-controlmaster-options} is customized as follows:
@lisp
@group
(customize-set-variable
'tramp-ssh-controlmaster-options
(concat
"-o ControlPath=/tmp/ssh-ControlPath-%%r@@%%h:%%p "
"-o ControlMaster=auto -o ControlPersist=yes"))
@end group
@end lisp
Note how @samp{%r}, @samp{%h} and @samp{%p} must be encoded as
@samp{%%r}, @samp{%%h} and @samp{%%p}.
@vindex tramp-use-connection-share
Using a predefined string in @code{tramp-ssh-controlmaster-options},
or puzzling an own string, happens only when user option
@code{tramp-use-connection-share} is set to @code{t}. If the
@file{~/.ssh/config} file is configured appropriately for the above
behavior, then any changes to @command{ssh} can be suppressed with
this @code{nil} setting:
@lisp
(customize-set-variable 'tramp-use-connection-share nil)
@end lisp
Sometimes, it is not possible to use OpenSSH's @option{ControlMaster}
option for remote processes. This could result in concurrent access
to the OpenSSH socket when reading data by different processes, which
could block Emacs. In this case, setting
@code{tramp-use-connection-share} to @code{suppress} disables shared
access. It is not needed to set this user option permanently to
@code{suppress}, binding the user option prior calling
@code{make-process} is sufficient. @value{tramp} does this for
esxample for compilation processes on its own.
@vindex ProxyCommand@r{, ssh option}
@vindex ProxyJump@r{, ssh option}
@code{tramp-use-connection-share} should also be set to @code{nil} or
@code{suppress} if you use the @option{ProxyCommand} or
@option{ProxyJump} options in your @command{ssh} configuration.
In order to use the @option{ControlMaster} option, @value{tramp} must
check whether the @command{ssh} client supports this option. This is
only possible on the local host, for the first hop. @value{tramp}
does not use this option on proxy hosts, therefore.
If you want to use this option also for the other hops, you must
configure @file{~/.ssh/config} on the proxy host:
@example
@group
Host *
ControlMaster auto
ControlPath tramp.%C
ControlPersist no
@end group
@end example
Check the @samp{ssh_config(5)} man page whether these options are
supported on your proxy host.
On MS Windows, @code{tramp-use-connection-share} is set to @code{nil}
by default, because the MS Windows and MSYS2 implementations of
@command{OpenSSH} do not support this option properly.
In PuTTY, you can achieve connection sharing in the
@option{Connection/SSH} entry, enabling the @option{Share SSH
connections if possible} option. @code{tramp-use-connection-share}
must be set to @code{nil}. If @code{tramp-use-connection-share} is
set to @code{t} or @code{suppress}, @command{plink} is called with the
option @option{-share} or @option{-noshare}, respectively.
@subsection Configure direct copying between two remote servers
@vindex tramp-use-scp-direct-remote-copying
@value{tramp} uses a temporary local copy when copying two files
between different remote hosts via external methods. This behavior is
due to authentication problems @value{tramp} cannot handle
sufficiently. However, for @option{scp} connections this can be
changed. When a file shall be copied between two different remote
hosts @samp{source} and @samp{target}, and
@itemize @minus
@item
User option @code{tramp-use-scp-direct-remote-copying} is non-@code{nil},
@item
Remote host @samp{source} doesn't use the @option{RemoteCommand}
option in @file{~/.ssh/config},
@item
Remote host @samp{target} shows the same host key when seen from the
local host and from host @samp{source}, and
@item
@command{scp} running on host @samp{source} can authenticate to host
@samp{target} without requiring a password,
@end itemize
@noindent
@value{tramp} applies direct remote copying between hosts
@samp{source} and @samp{target} like
@example
scp -p -T -R -q -r source:/path/to/file target:/path/to/another/file
@end example
This protects also your local temporary directory from overrun when
copying large files.
If these conditions do not apply, and
@code{tramp-use-scp-direct-remote-copying} is non-@code{nil}, the
option @samp{-3} is used instead of @samp{-R}.
@c FIXME
When @value{tramp} uses direct remote copying, password caches are not
consulted.
@subsection Issues with Cygwin and MS Windows ssh
@cindex cygwin, issues
@cindex ms Windows, issues
This section is incomplete. Please share your solutions.
@cindex ms windows and @command{ssh}
@cindex ms windows and @command{ssh-agent}
MS Windows' @command{ssh} does not open a remote TTY@. Use the method
@option{sshx} or @option{scpx} instead. Furthermore, it cannot read a
passphrase for ssh private keys. Use the MS @code{ssh-agent}.
@cindex method @option{sshx} with cygwin
@cindex @option{sshx} method with cygwin
Cygwin's @command{ssh} works only with a Cygwin version of Emacs. To
check for compatibility: type @kbd{M-x eshell @key{RET}}, and start
@kbd{ssh test.host @key{RET}}. Incompatibilities trigger this
message:
@example
Pseudo-terminal will not be allocated because stdin is not a terminal.
@end example
Some older versions of Cygwin's @command{ssh} work with the
@option{sshx} access method. Consult Cygwin's FAQ at
@uref{https://cygwin.com/faq/} for details.
@cindex cygwin and @command{fakecygpty}
@cindex @command{fakecygpty} and cygwin
On @uref{https://www.emacswiki.org/emacs/SshWithNTEmacs, the Emacs
Wiki} it is explained how to use the helper program
@command{fakecygpty} to fix this problem.
@cindex method @option{scpx} with cygwin
@cindex @option{scpx} method with cygwin
When using the @option{scpx} access method, Emacs may call
@command{scp} with MS Windows file naming, such as @file{c:/foo}. But
the version of @command{scp} that is installed with Cygwin does not
know about MS Windows file naming, which causes it to incorrectly look
for a host named @samp{c}.
A workaround: write a wrapper script for @option{scp} to convert
Windows file names to Cygwin file names.
@cindex cygwin and @command{ssh-agent}
@cindex @env{SSH_AUTH_SOCK} and emacs on ms windows
@vindex SSH_AUTH_SOCK@r{, environment variable}
When using the cygwin @command{ssh-agent} on MS Windows for
password-less interaction, @option{ssh} methods depend on the
environment variable @env{SSH_AUTH_SOCK}. But this variable is not
set when Emacs is started from a Desktop shortcut and authentication
fails.
One workaround is to use an MS Windows based SSH Agent, such as the
native MS @command{ssh-agent} or @command{Pageant}. The latter is
part of the PuTTY Suite of tools.
The fallback is to start Emacs from a shell.
@node FUSE setup
@section @acronym{FUSE} setup hints
The @acronym{FUSE} file systems are mounted by default at
@t{"<TMP>/tramp.method.user@@host#port"}.@footnote{@ref{Temporary
directory}} Method is either @t{"rclone"} or @t{"sshfs"}. The user
name and port number are optional. If the file system is already
mounted, it will be used as it is. If the mount point does not exist
yet, @value{tramp} creates this directory.
The mount point can be overwritten by the connection property
@t{"mount-point"}, @pxref{Predefined connection information}.
Example:
@lisp
@group
(add-to-list 'tramp-connection-properties
`(,(regexp-quote "@trampfn{sshfs,user@@host,}")
"mount-point"
,(expand-file-name "sshfs.user@@host" user-emacs-directory)))
@end group
@end lisp
@vindex tramp-fuse-unmount-on-cleanup
The user option @code{tramp-fuse-unmount-on-cleanup}, when set to
non-@code{nil}, controls, whether a mount point is unmounted on
connection cleanup or on Emacs exiting.
@anchor{Setup of rclone method}
@subsection @option{rclone} setup
@cindex rclone setup
The default arguments of the @command{rclone} operations
@command{mount}, @command{copyto}, @command{moveto} and
@command{about} are declared in the variable @code{tramp-methods} as
method specific parameters. Usually, they don't need to be overwritten.
If needed, these parameters can be overwritten as connection
properties @t{"mount-args"}, @t{"copyto-args"}, @t{"moveto-args"} and
@t{"about-args"}, @xref{Predefined connection information}. All of
them are list of strings.
Be careful changing @t{"--dir-cache-time"}, this could delay
visibility of files.
@anchor{Setup of sshfs method}
@subsection @option{sshfs} setup
@cindex sshfs setup
The method @option{sshfs} declares the mount arguments in the variable
@code{tramp-methods}, passed to the @command{sshfs} command. This is
a list of list of strings, and can be overwritten by the connection
property @t{"mount-args"}, @xref{Predefined connection information}.
Additionally, it declares also the arguments for running remote
processes, using the @command{ssh} command. These don't need to be
changed.
@node Android shell setup
@section Android shell setup hints
@cindex android shell setup for ssh
@value{tramp} uses the @option{adb} method to access Android devices.
Android devices provide a restricted shell access through an USB
connection. The local host must have the @command{adb} program
installed. Usually, it is sufficient to open the file
@file{@trampfn{adb,,/}}. Then you can navigate in the file system via
@code{dired}.
Alternatively, applications such as @code{Termux} or @code{SSHDroid}
that run @command{sshd} process on the Android device can accept any
@option{ssh}-based methods provided these settings are adjusted:
@itemize
@item
@command{sh} must be specified for remote shell since Android devices
do not provide @command{/bin/sh}. @command{sh} will then invoke
whatever shell is installed on the device with this setting:
@lisp
@group
(add-to-list 'tramp-connection-properties
(list (regexp-quote "192.168.0.26") "remote-shell" "sh"))
@end group
@end lisp
@noindent
where @samp{192.168.0.26} is the Android device's IP address.
(@pxref{Predefined connection information}).
@item
On the Android device the directory names are prefixed with an
application specific prefix, which is
@file{/data/data/com.termux/files/usr/bin} instead of @file{/usr/bin}
in the @code{Termux} case. You must adapt the file names in
@code{tramp-remote-path}, for example via connection-local
@ifinfo
settings (@pxref{Connection Variables, , , emacs}):
@end ifinfo
@ifnotinfo
settings:
@end ifnotinfo
@lisp
@group
(connection-local-set-profile-variables
'tramp-connection-local-termux-profile
`((tramp-remote-path
. ,(mapcar
(lambda (x)
(if (stringp x) (concat "/data/data/com.termux/files" x) x))
(copy-tree tramp-remote-path)))))
(connection-local-set-profiles
'(:application tramp :machine "192.168.0.26")
'tramp-connection-local-termux-profile)
@end group
@end lisp
@item
When the Android device is not @samp{rooted}, specify a writable
directory for temporary files:
@lisp
(add-to-list 'tramp-connection-properties
(list (regexp-quote "192.168.0.26")
"tmpdir" "/data/data/com.termux/files/home/tmp"))
@end lisp
@item
Open a remote connection with the command @kbd{C-x C-f
@trampfn{ssh,192.168.0.26#2222,} @key{RET}}, where @command{sshd} is
listening on port @samp{2222}.
To add a corresponding entry to the @file{~/.ssh/config} file
(recommended), use this:
@example
@group
Host android
HostName 192.168.0.26
User root
Port 2222
@end group
@end example
@noindent
To use the host name @samp{android} instead of the IP address shown in
the previous example, fix the connection properties as follows:
@lisp
@group
(add-to-list 'tramp-connection-properties
(list (regexp-quote "android") "remote-shell" "sh"))
(add-to-list 'tramp-connection-properties
(list (regexp-quote "android")
"tmpdir" "/data/data/com.termux/files/home/tmp"))
(connection-local-set-profiles
'(:application tramp :machine "android")
'tramp-connection-local-termux-profile)
@end group
@end lisp
@noindent
Open a remote connection with the more concise command @kbd{C-x C-f
@trampfn{ssh,android,} @key{RET}}.
@end itemize
@node Kubernetes setup
@section Kubernetes setup hints
With the @option{kubernetes} method, containers in Kubernetes pods can
be accessed. The host name is a pod name returned by @samp{kubectl
get pods}, or @samp{@var{container}.@var{pod}} if an explicit
container name shall be used. Otherwise, the first container in a pod
is used.
Sometimes, asynchronous processes for a host without a dedicated
container name show a warning like @samp{Defaulted container
"container1" out of: container1, container2}. This can be mitigated
by setting the pod annotation
@samp{kubectl.kubernetes.io/default-container} to a proper value
(@samp{container1} in this example).
@vindex tramp-kubernetes-context
@vindex tramp-kubernetes-namespace
@value{tramp} uses the default Kubernetes context and namespace. If
another context or namespace shall be used, configure the user options
@code{tramp-kubernetes-context} or @code{tramp-kubernetes-namespace},
respectively. An explicit @samp{%@var{namespace}} postfix in the host
name takes precedence.
@node Auto-save File Lock and Backup
@section Auto-save, File Lock and Backup configuration
@cindex auto-save
@cindex file-lock
@cindex backup
@vindex backup-directory-alist
To avoid @value{tramp} from saving backup files owned by @samp{root}
to locations accessible to others, default backup settings in
@code{backup-directory-alist} have to be altered.
Here's a scenario where files could be inadvertently exposed. Emacs
by default writes backup files to the same directory as the original
files unless changed to another location, such as
@file{~/.emacs.d/backups/}. Such a directory will also be used by
default by @value{tramp} when using, say, a restricted file
@file{@trampfn{su,root@@localhost,/etc/secretfile}}. The backup file
of the secretfile is now owned by the user logged in from
@value{tramp} and not @samp{root}.
When @code{backup-directory-alist} is @code{nil} (the default), such
problems do not occur.
To ``turn off'' the backup feature for remote files and stop
@value{tramp} from saving to the backup directory, use this:
@lisp
@group
(add-to-list 'backup-directory-alist
(cons tramp-file-name-regexp nil))
@end group
@end lisp
@noindent
Disabling backups can be targeted to just the @option{su} and
@option{sudo} methods:
@lisp
@group
(setq backup-enable-predicate
(lambda (name)
(and (normal-backup-enable-predicate name)
(not
(let ((method (file-remote-p name 'method)))
(when (stringp method)
(member method '("su" "sudo"))))))))
@end group
@end lisp
@vindex tramp-backup-directory-alist
Another option is to create better backup file naming with user and
host names prefixed to the file name. For example, transforming
@file{/etc/secretfile} to
@file{~/.emacs.d/backups/!su:root@@localhost:!etc!secretfile}, set the
@value{tramp} user option @code{tramp-backup-directory-alist} from
the existing user option @code{backup-directory-alist}.
Then @value{tramp} backs up to a file name that is transformed with a
prefix consisting of the DIRECTORY name. This file name prefixing
happens only when the DIRECTORY is an absolute local file name.
@noindent
Example:
@lisp
@group
(add-to-list 'backup-directory-alist
(cons "." "~/.emacs.d/backups/"))
(customize-set-variable
'tramp-backup-directory-alist backup-directory-alist)
@end group
@end lisp
@noindent
The backup file name of
@file{@trampfn{su,root@@localhost,/etc/secretfile}} would be
@ifset unified
@file{@trampfn{su,root@@localhost,~/.emacs.d/backups/!su:root@@localhost:!etc!secretfile~}}.
@end ifset
@ifset separate
@file{@trampfn{su,root@@localhost,~/.emacs.d/backups/![su!root@@localhost]!etc!secretfile~}}.
@end ifset
@vindex auto-save-file-name-transforms
Just as for backup files, similar issues of file naming affect
auto-saving remote files. Auto-saved files are saved in the directory
specified by the user option @code{auto-save-file-name-transforms}.
By default this is set to the local temporary directory. But in some
versions of Debian GNU/Linux, this points to the source directory
where the Emacs was compiled. Reset such values to a valid directory.
Set @code{auto-save-file-name-transforms} to @code{nil} to save
auto-saved files to the same directory as the original file.
@vindex tramp-auto-save-directory
Alternatively, set the user option @code{tramp-auto-save-directory}
to direct all auto saves to that location.
@c Since Emacs 30.
@vindex remote-file-name-inhibit-auto-save
If you want to suppress auto-saving of remote files at all, set user
option @code{remote-file-name-inhibit-auto-save} to non-@code{nil}.
@c Since Emacs 29.
@vindex remote-file-name-inhibit-auto-save-visited
An alternative to @code{auto-save-mode} is
@code{auto-save-visited-mode}. In this mode, auto-saving is identical
to explicit saving. If you want to disable this behavior for remote
files, set user option
@code{remote-file-name-inhibit-auto-save-visited} to non-@code{nil}.
@vindex lock-file-name-transforms
And still more issues to handle. File locks use a similar user option
as auto-save files, called @code{lock-file-name-transforms}. By
default this user option is @code{nil}, meaning to keep file locks in
the same directory as the original file.
If you change @code{lock-file-name-transforms} in order to keep file
locks for remote files somewhere else, you will lose Emacs's feature
to warn you, if a file is changed in parallel from different Emacs
sessions, or via different remote connections. Be careful with such
settings.
@vindex remote-file-name-inhibit-locks
Setting @code{remote-file-name-inhibit-locks} to non-@code{nil}
prevents the creation of remote lock files at all.
@vindex tramp-allow-unsafe-temporary-files
Per default, @value{tramp} asks for confirmation if a
@samp{root}-owned remote backup, auto-save or lock file has to be
written to your local temporary directory. If you want to suppress
this confirmation question, set user option
@code{tramp-allow-unsafe-temporary-files} to @code{t}.
@node Keeping files encrypted
@section Protect remote files by encryption
@cindex Encrypt remote directories
@strong{Note}: File encryption in @value{tramp} is experimental, don't
use it in production systems!
Sometimes, it is desirable to protect files located on remote
directories, like cloud storages. In order to do this, you might
instruct @value{tramp} to encrypt all files copied to a given remote
directory, and to decrypt such files when accessing. This includes
both file contents and file names.
@value{tramp} does this transparently. Although both files and file
names are encrypted on the remote side, they are accessible inside
Emacs as they wouldn't be transformed as such.
@cindex @command{encfs}
@cindex @command{encfsctl}
Internally, @value{tramp} uses the @command{encfs} package.
Therefore, this feature is available only if this package is installed
on the local host. @value{tramp} does not keep and @samp{encfs
mountpoint} permanently. Instead, it encrypts / decrypts files and
file names on the fly, using @command{encfsctl}.
@deffn Command tramp-crypt-add-directory name
This command marks the existing remote directory @var{name} for
encryption. Files in that directory and all subdirectories will be
encrypted before copying to, and decrypted after copying from that
directory. File and directory names will be also encrypted.
@end deffn
@defopt tramp-crypt-encfs-program
This is the name of the @command{encfsctl} program. If it isn't in
your @env{PATH} environment variable, you can set the absolute path
here.
@end defopt
@defopt tramp-crypt-encfs-option
If a remote directory is marked for encryption, it is initialized via
@command{encfs} the very first time a file in this directory is
accessed. This user option controls, which default @command{encfs}
configuration option will be selected, it can be @t{"--standard"}
or @t{"--paranoia"}. See the @samp{encfs(1)} man page for details.
However, @value{tramp} must adapt these configuration sets. The
@option{chainedNameIV} configuration option must be disabled; otherwise
@value{tramp} couldn't handle file name encryption transparently.
@end defopt
A password protected @option{encfs} configuration file is created the
very first time you access an encrypted remote directory. It is kept
in your @code{user-emacs-directory} with the url-encoded directory
name as part of the basename, and @file{encfs6.xml} as suffix. If
you, for example, mark the remote directory
@file{@trampfn{nextcloud,user@@host,/path/to/dir}} for encryption, the
configuration file is saved as
@file{tramp-%2Fnextcloud%3Auser%40host%3A%2Fpath%2Fto%2Fdir%2F.encfs6.xml}
in @code{user-emacs-directory}. Do not lose this file and the
corresponding password; otherwise there is no way to decrypt your
encrypted files.
@defopt tramp-crypt-save-encfs-config-remote
If this user option is non-@code{nil} (the default), the @option{encfs}
configuration file @file{.encfs6.xml} is also kept in the encrypted
remote directory. It depends on you, whether you regard the password
protection of this file as sufficient. The advantage would be, that
such a remote directory could be accessed by different Emacs sessions,
different users, without presharing the configuration file between the
users.
@end defopt
The command @command{encfsctl}, the workhorse for encryption /
decryption, needs the configuration file password every call.
Therefore, it is recommend to cache this password in Emacs. This can
be done using @code{auth-sources}, @pxref{Using an authentication file}.
An entry needs the url-encoded directory name as machine, your local
user name as user, and the password. The port is optional, if given
it must be the string @t{"crypt"}. The example above would require
the following entry in the authentication file (@t{"yourname"} is the
result of @code{(user-login-name)}):
@example
machine %2Fnextcloud%3Auser%40host%3A%2Fpath%2Fto%2Fdir%2F \
login yourname port crypt password geheim
@end example
If you use a remote file name with a quoted localname part, this
localname and the corresponding file will not be encrypted /
decrypted. If you have an encrypted remote directory
@file{@trampfn{nextcloud,user@@host,/path/to/dir}}, the command
@example
@kbd{C-x d @trampfn{nextcloud,user@@host,/path/to/dir}}
@end example
@noindent
will show the directory listing with the plain file names, and the
command
@example
@kbd{C-x d @trampfn{nextcloud,user@@host,/:/path/to/dir}}
@end example
@noindent
will show the directory listing with the encrypted file names, and
visiting a file will show its encrypted contents. However, it is
highly discouraged to mix encrypted and not encrypted files in the
same directory.
@deffn Command tramp-crypt-remove-directory name
This command should be used to indicate that files in @code{name}
should no longer be encrypted. Existing encrypted files and
subdirectories will remain encrypted.
@end deffn
@node Usage
@chapter Using @value{tramp}
@cindex using @value{tramp}
@value{tramp} operates transparently, accessing remote files as if
they are local. However, @value{tramp} employs a formalized remote
file naming syntax to perform its functions transparently. This
syntax consists of many parts specifying access methods,
authentication, host names, and file names. Ange FTP uses a similar
syntax.
@cindex type-ahead
Unlike opening local files in Emacs, which are instantaneous, opening
remote files in @value{tramp} is slower at first. Sometimes there is
a noticeable delay before the prompts for passwords or authentication
appear in the minibuffer. Hitting @kbd{@key{RET}} or other keys
during this gap will be processed by Emacs. This type-ahead facility
is a feature of Emacs that may cause missed prompts when using
@value{tramp}.
@menu
* File name syntax:: @value{tramp} file name conventions.
@ifset unified
* Change file name syntax:: Alternative file name syntax.
@end ifset
* File name completion:: File name completion.
* Ad-hoc multi-hops:: Declaring multiple hops in the file name.
* Home directories:: Expanding @file{~} to home directory.
* Remote processes:: Integration with other Emacs packages.
* Cleanup remote connections:: Cleanup remote connections.
* Renaming remote files:: Renaming remote files.
* Archive file names:: Access to files in file archives.
@end menu
@node File name syntax
@section @value{tramp} file name conventions
@cindex file name syntax
@cindex file name examples
@file{@trampfn{method,host,/path/to/file}} opens file @var{/path/to/file}
on the remote host @var{host}, using the method @var{method}.
@c We cannot use @trampfn{} in @item.
@table @file
@item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}.emacs
For the file @file{.emacs} located in the home directory, on the host
@samp{melancholia}, using method @option{ssh}.
@item @value{prefix}ssh@value{postfixhop}melancholia.danann.net@value{postfix}.emacs
For the file @file{.emacs} specified using the fully qualified domain name of
the host.
@item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}~/.emacs
For the file @file{.emacs} specified using the @file{~}, which is expanded.
@item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}~daniel/.emacs
For the file @file{.emacs} located in @samp{daniel}'s home directory
on the host, @samp{melancholia}. The @file{~<user>} construct is
expanded to the home directory of that user on the remote host.
@item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}/etc/squid.conf
For the file @file{/etc/squid.conf} on the host @samp{melancholia}.
@end table
@var{host} can take IPv4 or IPv6 address, as in
@file{@trampfn{ssh,127.0.0.1,.emacs}} or
@file{@trampfn{ssh,@value{ipv6prefix}::1@value{ipv6postfix},.emacs}}.
@ifset unified
For syntactical reasons, IPv6 addresses must be embedded in square
brackets @file{@value{ipv6prefix}} and @file{@value{ipv6postfix}}.
@end ifset
By default, @value{tramp} will use the current local user name as the
remote user name for log in to the remote host. Specifying a
different name using the proper syntax will override this default
behavior: @file{@trampfn{method,user@@host,path/to/file}}.
@file{@trampfn{ssh,daniel@@melancholia,.emacs}} is for file
@file{.emacs} in @samp{daniel}'s home directory on the host,
@samp{melancholia}, accessing via method @option{ssh}.
For specifying port numbers, affix @file{#<port>} to the host
name. For example: @file{@trampfn{ssh,daniel@@melancholia#42,.emacs}}.
All method, user name, host name, port number and local name parts are
optional, @xref{Default Method}, @xref{Default User}, @xref{Default Host}.
@ifset unified
For syntactical reasons, the default method must be indicated by the
pseudo method @file{-}.
@end ifset
@ifset unified
@node Change file name syntax
@section Alternative file name syntax
@cindex change file name syntax
@cindex alternative file name syntax
The syntax described in @ref{File name syntax} is the @code{default}
syntax, which is active after Emacs startup. However, this can be
changed.
@deffn Command tramp-change-syntax syntax
This command changes the syntax @value{tramp} uses for remote file
names. Beside the @code{default} value, @var{syntax} can be
@itemize
@cindex simplified syntax
@item @code{simplified}
This remote file name syntax is similar to the syntax used by Ange FTP@.
A remote file name has the form
@file{@value{prefix}user@@host@value{postfix}path/to/file}. The
@samp{user@@} part is optional, and the method is determined by
@ref{Default Method}.
@cindex separate syntax
@item @code{separate}
@clear unified
@set separate
@include trampver.texi
This remote file name syntax originated in the XEmacs text editor.
A remote file name has the form
@file{@trampfn{method,user@@host,path/to/file}}. The @samp{method}
and @samp{user@@} parts are optional.
@clear separate
@set unified
@include trampver.texi
@end itemize
@end deffn
@defvar tramp-file-name-regexp
This variable keeps a regexp which matches the selected remote file
name syntax. Its value changes after every call of
@code{tramp-change-syntax}. However, it is not recommended to use
this variable in external packages, a call of @code{file-remote-p} is
much more appropriate.
@ifinfo
@pxref{Magic File Names, , , elisp}.
@end ifinfo
@end defvar
@end ifset
@node File name completion
@section File name completion
@cindex file name completion
@value{tramp} can complete the following @value{tramp} file name
components: method names, user names, host names, and file names
located on remote hosts.
For example, type @kbd{C-x C-f @value{prefixwithspace} s @key{TAB}},
@value{tramp} completion choices show up as
@example
@group
@multitable @columnfractions .2 .2 .2 .2 .2
@item @c
sbin/ @tab @c
@value{prefixhop}scp@value{postfix} @tab @c
@value{prefixhop}scpx@value{postfix} @tab @c
@value{prefixhop}sftp@value{postfix} @tab @c
@value{prefixhop}sg@value{postfix}
@item @c
@value{prefixhop}smb@value{postfix} @tab @c
srv/ @tab @c
@value{prefixhop}ssh@value{postfix} @tab @c
@value{prefixhop}sshx@value{postfix} @tab @c
@value{prefixhop}su@value{postfix}
@item @c
@value{prefixhop}sudo@value{postfix} @tab @c
sys/
@end multitable
@end group
@end example
@samp{@value{prefixhop}ssh@value{postfixhop}} is a possible
completion for the respective method, and @samp{sbin/} stands for the
directory @file{/sbin} on your local host.
Type @kbd{s h @value{postfixhop}} for the minibuffer completion to
@samp{@value{prefix}ssh@value{postfixhop}}. Typing @kbd{@key{TAB}}
shows host names @value{tramp} extracts from @file{~/.ssh/config}
file, for example:
@example
@group
@multitable @columnfractions .5 .5
@item @c
@value{prefixhop}ssh@value{postfixhop}127.0.0.1@value{postfix} @tab @c
@value{prefixhop}ssh@value{postfixhop}192.168.0.1@value{postfix}
@item @c
@value{prefixhop}ssh@value{postfixhop}@value{ipv6prefix}::1@value{ipv6postfix}@value{postfix} @tab @c
@value{prefixhop}ssh@value{postfixhop}localhost@value{postfix}
@item @c
@value{prefixhop}ssh@value{postfixhop}melancholia.danann.net@value{postfix} @tab @c
@value{prefixhop}ssh@value{postfixhop}melancholia@value{postfix}
@end multitable
@end group
@end example
Choose a host from the above list and then continue to complete file
names on that host.
When the configuration (@pxref{Customizing Completion}) includes user
names, then the completion lists will account for the user names as well.
@vindex tramp-completion-use-auth-sources
Results from @code{auth-sources} search (@pxref{Using an
authentication file}) are added to the completion candidates. This
search could be annoying, for example due to a passphrase request of
the @file{~/.authinfo.gpg} authentication file. The user option
@code{tramp-completion-use-auth-sources} controls, whether such a
search is performed during completion.
@vindex tramp-completion-use-cache
Remote hosts previously visited or hosts whose connections are kept
persistently (@pxref{Connection caching}) will be included in the
completion lists. If you want to suppress this completion because
there are invalid entries in the persistency file, for example if the
host configuration changes often, or if you plug your laptop to
different networks frequently, you can set the user option
@code{tramp-completion-use-cache} to @code{nil}.
After remote host name completion comes completion of file names on
the remote host. It works the same as with local host file completion
except that killing with double-slash @file{//} kills only the file
name part of the @value{tramp} file name syntax. A triple-slash
stands for the default behavior.
@ifinfo
@xref{Minibuffer File, , , emacs}.
@end ifinfo
@noindent
Example:
@example
@group
@kbd{C-x C-f @trampfn{ssh,melancholia,/usr/local/bin//etc} @key{TAB}}
@print{} @trampfn{ssh,melancholia,/etc}
@kbd{C-x C-f @trampfn{ssh,melancholia,//etc} @key{TAB}}
@print{} @trampfn{ssh,melancholia,/etc}
@kbd{C-x C-f @trampfn{ssh,melancholia,/usr/local/bin///etc} @key{TAB}}
@print{} /etc
@end group
@end example
@node Ad-hoc multi-hops
@section Declaring multiple hops in the file name
@cindex multi-hop, ad-hoc
@cindex proxy hosts, ad-hoc
@value{tramp} file name syntax can accommodate ad-hoc specification of
multiple proxies without using @code{tramp-default-proxies-alist}
configuration setup (@pxref{Multi-hops}).
Each proxy is specified using the same syntax as the remote host
specification minus the file name part. Each hop is separated by a
@samp{|}. Chain the proxies from the starting host to the destination
remote host name and file name. For example, hopping over a single
proxy @samp{bird@@bastion} to a remote file on @samp{you@@remotehost}:
@example
@c @kbd{C-x C-f @trampfn{ssh@value{postfixhop}bird@@bastion|ssh,you@@remotehost,/path} @key{RET}}
@kbd{C-x C-f @value{prefix}ssh@value{postfixhop}bird@@bastion|@c
ssh@value{postfixhop}you@@remotehost@value{postfix}/path @key{RET}}
@end example
Each involved method must be an inline method (@pxref{Inline methods}).
@value{tramp} adds the ad-hoc definitions on the fly to
@code{tramp-default-proxies-alist} and is available for reuse during
that Emacs session. Subsequent @value{tramp} connections to the same
remote host can then use the shortcut form:
@samp{@trampfn{ssh,you@@remotehost,/path}}.
@defopt tramp-show-ad-hoc-proxies
If this user option is non-@code{nil}, ad-hoc definitions are kept in
remote file names instead of showing the shortcuts.
@lisp
(customize-set-variable 'tramp-show-ad-hoc-proxies t)
@end lisp
@end defopt
Ad-hoc definitions are removed from @code{tramp-default-proxies-alist}
via the command @kbd{M-x tramp-cleanup-all-connections @key{RET}}
(@pxref{Cleanup remote connections}).
@defopt tramp-save-ad-hoc-proxies
For ad-hoc definitions to be saved automatically in
@code{tramp-default-proxies-alist} for future Emacs sessions, set
@code{tramp-save-ad-hoc-proxies} to non-@code{nil}.
@lisp
(customize-set-variable 'tramp-save-ad-hoc-proxies t)
@end lisp
@end defopt
Ad-hoc proxies can take patterns @code{%h} or @code{%u} like in
@code{tramp-default-proxies-alist}. The following file name expands
to user @samp{root} on host @samp{remotehost}, starting with an
@option{ssh} session on host @samp{remotehost}:
@file{@trampfn{ssh@value{postfixhop}%h|su,remotehost,}}.
On the other hand, if a trailing hop does not specify a host name, the
host name of the previous hop is reused. Therefore, the following
file name is equivalent to the previous example:
@file{@trampfn{ssh@value{postfixhop}remotehost|su,,}}.
@defopt tramp-completion-multi-hop-methods
When this list includes the last method in a multi-hop connection, the
remote host will be queried for a list of completion candidates. This
can, for example, provide a list of running docker or podman
containers on the remote host.
@lisp
(customize-set-variable 'tramp-completion-multi-hop-methods
`(,tramp-docker-method ,tramp-podman-method))
@end lisp
@end defopt
A common use case for ad-hoc specifications is to visit a file or a
directory with proper permissions, for example with the @option{sudo}
method. The command @code{tramp-revert-buffer-with-sudo} supports
this.
@deffn Command tramp-revert-buffer-with-sudo
This command shows the current buffer with @option{sudo} permissions.
The buffer must either visit a file, or a directory
(@code{dired-mode}).
@end deffn
@defopt tramp-file-name-with-method
The method @code{tramp-revert-buffer-with-sudo} shows an alternate
buffer. It defaults to @option{sudo}, other valid methods are
@option{su}, @option{doas}, @option{run0}, and @option{ksu}.
@lisp
(customize-set-variable 'tramp-file-name-with-method "doas")
@end lisp
@end defopt
These methods apply the user @samp{root} as default. If another user
shall be taken, add a proper rule to the user option
@code{tramp-default-user-alist} (@pxref{Default User}):
@lisp
(add-to-list 'tramp-default-user-alist '("sudo" "remotehost" "admin"))
@end lisp
@subsection Using different proxies for the same destination
@strong{Note}: This feature is experimental, don't use it in
production systems!
Sometimes, it is needed to specify different proxies for the same
destination host name. This can happen for the same destination when
the local host is located in different networks over the time. This
can also happen when the remote destination is specified by the remote
same file name, although different hosts are meant depending on the
used proxy. A typical example are docker containers, which run on
different hosts under the same docker name.
When the user option @code{tramp-show-ad-hoc-proxies} is
non-@code{nil}, such ad-hoc multi-hop file names can be used in
parallel. In the following, on both remote hosts @samp{host1} and
@samp{host2} there is a docker container @samp{name}, respectively:
@example
@trampfn{ssh@value{postfixhop}user1@@host1|docker,name,}
@trampfn{ssh@value{postfixhop}user2@@host2|docker,name,}
@end example
If you use the shortened name @samp{@trampfn{docker,name,}}, the last
used proxy definition is expanded for.
@node Home directories
@section Expanding @file{~} to home directory
Home directories on remote hosts can be typed as tilde @file{~}. If
possible, they are expanded to the remote user's home directory on the
remote host. Example:
@example
@group
@trampfn{ssh,user@@host,~}
@result{} @trampfn{ssh,user@@host,/home/user}
@end group
@end example
This works in general for @option{ssh}-like methods, and for
@option{sudoedit}. These methods allow also the home directory
expansion for another user, like
@example
@group
@trampfn{sudoedit,,~otheruser}
@result{} @trampfn{sudoedit,root@@localhost,/home/otheruser}
@end group
@end example
For other methods, a home directory can be expanded only if supported.
This happens for example for the @option{sftp} method. Methods, which
require a share directory in the remote file name (@option{afp},
@option{smb}), use the value of this share directory as home
directory:
@example
@group
@trampfn{smb,user@@host,~}
@result{} @trampfn{smb,user@@host,/share}
@end group
@end example
Since @value{tramp} cannot know in advance which share directory is
intended to use, this expansion can be applied only when a share
directory has been used already.
The methods @option{adb}, @option{rclone} and @option{sshfs} do not
support home directory expansion at all. However, @value{tramp} keeps
the home directory in the cache. Therefore, those methods can be
configured to expand a home directory via a connection property,
@xref{Predefined connection information}. Example:
@lisp
@group
(add-to-list 'tramp-connection-properties
(list (regexp-quote "@trampfn{sshfs,user@@randomhost.your.domain,}")
"~user" "/home/user"))
@end group
@end lisp
When your remote file name does not contain a @samp{user} part, the
connection property @t{"~"} must be used instead.
@node Remote processes
@section Integration with other Emacs packages
@cindex @code{compile}
@cindex @code{recompile}
@value{tramp} supports starting new running processes on the remote
host for discovering remote file names. Emacs packages on the remote
host need no specific modifications for @value{tramp}'s use.
This type of integration does not work with the @option{ftp} method,
and does not support the pty association as specified in
@code{start-file-process}.
@code{process-file} and @code{start-file-process} work on the remote
host when the variable @code{default-directory} is remote:
@lisp
@group
(let ((default-directory "/ssh:remote.host:"))
(start-file-process "grep" (get-buffer-create "*grep*")
"/bin/sh" "-c" "grep -e tramp *"))
@end group
@end lisp
@vindex process-file-return-signal-string
For a local process, @code{process-file} returns either the exit code
of the process, or a string describing a signal, when the process has
been interrupted. Since it cannot be determined reliably whether a
remote process has been interrupted, @code{process-file} will always
returns the exit code for it. When the user option
@code{process-file-return-signal-string} is non-@code{nil},
@code{process-file} treats all exit codes greater than 128 as an
indication that the process has been interrupted, and returns a
corresponding string.
This remote process handling does not apply to @acronym{GVFS}
(@pxref{GVFS-based methods}) because the remote file system is mounted
on the local host and @value{tramp} accesses it by changing the
@code{default-directory}.
@value{tramp} starts a remote process when a command is executed in a
remote file or directory buffer. As of now, these packages have been
integrated to work with @value{tramp}: @file{shell.el},
@file{eshell.el}, @file{compile.el} (commands like @code{compile} and
@code{grep}) and @file{gud.el} (@code{gdb} or @code{perldb}).
@vindex INSIDE_EMACS@r{, environment variable}
@value{tramp} always modifies the @env{INSIDE_EMACS} environment
variable for remote processes. By default, this environment variable
shows the Emacs version. @value{tramp} adds its own version string,
so it looks like @samp{27.2,tramp:2.4.5.1}. However, other packages
might also add their name to this environment variable, like
@samp{27.2,comint,tramp:2.4.5.1}.
For @value{tramp} to find the command on the remote, it must be
accessible through the default search path as setup by @value{tramp}
upon first connection. Alternatively, use an absolute path or extend
@code{tramp-remote-path} (@pxref{Remote programs}):
@lisp
@group
(add-to-list 'tramp-remote-path "~/bin")
(add-to-list 'tramp-remote-path "/appli/pub/bin")
@end group
@end lisp
@vindex tramp-remote-process-environment
Customize user option @code{tramp-remote-process-environment} to
suit the remote program's environment for the remote host.
@code{tramp-remote-process-environment} is a list of strings
structured similar to @code{process-environment}, where each element
is a string of the form @samp{ENVVARNAME=VALUE}.
To avoid any conflicts with local host environment variables set
through local configuration files, such as @file{~/.profile}, use
@samp{ENVVARNAME=} to unset them for the remote environment.
@noindent
Use @code{add-to-list} to add entries:
@lisp
(add-to-list 'tramp-remote-process-environment "JAVA_HOME=/opt/java")
@end lisp
@vindex HISTORY@r{, environment variable}
Modifying or deleting already existing values in the
@code{tramp-remote-process-environment} list may not be feasible on
restricted remote hosts. For example, some system administrators
disallow changing @env{HISTORY} environment variable. To accommodate
such restrictions when using @value{tramp}, fix the
@code{tramp-remote-process-environment} by the following code in the
local @file{.emacs} file:
@lisp
@group
(let ((process-environment tramp-remote-process-environment))
(setenv "HISTORY" nil)
(setq tramp-remote-process-environment process-environment))
@end group
@end lisp
@vindex ENV@r{, environment variable}
Setting the @env{ENV} environment variable instructs some shells to
read an initialization file. By default, @value{tramp} disables
this. You can override this behavior by evaluating
@lisp
@group
(let ((process-environment tramp-remote-process-environment))
(setenv "ENV" "$HOME/.profile")
(setq tramp-remote-process-environment process-environment))
@end group
@end lisp
In addition to @code{tramp-remote-process-environment}, you can set
environment variables for individual remote process calls by
let-binding @code{process-environment}. @value{tramp} applies any
entries not present in the global default value of
@code{process-environment} (overriding
@code{tramp-remote-process-environment} settings, if they conflict).
For example:
@lisp
@group
(let ((process-environment (cons "HGPLAIN=1" process-environment)))
(process-file @dots{}))
@end group
@end lisp
@vindex HGPLAIN@r{, environment variable}
Let-binding in this way works regardless of whether the process to be
called is local or remote, since @value{tramp} would add just the
@env{HGPLAIN} setting and local processes would take whole value of
@code{process-environment} along with the new value of @env{HGPLAIN}.
For integrating other Emacs packages so @value{tramp} can execute
remotely, please file a bug report. @xref{Bug Reports}.
@subsection Running remote programs that create local X11 windows
@vindex DISPLAY@r{, environment variable}
To allow a remote program to create an X11 window on the local host,
set the @env{DISPLAY} environment variable for the remote host as
follows in the local @file{.emacs} file:
@lisp
@group
(add-to-list 'tramp-remote-process-environment
(format "DISPLAY=%s" (getenv "DISPLAY")))
@end group
@end lisp
@noindent
@code{(getenv "DISPLAY")} should return a recognizable name for the
local host that the remote host can redirect X11 window
interactions. If querying for a recognizable name is not possible for
whatever reason, then replace @code{(getenv "DISPLAY")} with a
hard-coded, fixed name. Note that using @samp{:0} for X11 display name
here will not work as expected.
@vindex ForwardX11@r{, ssh option}
@vindex ForwardX11Trusted@r{, ssh option}
An alternate approach is specify @option{ForwardX11 yes} or
@option{ForwardX11Trusted yes} in @file{~/.ssh/config} on the local
host. Furthermore, set @code{tramp-use-connection-share} to
@code{nil} (@pxref{Using ssh connection sharing}), in order to avoid
unwanted side effects.
@anchor{Managing remote shell history}
@subsection Managing remote shell history
@cindex shell history
@vindex tramp-histfile-override
@vindex HISTFILE@r{, environment variable}
@vindex HISTFILESIZE@r{, environment variable}
@vindex HISTSIZE@r{, environment variable}
Due to the remote shell saving tilde expansions triggered by
@value{tramp}, the shell history file is probably growing rapidly.
@value{tramp} can suppress this behavior with the user option
@code{tramp-histfile-override}. When set to @code{t}, environment
variable @env{HISTFILE} is unset, and environment variables
@env{HISTFILESIZE} and @env{HISTSIZE} are set to 0. Don't use this
with @command{bash} 5.0.0@: that version has a bug which
causes @command{bash} to die.
Alternatively, @code{tramp-histfile-override} can be a string.
The environment variable @env{HISTFILE} is then set to this file name. Be
careful if using @file{/dev/null}; this might result in undesired
results when using @command{bash} as remote shell.
Another approach is to completely disable @value{tramp}'s handling of
the @env{HISTFILE} by setting @code{tramp-histfile-override} to
@code{nil}. In this case, saving history can be turned off by putting
this shell code in @file{.bashrc} or @file{.kshrc}:
@example
@group
if [ -f $HOME/.sh_history ] ; then
/bin/rm $HOME/.sh_history
fi
if [ "$@{HISTFILE-unset@}" != "unset" ] ; then
unset HISTFILE
fi
if [ "$@{HISTSIZE-unset@}" != "unset" ] ; then
unset HISTSIZE
fi
@end group
@end example
For @option{ssh}-based method, add the following line to your
@file{~/.ssh/environment}:
@example
HISTFILE=/dev/null
@end example
@subsection Running @code{shell} on a remote host
@cindex @code{shell}
@vindex explicit-shell-file-name
@vindex shell-history-file-name
Set @code{explicit-shell-file-name} to the appropriate shell name
when using @value{tramp} between two hosts with different operating
systems, such as @samp{windows-nt} and @samp{gnu/linux}. This option
ensures the correct name of the remote shell program.
When @code{explicit-shell-file-name} is equal to @code{nil}, calling
@code{shell} interactively will prompt for a shell name.
You can use connection-local variables for setting different values
of @code{explicit-shell-file-name} for different remote hosts.
@ifinfo
@xref{Connection Variables, , , emacs}.
@end ifinfo
@lisp
@group
(connection-local-set-profile-variables
'remote-bash
'((explicit-shell-file-name . "/bin/bash")
(explicit-bash-args . ("-i"))))
@end group
@group
(connection-local-set-profile-variables
'remote-ksh
'((explicit-shell-file-name . "/bin/ksh")
(explicit-ksh-args . ("-i"))))
@end group
@group
(connection-local-set-profiles
'(:application tramp :protocol "ssh" :machine "localhost")
'remote-bash)
@end group
@group
(connection-local-set-profiles
`(:application tramp :protocol "sudo"
:user "root" :machine ,(system-name))
'remote-ksh)
@end group
@end lisp
The command @code{shell} reads the remote history file in order to to
initialize the history input ring. You can set the user option
@code{shell-history-file-name} in order to specify which remote
history file is taken, or whether to suppress this at all. It accepts
the same values as @code{tramp-histfile-override}, see @pxref{Managing
remote shell history}. @code{shell-history-file-name} accepts also
connection-local values in @code{shell} buffers.
@subsection Running @code{shell-command} on a remote host
@cindex @code{shell-command}
@code{shell-command} executes commands synchronously or asynchronously
on remote hosts and displays output in buffers on the local
host. Example:
@example
@group
@kbd{C-x C-f @trampfn{sudo,,} @key{RET}}
@kbd{M-& tail -f /var/log/syslog.log @key{RET}}
@end group
@end example
@command{tail} command outputs continuously to the local buffer whose
name is the value of the variable @code{shell-command-buffer-name-async}.
@kbd{M-x auto-revert-tail-mode @key{RET}} runs similarly showing
continuous output.
@vindex shell-file-name
@vindex shell-command-switch
@code{shell-command} uses the user option @code{shell-file-name} and
the variable @code{shell-command-switch} in order to determine which
shell to run. For remote hosts, their default values are
@file{/bin/sh} and @option{-c}, respectively (except for the
@option{adb} method, which uses @file{/system/bin/sh}). Like the
variables in the previous section, these variables can be changed via
connection-local variables.
@vindex async-shell-command-width
@vindex COLUMNS@r{, environment variable}
@value{tramp} cares about the user option
@code{async-shell-command-width} for asynchronous shell commands. It
specifies the number of display columns for command output. For
synchronous shell commands, a similar effect can be achieved by adding
the environment variable @env{COLUMNS} to
@code{tramp-remote-process-environment}.
@subsection Running @code{eshell} on a remote host
@cindex @code{eshell}
@value{tramp} is integrated into @file{eshell.el}, which enables
interactive eshell sessions on remote hosts at the command prompt.
You must add the module @code{eshell-tramp} to
@code{eshell-modules-list}. Here's a sample interaction after opening
@kbd{M-x eshell @key{RET}} on a remote host:
@example
@group
@b{~ $} cd @trampfn{sudo,,/etc} @key{RET}
@b{@trampfn{sudo,root@@host,/etc} $} hostname @key{RET}
host
@b{@trampfn{sudo,root@@host,/etc} $} id @key{RET}
uid=0(root) gid=0(root) groups=0(root)
@b{@trampfn{sudo,root@@host,/etc} $} find-file shadow @key{RET}
#<buffer shadow>
@b{@trampfn{sudo,root@@host,/etc} $}
@end group
@end example
@code{eshell} added custom @code{su} and @code{sudo} commands that set
the default directory correctly for the @file{*eshell*} buffer.
@value{tramp} silently updates @code{tramp-default-proxies-alist}
with an entry for this directory (@pxref{Multi-hops}):
@example
@group
@b{~ $} cd @trampfn{ssh,user@@remotehost,/etc} @key{RET}
@b{@trampfn{ssh,user@@remotehost,/etc} $} find-file shadow @key{RET}
File is not readable: @trampfn{ssh,user@@remotehost,/etc/shadow}
@b{@trampfn{ssh,user@@remotehost,/etc} $} sudo find-file shadow @key{RET}
#<buffer shadow>
@end group
@group
@b{@trampfn{ssh,user@@remotehost,/etc} $} su - @key{RET}
@b{@trampfn{su,root@@remotehost,/root} $} id @key{RET}
uid=0(root) gid=0(root) groups=0(root)
@b{@trampfn{su,root@@remotehost,/root} $}
@end group
@end example
@anchor{Running a debugger on a remote host}
@subsection Running a debugger on a remote host
@cindex @file{gud.el}
@cindex @code{gdb}
@cindex @code{perldb}
@file{gud.el} provides a unified interface to symbolic
@ifinfo
debuggers (@pxref{Debuggers, , , emacs}).
@end ifinfo
@ifnotinfo
debuggers.
@end ifnotinfo
@value{tramp} can run debug on remote hosts by calling @code{gdb}
with a remote file name:
@example
@group
@kbd{M-x gdb @key{RET}}
@b{Run gdb (like this):} gdb -i=mi @trampfn{ssh,host,~/myprog} @key{RET}
@end group
@end example
Since the remote @code{gdb} and @code{gdb-inferior} processes do not
belong to the same process group on the remote host, there will be a
warning, which can be ignored:
@example
&"warning: GDB: Failed to set controlling terminal: Operation not permitted\n"
@end example
@noindent
As consequence, there will be restrictions in I/O of the process to be
debugged.
Relative file names are based on the remote default directory. When
@file{myprog.pl} exists in @file{@trampfn{ssh,host,/home/user}}, valid
calls include:
@example
@group
@kbd{M-x perldb @key{RET}}
@b{Run perldb (like this):} perl -d myprog.pl @key{RET}
@end group
@end example
Just the local part of a remote file name, such as @command{perl -d
/home/user/myprog.pl}, is not possible.
Arguments of the program to be debugged must be literal, can take
relative or absolute paths, but not remote paths.
@subsection Running remote processes on MS Windows hosts
@cindex @command{winexe}
@cindex @command{powershell}
@command{winexe} runs processes on a remote MS Windows host, and
@value{tramp} can use it for @code{process-file} and
@code{start-file-process}.
@code{tramp-smb-winexe-program} specifies the local @command{winexe}
command. Powershell V2.0 on the remote host is required to run
processes triggered from @value{tramp}.
@code{explicit-shell-file-name} and @code{explicit-*-args} have to
be set properly so @kbd{M-x shell @key{RET}} can open a proper remote
shell on a MS Windows host. To open @command{cmd}, set it as follows:
@lisp
@group
(setq explicit-shell-file-name "cmd"
explicit-cmd-args '("/q"))
@end group
@end lisp
@noindent
To open @command{powershell} as a remote shell, use this:
@lisp
@group
(setq explicit-shell-file-name "powershell"
explicit-powershell-args '("-file" "-"))
@end group
@end lisp
@subsection Remote process connection type
@vindex process-connection-type
@vindex tramp-process-connection-type
Asynchronous processes behave differently based on whether they use a
pseudo tty or not. This is controlled by the variable
@code{process-connection-type}, which can be @code{t} or @code{pty}
(use a pseudo tty), or @code{nil} or @code{pipe} (don't use one).
@value{tramp} is based on running shells on the remote host, which
requires a pseudo tty. Therefore, it declares the variable
@code{tramp-process-connection-type}, which carries this information
for remote processes. Its default value is @code{t}, and there is no
need to change it. The name of the remote pseudo tty is returned by
the function @code{process-tty-name}.
If a remote process, started by @code{start-file-process}, should
@emph{not} use a pseudo tty, this can be requested by setting
@code{process-connection-type} to @code{nil} or @code{pipe}. There is
still a pseudo tty for the started process, but some terminal
properties are changed, like suppressing translation of carriage
return characters into newline.
The function @code{make-process} allows controlling this explicitly by
using the @code{:connection-type} keyword. If this keyword is not
used, the value of @code{process-connection-type} is applied instead.
@subsection Process properties of asynchronous remote processes
@cindex Asynchronous remote processes
When available, @value{tramp} adds process properties to process
objects of asynchronous properties. However, it is not guaranteed
that all these properties are set.
@itemize
@item @code{remote-tty}
This is the name of the terminal a @var{process} uses on the remote
host, i.e., it reads and writes on.
@item @code{remote-pid}
The process id of the command executed on the remote host. This is
used when sending signals remotely.
@item @code{remote-command}
The remote command which has been invoked via @code{make-process} or
@code{start-file-process}, a list of strings (program and its
arguments). This does not show the additional shell sugar
@value{tramp} makes around the commands, in order to see this you must
inspect @value{tramp} @ref{Traces and Profiles, traces}.
@end itemize
@findex list-system-processes
@findex process-attributes
The functions @code{list-system-processes} and
@code{process-attributes} return information about system processes on
the respective remote host. In order to retrieve this information,
they use the command @command{ps}, driven by the following constants:
@defvr Constant tramp-process-attributes-ps-args
This is a list of arguments (strings) @command{ps} is called with.
The default value is appropriate for GNU/Linux remote hosts.
@end defvr
@defvr Constant tramp-process-attributes-ps-format
This is a list of cons cells @code{(@var{key} . @var{type})} for
interpretation of the @command{ps} output. @var{key} is a key used in
the @code{process-attributes} output plus the key @code{pid}, and
@var{type} is the respective value returned by @command{ps}. It can
be
@multitable {@bullet{} @code{numberp}} {--- a string of @var{number} width, can contain spaces}
@item @bullet{} @code{numberp} @tab --- a number
@item @bullet{} @code{stringp} @tab --- a string without spaces
@item @bullet{} @var{number}
@tab --- a string of @var{number} width, can contain spaces
@item @bullet{} @code{nil} @tab --- a string until end of line
@end multitable
The default value is appropriate for GNU/Linux remote hosts.
@end defvr
If, for example, @code{tramp-process-attributes-ps-args} is declared
as @code{("-eww" "-o" "pid,euid,euser,egid,egroup,comm:40,state")},
the output of the respective @command{ps} command would look like
@smallexample
@group
PID EUID EUSER EGID EGROUP COMMAND S
1 0 root 0 root systemd S
1610 0 root 0 root NFSv4 callback S
@dots{}
@end group
@end smallexample
The corresponding @code{tramp-process-attributes-ps-format} has the value
@smallexample
@group
@code{((pid . numberp) (euid . numberp) (user . stringp)
(egid . numberp) (group . stringp) (comm . 40) (state . stringp))}
@end group
@end smallexample
@vindex tramp-adb-connection-local-default-ps-profile
@vindex tramp-adb-connection-local-default-ps-variables
@vindex tramp-connection-local-bsd-ps-profile
@vindex tramp-connection-local-bsd-ps-variables
@vindex tramp-connection-local-busybox-ps-profile
@vindex tramp-connection-local-busybox-ps-variables
@vindex tramp-connection-local-darwin-ps-profile
@vindex tramp-connection-local-darwin-ps-variables
The default values for @code{tramp-process-attributes-ps-args} and
@code{tramp-process-attributes-ps-format} can be overwritten by
connection-local variables.
@ifinfo
@xref{Connection Variables, , , emacs}.
@end ifinfo
This is already done by @value{tramp} for the @option{adb} method, see
@code{tramp-adb-connection-local-default-ps-profile} and
@code{tramp-adb-connection-local-default-ps-variables}.
There are three further predefined sets of connection-local variables
for remote BSD systems, for remote macOS systems, and for a remote
@command{ps} command implemented with @command{busybox}. These are
called @code{tramp-connection-local-*-ps-profile} and
@code{tramp-connection-local-*-ps-variables}. Use them like
@lisp
@group
(connection-local-set-profiles
'(:application tramp :machine "mybsdhost")
'tramp-connection-local-bsd-ps-profile)
@end group
@end lisp
@cindex @code{proced}
@vindex proced-show-remote-processes
If you want to see a listing of remote system processes when calling
@code{proced}, set user option @code{proced-show-remote-processes} to
non-@code{nil}, or invoke that command with a negative argument like
@kbd{C-u - M-x proced @key{RET}} when your buffer has a remote
@code{default-directory}.
@anchor{Improving performance of asynchronous remote processes}
@subsection Improving performance of asynchronous remote processes
@cindex Asynchronous remote processes
@findex make-process
@findex start-file-process
@value{tramp}'s implementation of @code{make-process} and
@code{start-file-process} requires a serious overhead for
initialization, every process invocation. This is needed for handling
interactive dialogs when connecting the remote host (like providing
a password), and initial environment setup.
Sometimes, this is not needed. Instead of starting a remote shell and
running the command afterwards, it is sufficient to run the command
directly. @value{tramp} supports this by an alternative
implementation of @code{make-process} and @code{start-file-process}.
This is triggered by the connection-local variable
@code{tramp-direct-async-process},
@ifinfo
@xref{Connection Variables, , , emacs},
@end ifinfo
which must be set to a non-@code{nil} value. Example:
@lisp
@group
(connection-local-set-profile-variables
'remote-direct-async-process
'((tramp-direct-async-process . t)))
@end group
@group
(connection-local-set-profiles
'(:application tramp :machine "remotehost")
'remote-direct-async-process)
@end group
@end lisp
This enables direct async processes for the host @samp{remotehost}.
If you want to enable direct async processes for all remote hosts
connected via the same method (e.g., @option{ssh}), use instead
@lisp
@group
(connection-local-set-profiles
'(:application tramp :protocol "ssh")
'remote-direct-async-process)
@end group
@end lisp
Using direct asynchronous processes in @value{tramp} is not possible,
if the remote host is connected via multiple hops
(@pxref{Multi-hops}). In this case, @value{tramp} falls back to its
classical implementation.
Furthermore, this approach has the following limitations:
@itemize
@item
It works only for some connection methods defined in
@file{tramp-adb.el}, @file{tramp-container.el}, @file{tramp-sh.el} and
@file{tramp-sshfs.el}.
@item
It does not support interactive user authentication. With
@option{ssh}-based methods, this can be avoided by using a password
agent like @command{ssh-agent}, using public key authentication, or
using @option{ControlMaster} options.
@item
It cannot be applied for @option{ssh}-based methods, which use the
@option{RemoteCommand} option.
@item
It cannot be killed via @code{interrupt-process}.
@item
It does not report the remote terminal name via @code{process-tty-name}.
@item
It does not set process property @code{remote-pid}.
@item
It fails, when the command is too long. This can happen on
directories with a long directory name, or when the remote @env{PATH}
and/or other environment variables, which must be set, are too long.
@end itemize
In order to gain even more performance, it is recommended to bind
@code{tramp-verbose} to 0 when running @code{make-process} or
@code{start-file-process}. Furthermore, you might set
@code{tramp-use-connection-share} to @code{nil} in order to bypass
@value{tramp}'s handling of the @option{ControlMaster} options, and
use your own settings in @file{~/.ssh/config}, @pxref{Using ssh
connection sharing}.
@c Since Emacs 30.
@strong{Note}: In previous @value{tramp} versions this was triggered
by the connection property @t{"direct-async-process"}. This is still
supported but deprecated, and it will be removed in a future
@value{tramp} version.
@node Cleanup remote connections
@section Cleanup remote connections
@cindex cleanup
@value{tramp} provides several ways to flush remote connections.
@deffn Command tramp-cleanup-connection vec &optional keep-debug keep-password
This command flushes all connection related objects. @var{vec} is the
internal representation of a remote connection. When called
interactively, this command lists active remote connections in the
minibuffer. Each connection is of the format
@file{@trampfn{method,user@@host,}}.
Flushing remote connections also cleans the password cache
(@pxref{Password handling}), file cache, connection cache
(@pxref{Connection caching}), and recentf
@ifinfo
cache (@pxref{File Conveniences, , , emacs}).
@end ifinfo
@ifnotinfo
cache.
@end ifnotinfo
It also deletes session timers (@pxref{Predefined connection
information}) and connection buffers.
If @var{keep-debug} is non-@code{nil}, the debug buffer is kept. A
non-@code{nil} @var{keep-password} preserves the password cache.
@end deffn
@deffn Command tramp-cleanup-this-connection
Flushes the current buffer's remote connection objects, the same as in
@code{tramp-cleanup-connection}.
@end deffn
@deffn Command tramp-cleanup-all-connections
Flushes all active remote connection objects, the same as in
@code{tramp-cleanup-connection}. This command removes also ad-hoc
proxy definitions (@pxref{Ad-hoc multi-hops}).
@end deffn
@deffn Command tramp-cleanup-all-buffers
Just as for @code{tramp-cleanup-all-connections}, all remote
connections and ad-hoc proxy definition are cleaned up in addition to
killing all buffers related to remote connections.
@end deffn
@deffn Command tramp-cleanup-some-buffers
Similar to @code{tramp-cleanup-all-buffers}, where all remote
connections and ad-hoc proxy definition are cleaned up. However,
additional buffers are killed only if one of the functions in
@code{tramp-cleanup-some-buffers-hook} returns @code{t}.
@end deffn
@defopt tramp-cleanup-some-buffers-hook
The functions in this hook determine, whether a remote buffer is
killed when @code{tramp-cleanup-some-buffers} is called. Per default,
remote buffers which are linked to a remote file, remote @code{dired}
buffers, and buffers related to a remote process are cleaned up.
@end defopt
@node Renaming remote files
@section Renaming remote files
@cindex save remote files
Sometimes, it is desirable to safe file contents of buffers visiting a
given remote host. This could happen for example, if the local host
changes its network integration, and the remote host is not reachable
anymore.
@deffn Command tramp-rename-files source target
Replace in all buffers the visiting file name from @var{source} to
@var{target}. @var{source} is a remote directory name, which can
contain also a localname part. @var{target} is the directory name
@var{source} is replaced with. Often, @var{target} is a remote
directory name on another host, but it can also be a local directory
name. If @var{target} has no local part, the local part from
@var{source} is used.
If @var{target} is @code{nil}, it is selected according to the first
match in @code{tramp-default-rename-alist}. If called interactively,
this match is offered as initial value for selection.
On all buffers, which have a @code{buffer-file-name} matching
@var{source}, this name is modified by replacing @var{source} with
@var{target}. This is applied by calling
@code{set-visited-file-name}. The new @code{buffer-file-name} is
prompted for modification in the minibuffer. The buffers are marked
modified, and must be saved explicitly.
If user option @code{tramp-confirm-rename-file-names} is @code{nil},
changing the file name happens without confirmation. This requires a
matching entry in @code{tramp-default-rename-alist}.
Remote buffers related to the remote connection identified by
@var{source}, which are not visiting files, or which are visiting
files not matching @var{source}, are not modified.
Interactively, @var{target} is selected from
@code{tramp-default-rename-alist} without confirmation if the prefix
argument is non-@code{nil}.
The remote connection identified by @var{source} is flushed by
@code{tramp-cleanup-connection}.
@end deffn
@deffn Command tramp-rename-these-files target
Replace visiting file names to @var{target}. The current buffer must
be related to a remote connection. In all buffers, which are visiting
a file with the same directory name, the buffer file name is changed.
Interactively, @var{target} is selected from
@code{tramp-default-rename-alist} without confirmation if the prefix
argument is non-@code{nil}.
@end deffn
@defopt tramp-default-rename-alist
The default target for renaming remote buffer file names. This is an
alist of cons cells @code{(source . target)}. The first matching item
specifies the target to be applied for renaming buffer file names from
source via @code{tramp-rename-files}. @code{source} is a regular
expression, which is used to match a remote file name. @code{target}
must be a directory name, which can be remote (including remote
directories which @value{tramp} infers by default, such as
@file{@trampfn{method,user@@host,}}).
@code{target} can contain the format specifiers @code{%m}, @code{%u},
or @code{%h}, which are replaced by the method name, user name, or host
name of @code{source} respectively when calling @code{tramp-rename-files}.
@code{source} can also be a Lisp form, which is evaluated. The result
must be a string (which is used as a regular expression to match) or
@code{nil}, which is interpreted as a regular expression which always
matches.
Example entries:
@lisp
@group
("@trampfn{ssh,badhost,/path/to/dir/}"
. "@trampfn{ssh,goodhost,/path/to/another/dir/}")
@end group
@end lisp
would trigger renaming of buffer file names on @samp{badhost} to
@samp{goodhost}, including changing the directory name.
@lisp
("@trampfn{ssh,.+\\\\.company\\\\.org,}" @c
. "@value{prefix}ssh@value{postfixhop}multi.hop|@c
ssh@value{postfixhop}%h@value{postfix}")
@end lisp
routes all connections to a host in @samp{company.org} via
@file{@trampfn{ssh,multi.hop,}}, which might be useful when using
Emacs outside the company network.
@lisp
(nil . "~/saved-files/%m:%u@@%h/")
@end lisp
saves all remote files locally, with a directory name including method
name, user name and host name of the remote connection.
@end defopt
@defopt tramp-confirm-rename-file-names
Whether renaming a buffer file name by @code{tramp-rename-files} or
@code{tramp-rename-these-files} must be confirmed.
@end defopt
@node Archive file names
@section Archive file names
@cindex file archives
@cindex archive file names
@cindex method archive
@cindex archive method
@value{tramp} offers also transparent access to files inside file
archives. This is possible only on hosts which have installed
@acronym{GVFS, the GNOME Virtual File System}, @pxref{GVFS-based
methods}. Internally, file archives are mounted via the
@acronym{GVFS} @option{archive} method.
A file archive is a regular file of kind @file{/path/to/dir/file.EXT}.
The extension @samp{.EXT} identifies the type of the file archive. To
examine the contents of an archive with Dired, open file name as if it
were a directory (i.e., open @file{/path/to/dir/file.EXT/}). A file
inside a file archive, called archive file name, has the name
@file{/path/to/dir/file.EXT/dir/file}.
Most of the @ref{Magic File Names, , magic file name operations,
elisp}, are implemented for archive file names, exceptions are all
operations which write into a file archive, and process related
operations. Therefore, functions like
@lisp
(copy-file "/path/to/dir/file.tar/dir/file" "/somewhere/else")
@end lisp
@noindent
work out of the box. This is also true for file name completion, and
for libraries like @code{dired} or @code{ediff}, which accept archive
file names as well.
@vindex tramp-archive-suffixes
File archives are identified by the file name extension @samp{.EXT}.
Since @acronym{GVFS} uses internally the library @code{libarchive(3)},
all suffixes, which are accepted by this library, work also for
archive file names. Accepted suffixes are listed in the constant
@code{tramp-archive-suffixes}. They are
@itemize
@cindex @file{7z} file archive suffix
@cindex file archive suffix @file{7z}
@item @samp{.7z} ---
7-Zip archives
@cindex @file{apk} file archive suffix
@cindex file archive suffix @file{apk}
@item @samp{.apk} ---
Android package kits
@cindex @file{ar} file archive suffix
@cindex file archive suffix @file{ar}
@item @samp{.ar} ---
UNIX archiver formats
@cindex @file{cab} file archive suffix
@cindex @file{CAB} file archive suffix
@cindex file archive suffix @file{cab}
@cindex file archive suffix @file{CAB}
@item @samp{.cab}, @samp{.CAB} ---
Microsoft Windows cabinets
@cindex @file{cpio} file archive suffix
@cindex file archive suffix @file{cpio}
@item @samp{.cpio} ---
CPIO archives
@cindex @file{crate} file archive suffix
@cindex file archive suffix @file{crate}
@item @samp{.crate} ---
Cargo (Rust) packages
@cindex @file{deb} file archive suffix
@cindex file archive suffix @file{deb}
@item @samp{.deb} ---
Debian packages
@cindex @file{depot} file archive suffix
@cindex file archive suffix @file{depot}
@item @samp{.depot} ---
HP-UX SD depots
@cindex @file{epub} file archive suffix
@cindex file archive suffix @file{epub}
@item @samp{.epub} ---
Electronic publications
@cindex @file{exe} file archive suffix
@cindex file archive suffix @file{exe}
@item @samp{.exe} ---
Self extracting Microsoft Windows EXE files
@cindex @file{iso} file archive suffix
@cindex file archive suffix @file{iso}
@item @samp{.iso} ---
ISO 9660 images
@cindex @file{jar} file archive suffix
@cindex file archive suffix @file{jar}
@item @samp{.jar} ---
Java archives
@cindex @file{lzh} file archive suffix
@cindex @file{LZH} file archive suffix
@cindex file archive suffix @file{lzh}
@cindex file archive suffix @file{LZH}
@item @samp{.lzh}, @samp{.LZH} ---
Microsoft Windows compressed LHA archives
@cindex @file{msu} file archive suffix
@cindex @file{MSU} file archive suffix
@cindex file archive suffix @file{msu}
@cindex file archive suffix @file{MSU}
@item @samp{.msu}, @samp{.MSU} ---
Microsoft Windows Update packages
@cindex @file{mtree} file archive suffix
@cindex file archive suffix @file{mtree}
@item @samp{.mtree} ---
BSD mtree format
@cindex @file{odb} file archive suffix
@cindex @file{odf} file archive suffix
@cindex @file{odg} file archive suffix
@cindex @file{odp} file archive suffix
@cindex @file{ods} file archive suffix
@cindex @file{odt} file archive suffix
@cindex file archive suffix @file{odb}
@cindex file archive suffix @file{odf}
@cindex file archive suffix @file{odg}
@cindex file archive suffix @file{odp}
@cindex file archive suffix @file{ods}
@cindex file archive suffix @file{odt}
@item @samp{.odb}, @samp{.odf}, @samp{.odg}, @samp{.odp}, @samp{.ods},
@samp{.odt} ---
OpenDocument formats
@cindex @file{pax} file archive suffix
@cindex file archive suffix @file{pax}
@item @samp{.pax} ---
Posix archives
@cindex @file{rar} file archive suffix
@cindex file archive suffix @file{rar}
@item @samp{.rar} ---
RAR archives
@cindex @file{rpm} file archive suffix
@cindex file archive suffix @file{rpm}
@item @samp{.rpm} ---
Red Hat packages
@cindex @file{shar} file archive suffix
@cindex file archive suffix @file{shar}
@item @samp{.shar} ---
Shell archives
@cindex @file{tar} file archive suffix
@cindex @file{tbz} file archive suffix
@cindex @file{tgz} file archive suffix
@cindex @file{tlz} file archive suffix
@cindex @file{txz} file archive suffix
@cindex @file{tzst} file archive suffix
@cindex file archive suffix @file{tar}
@cindex file archive suffix @file{tbz}
@cindex file archive suffix @file{tgz}
@cindex file archive suffix @file{tlz}
@cindex file archive suffix @file{txz}
@cindex file archive suffix @file{tzst}
@item @samp{.tar}, @samp{.tbz}, @samp{.tgz}, @samp{.tlz}, @samp{.txz},
@samp{.tzst} ---
(Compressed) tape archives
@cindex @file{warc} file archive suffix
@cindex file archive suffix @file{warc}
@item @samp{.warc} ---
Web archives
@cindex @file{xar} file archive suffix
@cindex file archive suffix @file{xar}
@item @samp{.xar} ---
macOS XAR archives
@cindex @file{xpi} file archive suffix
@cindex file archive suffix @file{xpi}
@item @samp{.xpi} ---
XPInstall Mozilla addons
@cindex @file{xps} file archive suffix
@cindex file archive suffix @file{xps}
@item @samp{.xps} ---
Open XML Paper Specification (OpenXPS) documents
@cindex @file{zip} file archive suffix
@cindex @file{ZIP} file archive suffix
@cindex file archive suffix @file{zip}
@cindex file archive suffix @file{ZIP}
@item @samp{.zip}, @samp{.ZIP} ---
ZIP archives
@end itemize
@vindex tramp-archive-compression-suffixes
File archives could also be compressed, identified by an additional
compression suffix. Valid compression suffixes are listed in the
constant @code{tramp-archive-compression-suffixes}. They are
@samp{.bz2}, @samp{.gz}, @samp{.lrz}, @samp{.lz}, @samp{.lz4},
@samp{.lzma}, @samp{.lzo}, @samp{.uu}, @samp{.xz}, @samp{.Z}, and
@samp{.zst}. A valid archive file name would be
@file{/path/to/dir/file.tar.gz/dir/file}. Even several suffixes in a
row are possible, like @file{/path/to/dir/file.tar.gz.uu/dir/file}.
@vindex tramp-archive-all-gvfs-methods
An archive file name can be a remote file name, as in
@file{/ftp:anonymous@@ftp.gnu.org:/gnu/tramp/tramp-2.4.5.tar.gz/INSTALL}.
Since all file operations are mapped internally to @acronym{GVFS}
operations, remote file names supported by @code{tramp-gvfs} perform
better, because no local copy of the file archive must be downloaded
first. For example, @samp{/sftp:user@@host:@dots{}} performs better
than the similar @samp{/scp:user@@host:@dots{}}. See the constant
@code{tramp-archive-all-gvfs-methods} for a complete list of
@code{tramp-gvfs} supported method names.
If @code{url-handler-mode} is enabled, archives can be visited via
URLs, like
@file{https://ftp.gnu.org/gnu/tramp/tramp-2.4.5.tar.gz/INSTALL}. This
allows complex file operations like
@lisp
@group
(progn
(url-handler-mode 1)
(ediff-directories
"https://ftp.gnu.org/gnu/tramp/tramp-2.4.4.tar.gz/tramp-2.4.4"
"https://ftp.gnu.org/gnu/tramp/tramp-2.4.5.tar.gz/tramp-2.4.5" ""))
@end group
@end lisp
It is even possible to access file archives in file archives, as
@lisp
@group
(progn
(url-handler-mode 1)
(find-file
"https://ftp.debian.org/debian/pool/main/c/coreutils/\
coreutils_8.28-1_amd64.deb/control.tar.gz/control"))
@end group
@end lisp
@vindex tramp-archive-enabled
In order to disable file archives, you can add the following form to
your init file:
@lisp
(customize-set-variable 'tramp-archive-enabled nil)
@end lisp
@node Bug Reports
@chapter Reporting Bugs and Problems
@cindex bug reports
@value{tramp}'s development team is actively engaged in solving bugs
and problems and looks to feature requests and suggestions.
@value{tramp}'s mailing list is the place for more advice and
information on working with @value{tramp}, solving problems,
discussing, and general discussions about @value{tramp}.
@value{tramp}'s mailing list is moderated but even non-subscribers can
post for moderator approval. Sometimes this approval step may take as
long as 48 hours due to public holidays.
@email{@value{tramp-bug-report-address}} is the mailing list.
Messages sent to this address go to all the subscribers. This is
@emph{not} the address to send subscription requests to.
To subscribe to the mailing list, visit:
@uref{https://lists.gnu.org/mailman/listinfo/tramp-devel/, the
@value{tramp} Mail Subscription Page}.
There is also a @acronym{Gmane} group, mirroring the mailing list.
Its name is @samp{gmane.emacs.tramp}.
@ifset installchapter
Before sending a bug report, run the test suite first @ref{Testing}.
@end ifset
@findex tramp-bug
Check if the bug or problem is already addressed in @xref{Frequently
Asked Questions}.
Run @kbd{M-x tramp-bug @key{RET}} to generate a buffer with details of
the system along with the details of the @value{tramp} installation.
Please include these details with the bug report.
The bug report must describe in as excruciating detail as possible the
steps required to reproduce the problem. These details must include
the setup of the remote host and any special or unique conditions that
exist.
Include a minimal test case that reproduces the problem. This will
help the development team find the best solution and avoid unrelated
detours.
To exclude cache-related problems, flush all caches before running the
test, @pxref{Cleanup remote connections}. Alternatively, and often
better for analysis, reproduce the problem in a clean Emacs session
started with @command{emacs -Q}. Then, @value{tramp} does not load
the persistency file (@pxref{Connection caching}), and it does not use
passwords from @file{auth-source.el} (@pxref{Password handling}). The
latter does not happen for the @option{sudoedit} method, otherwise it
would be unusable.
If you use the GNU ELPA version of @value{tramp}, you must load it
explicitly, because @command{emacs -Q} ignores installed ELPA
packages. Call (version number adapted)
@example
$ emacs -Q -l ~/.emacs.d/elpa/tramp-2.4.5.1/tramp-autoloads
@end example
When including @value{tramp}'s messages in the bug report, increase
the verbosity level to 6 (@pxref{Traces and Profiles, Traces}) in the
@file{~/.emacs} file before repeating steps to the bug. Include the
contents of the @file{*tramp/foo*} and @file{*debug tramp/foo*}
buffers with the bug report. Since those buffers could contain
non-@acronym{ASCII} characters which are relevant for analysis, append
the buffers as attachments to the bug report rather than placing them
inline. This is also needed in order to avoid line breaks getting added
or deleted during mail transfer.
If you send the message from Emacs, you are asked whether to append
these buffers to the bug report. If you use an external mail program,
you must save these buffers to files, and append them with that mail
program.
@strong{Note} that a verbosity level greater than 6 is not necessary at
this stage. Also note that with a verbosity level of 6 or greater, the
contents of files and directories will be included in the debug buffer.
Passwords typed in @value{tramp} will never be included there.
If you find, that using @value{tramp} with @command{emacs -Q} doesn't
cause any problem, you might check your init file for the suspicious
configuration by bisecting it. That is, comment out about half of the
init file, and check whether the problem still arises when calling
@command{emacs}. If yes, comment out half of the still active code.
Otherwise, comment out the active code, and uncomment the just
commented code.
Call @command{emacs}, again. Reiterate, until you find the suspicious
configuration.
@node Frequently Asked Questions
@chapter Frequently Asked Questions
@cindex frequently asked questions
@cindex FAQ
@itemize @bullet
@item
What is the official name - ``Tramp'' or ``@value{tramp}''?
The official name is ``Tramp''. This is used in comments, docstrings,
and everywhere speaking about @value{tramp}.
However, for historical reasons this is formatted as ``@@sc@{Tramp@}''
in the @value{tramp} manual.
@ifinfo
@pxref{Smallcaps, , , texinfo}.
@end ifinfo
So it looks different there.
@item
Where is the latest @value{tramp}?
@value{tramp} is available at the GNU URL:
@noindent
@uref{https://ftp.gnu.org/gnu/tramp/}
@noindent
@value{tramp}'s GNU project page is located here:
@noindent
@uref{https://savannah.gnu.org/projects/tramp/}
@item
Which systems does it work on?
The package works successfully on @w{Emacs 28}, @w{Emacs 29}, @w{Emacs
30}, and @w{Emacs 31}.
While Unix and Unix-like systems are the primary remote targets,
@value{tramp} has equal success connecting to other platforms, such as
MS Windows 7/8/10.
@item
How to speed up @value{tramp}?
@value{tramp} does many things in the background, some of which
depends on network speeds, response speeds of remote hosts, and
authentication delays. During these operations, @value{tramp}'s
responsiveness slows down. Some suggestions within the scope of
@value{tramp}'s settings include:
@itemize @minus
@item
Use an external method, such as @option{scp}, which are faster than
internal methods for large files.
@item
Keep the file @code{tramp-persistency-file-name}, which is where
@value{tramp} caches remote information about hosts and files. Caching
is enabled by default. Don't disable it.
@vindex remote-file-name-inhibit-cache
Set @code{remote-file-name-inhibit-cache} to @code{nil} if remote
files are not independently updated outside @value{tramp}'s control.
That cache cleanup will be necessary if the remote directories or
files are updated independent of @value{tramp}.
@item
Disable version control to avoid delays:
@lisp
@group
(setq vc-ignore-dir-regexp
(format "\\(%s\\)\\|\\(%s\\)"
vc-ignore-dir-regexp
tramp-file-name-regexp))
@end group
@end lisp
If this is too radical, because you want to use version control
remotely, trim @code{vc-handled-backends} to just those you care
about, for example:
@lisp
(setq vc-handled-backends '(SVN Git))
@end lisp
@vindex remote-file-name-inhibit-locks
@item
Disable file locks. Set @code{remote-file-name-inhibit-locks} to
@code{t} if you know that different Emacs sessions are not modifying
the same remote file.
@vindex remote-file-name-inhibit-auto-save
@item
Keep auto-save files local. This is already the default configuration
in Emacs, don't change it. If you want to disable auto-saving for
remote files at all, set @code{remote-file-name-inhibit-auto-save} to
@code{t}, but think about the consequences!
If you want to disable auto-saving just for selected connections, for
example due to security considerations, use connection-local variables
in order to set @code{buffer-auto-save-file-name}. If you, for
example, want to disable auto-saving for all @option{sudo}
connections, apply the following code.
@ifinfo
@xref{Connection Variables, , , emacs}.
@end ifinfo
@lisp
@group
(connection-local-set-profile-variables
'my-auto-save-profile
'((buffer-auto-save-file-name . nil)))
@end group
@group
(connection-local-set-profiles
'(:application tramp :protocol "sudo")
'my-auto-save-profile)
@end group
@end lisp
@vindex dired-check-symlinks
@item
Disable check for symbolic link validity in @code{dired} buffers.
Emacs fontifies symbolic links in @code{dired} buffers using the
@code{file-truename} operation. This can be slow. Since @w{Emacs
31}, there is a user option which suppresses this. It can be set
connection-local.
@ifinfo
@xref{Connection Variables, , , emacs}.
@end ifinfo
@lisp
@group
(connection-local-set-profile-variables
'my-dired-profile
'((dired-check-symlinks . nil)))
@end group
@group
(connection-local-set-profiles
'(:application tramp :machine "remotehost")
'my-dired-profile)
@end group
@end lisp
@item
Use direct asynchronous processes if possible.
@item
Suppress reading the remote history file in @code{shell}. Set
@code{shell-history-file-name} to @code{t}.
@item
Disable excessive traces. Set @code{tramp-verbose} to 3 or lower,
default being 3. Increase trace levels temporarily when hunting for
bugs.
@end itemize
@item
@value{tramp} does not connect to the remote host
Three main reasons for why @value{tramp} does not connect to the remote host:
@itemize @minus
@item
Unknown characters in the prompt
@value{tramp} needs a clean recognizable prompt on the remote host for
accurate parsing. Shell prompts that contain escape sequences for
coloring cause parsing problems. @ref{Remote shell setup} for
customizing prompt detection using regular expressions.
To check if the remote host's prompt is being recognized, use this
test: switch to @value{tramp} connection buffer @file{*tramp/foo*},
put the cursor at the top of the buffer, and then apply the following
expression:
@example
@kbd{M-: (re-search-forward (concat tramp-shell-prompt-pattern "$")) @key{RET}}
@end example
If the cursor has not moved to the prompt at the bottom of the buffer,
then @value{tramp} has failed to recognize the prompt.
When using zsh on remote hosts, disable zsh line editor because zsh
uses left-hand side and right-hand side prompts in parallel. Add the
following line to @file{~/.zshrc}:
@example
[[ $TERM == "dumb" ]] && unsetopt zle && PS1='$ ' && return
@end example
This uses the default value of @code{tramp-terminal-type}, @t{"dumb"},
as value of the @env{TERM} environment variable. If you want to use
another value for @env{TERM}, change @code{tramp-terminal-type} and
this line accordingly.
Alternatively, you can set the remote login shell explicitly. See
@ref{Remote shell setup} for discussion of this technique,
When using fish shell on remote hosts, disable fancy formatting by
adding the following to @file{~/.config/fish/config.fish}:
@example
@group
function fish_prompt
if test $TERM = "dumb"
echo "\$ "
else
@dots{}
end
end
@end group
@end example
When using WinSSHD on remote hosts, @value{tramp} does not recognize
the strange prompt settings.
A similar problem exist with the iTerm2 shell integration, which sends
proprietary escape codes when starting a shell. This can be
suppressed by changing the respective integration snippet in your
@file{~/.profile} like this:
@example
@group
[ $TERM = "dumb" ] || \
test -e "$@{HOME@}/.iterm2_shell_integration.bash" && \
source "$@{HOME@}/.iterm2_shell_integration.bash"
@end group
@end example
And finally, bash's readline should not use key bindings like
@samp{C-j} to commands. Disable this in your @file{~/.inputrc}:
@example
@group
$if term=dumb
# Don't bind Control-J or it messes up @value{tramp}.
$else
"\C-j": next-history
$endif
@end group
@end example
@item
Echoed characters after login
@value{tramp} suppresses echos from remote hosts with the
@command{stty -echo} command. But sometimes it is too late to suppress
welcome messages from the remote host containing harmful control
characters. Using @option{sshx} or @option{scpx} methods can avoid
this problem because they allocate a pseudo tty. @xref{Inline
methods}.
@vindex tramp-chunksize
@item
@value{tramp} stops transferring strings longer than 500 characters
Set @code{tramp-chunksize} to 500 to get around this problem, which is
related to faulty implementation of @code{process-send-string} on
HP-UX, FreeBSD and Tru64 Unix systems. Consult the documentation for
@code{tramp-chunksize} to see when this is necessary.
Set @code{file-precious-flag} to @code{t} for files accessed by
@value{tramp} so the file contents are checked using checksum by
first saving to a temporary file.
@ifinfo
@pxref{Saving Buffers, , , elisp}.
@end ifinfo
@lisp
@group
(add-hook
'find-file-hook
(lambda ()
(when (file-remote-p default-directory)
(set (make-local-variable 'file-precious-flag) t))))
@end group
@end lisp
@end itemize
@item
@value{tramp} fails in a chrooted environment
@vindex tramp-local-host-regexp
When connecting to a local host, @value{tramp} uses some internal
optimizations. They fail when Emacs runs in a chrooted environment.
In order to disable those optimizations, set user option
@code{tramp-local-host-regexp} to @code{nil}.
@item
@value{tramp} blocks Emacs at startup
@vindex remote-file-name-access-timeout
Some packages, like @file{desktop.el} or @file{recentf.el}, access
remote files when loaded. If the requested file is not accessible,
@value{tramp} could block. In order to check whether this could
happen, add a test via @code{access-file} with a proper timeout prior
to loading these packages:
@lisp
@group
(let ((remote-file-name-access-timeout 10))
(access-file "@file{@trampfn{method,user@@host,/path/to/file}}" "error"))
@result{} nil
@end group
@end lisp
The result @code{nil} means success. If the file is not accessible,
or if the underlying operations last too long, @code{access-file}
returns with an error.
The value of the timeout (10 seconds in the example) depends on your
preference and on the quality of the connection to the remote host.
If the connection to the remote host isn't established yet, and if
this requires an interactive password, the timeout check doesn't work
properly.
@c Since Emacs 30.
@strong{Note}: In recent versions of Emacs, both packages already
apply this check. You just need to customize
@code{remote-file-name-access-timeout} to the desired timeout (in
seconds).
@item
Does @value{tramp} support @acronym{SSH} security keys?
Yes. @command{OpenSSH} has added support for @acronym{FIDO} hardware
devices via special key types @option{*-sk}. @value{tramp} supports
the additional handshaking messages for them. This requires at least
@command{OpenSSH} 8.2, and a @acronym{FIDO} @acronym{U2F} or
@acronym{FIDO2} compatible security key, like yubikey, solokey,
nitrokey, or titankey.
@c @uref{https://docs.fedoraproject.org/en-US/quick-docs/using-yubikeys/}
@strong{Note} that there are reports on problems of handling FIDO2
(residential) keys by @command{ssh-agent}. As workaround, you might
disable @command{ssh-agent} for such keys.
@item
@value{tramp} does not connect to Samba or MS Windows hosts running
SMB1 connection protocol
@vindex tramp-smb-options
Recent versions of @command{smbclient} do not support old connection
protocols by default. In order to connect to such a host, add a
respective option:
@lisp
(add-to-list 'tramp-smb-options "client min protocol=NT1")
@end lisp
@strong{Note} that using a deprecated connection protocol raises
security problems, you should do it only if absolutely necessary.
@item
File name completion does not work with @value{tramp}
@acronym{ANSI} escape sequences from the remote shell may cause errors
in @value{tramp}'s parsing of remote buffers.
To test if this is the case, open a remote shell and check if the output
of @command{ls} is in color.
To disable @acronym{ANSI} escape sequences from the remote hosts,
disable @samp{--color=yes} or @samp{--color=auto} in the remote host's
@file{.bashrc} or @file{.profile}. Turn this alias on and off to see
if file name completion works.
@item
File name completion does not work in directories with large number of
files
This may be related to globbing, which is the use of shell's ability
to expand wild card specifications, such as @samp{*.c}. For
directories with large number of files, globbing might exceed the
shell's limit on length of command lines and hang. @value{tramp} uses
globbing.
To test if globbing hangs, open a shell on the remote host and then
run @command{ls -d * ..?* > /dev/null}.
When testing, ensure the remote shell is the same shell
(@command{/bin/sh}, @command{ksh} or @command{bash}), that
@value{tramp} uses when connecting to that host.
@item
How to get notified after @value{tramp} completes file transfers?
Make Emacs beep after reading from or writing to the remote host with
the following code in @file{~/.emacs}.
@vindex tramp-handle-write-region-hook
@vindex tramp-handle-file-local-copy-hook
@lisp
(add-hook 'tramp-handle-write-region-hook 'beep)
(add-hook 'tramp-handle-file-local-copy-hook 'beep)
@end lisp
@item
How to get a Visual Warning when working with @samp{root} privileges?
Host indication in the mode line?
@cindex @value{tramp} theme
@vindex tramp-theme-face-remapping-alist
Install @file{tramp-theme} from GNU ELPA via Emacs's Package Manager.
Enable it via @kbd{M-x load-theme @key{RET} tramp @key{RET}}. Further
customization is explained in user option
@code{tramp-theme-face-remapping-alist}.
@item
Remote host does not understand default options for directory listing
@vindex dired-listing-switches
Emacs computes the @command{dired} options based on the local host.
Since @w{Emacs 30}, these options can be set connection-local.
@ifinfo
@xref{Connection Variables, , , emacs}.
@end ifinfo
@lisp
@group
(connection-local-set-profile-variables
'my-dired-profile
'((dired-listing-switches . "-ahl")))
@end group
@group
(connection-local-set-profiles
'(:application tramp :machine "remotehost")
'my-dired-profile)
@end group
@end lisp
@vindex dired-actual-switches
In older Emacsen, you can set the @command{dired} options with a hook
as follows:
@lisp
@group
(add-hook
'dired-before-readin-hook
(lambda ()
(when (string-equal
(file-remote-p default-directory 'host) "remotehost")
(setq dired-actual-switches "-ahl"))))
@end group
@end lisp
@item
@value{tramp} does not show directories or files although they are
readable
@vindex tramp-use-file-attributes
Internally, @value{tramp} uses commands like @command{ls} or
@command{stat} in order to determine file permissions. When
@acronym{NFS4_ACL} is enabled on the remote host, more fine-grained
information is used which cannot be reflected by the permission string
returned from those commands. Set the user option
@code{tramp-use-file-attributes} to @code{nil} in such a case. This
can also be set host-wise, like in:
@lisp
@group
(connection-local-set-profile-variables
'my-file-attributes-profile
'((tramp-use-file-attributes . nil)))
@end group
@group
(connection-local-set-profiles
'(:application tramp :machine "remotehost")
'my-file-attributes-profile)
@end group
@end lisp
@item
Where are remote files trashed to?
@vindex remote-file-name-inhibit-delete-by-moving-to-trash
Emacs can trash files instead of deleting
@ifinfo
them, @pxref{Misc File Ops, Trashing , , emacs}.
@end ifinfo
@ifnotinfo
them.
@end ifnotinfo
Remote files are always trashed to the local trash, except the user
option @code{remote-file-name-inhibit-delete-by-moving-to-trash} is
non-@code{nil}, or it is a remote encrypted file (@pxref{Keeping files
encrypted}), which are deleted anyway.
@c Since Emacs 30.
@vindex trash-directory
If you want to trash a remote file into a remote trash directory, you
can configure the user option @code{trash-directory} to a
connection-local value.
@ifinfo
@xref{Connection Variables, , , emacs}.
@end ifinfo
@lisp
@group
(connection-local-set-profile-variables
'remote-trash-directory
'((trash-directory . "/sudo::~/.local/share/Trash")))
@end group
@group
(connection-local-set-profiles
`(:application tramp :protocol "sudo" :machine ,system-name)
'remote-trash-directory)
@end group
@end lisp
If Emacs is configured to use the XDG conventions for the trash
directory, remote files cannot be restored with the respective tools,
because those conventions don't specify remote paths. Such files must
be restored by moving them manually from
@file{$@{XDG_DATA_HOME@}/Trash/files/}, if needed.
@item
How to shorten long file names when typing in @value{tramp}?
Adapt several of these approaches to reduce typing. If the full name
is @file{@trampfn{ssh,news@@news.my.domain,/opt/news/etc}}, then:
@enumerate
@item
Use simplified syntax:
If you always apply the default method (@pxref{Default Method}), you
can use the simplified @value{tramp} syntax (@pxref{Change file name
syntax}):
@lisp
@group
(customize-set-variable 'tramp-default-method "ssh")
(tramp-change-syntax 'simplified)
@end group
@end lisp
The reduced typing: @kbd{C-x C-f
@code{@value{prefix}news@@news.my.domain@value{postfix}/opt/news/etc}
@key{RET}}.
@item
Use default values for method name and user name:
You can define default methods and user names for hosts,
(@pxref{Default Method}, @pxref{Default User}):
@lisp
@group
(custom-set-variables
'(tramp-default-method "ssh")
'(tramp-default-user "news"))
@end group
@end lisp
The reduced typing: @kbd{C-x C-f
@trampfn{-,news.my.domain,/opt/news/etc} @key{RET}}.
@strong{Note} that there are some useful shortcuts already. Accessing
your local host as @samp{root} user, is possible just by @kbd{C-x C-f
@trampfn{su,,} @key{RET}}.
@item
Use configuration options of the access method:
Programs used for access methods already offer powerful configurations
(@pxref{Customizing Completion}). For @option{ssh}, configure the
file @file{~/.ssh/config}:
@example
@group
Host xy
HostName news.my.domain
User news
@end group
@end example
The reduced typing: @kbd{C-x C-f @trampfn{ssh,xy,/opt/news/etc} @key{RET}}.
Depending on the number of files in the directories, host names
completion can further reduce key strokes: @kbd{C-x C-f
@value{prefix}ssh@value{postfixhop}x @key{TAB}}.
@item
Use environment variables to expand long strings:
For long file names, set up environment variables that are expanded in
the minibuffer. Environment variables are set either outside Emacs or
inside Emacs with Lisp:
@lisp
(setenv "xy" "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}")
@end lisp
The reduced typing: @kbd{C-x C-f $xy @key{RET}}.
@strong{Note} that file name cannot be edited here because the
environment variables are not expanded during editing in the
minibuffer.
@item Define own keys:
Redefine another key sequence in Emacs for @kbd{C-x C-f}:
@lisp
@group
(global-set-key
[(control x) (control y)]
(lambda ()
(interactive)
(find-file
(read-file-name
"Find @value{tramp} file: "
"@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}"))))
@end group
@end lisp
Simply typing @kbd{C-x C-y} would prepare minibuffer editing of file
name.
See @uref{https://www.emacswiki.org/emacs/TrampMode, the Emacs Wiki}
for a more comprehensive example.
@item
Define own abbreviation (1):
Abbreviation list expansion can be used to reduce typing long file names:
@lisp
@group
(add-to-list 'directory-abbrev-alist
'("^/xy" . "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}"))
@end group
@end lisp
The reduced typing: @kbd{C-x C-f /xy @key{RET}}.
@strong{Note} that file name cannot be edited here because the
abbreviations are not expanded during editing in the minibuffer.
Furthermore, the abbreviation is not expanded during @key{TAB}
completion.
@item
Define own abbreviation (2):
The @code{abbrev-mode} gives additional flexibility for editing in the
minibuffer:
@lisp
@group
(define-abbrev-table 'my-tramp-abbrev-table
'(("xy" "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}")))
@end group
@group
(add-hook
'minibuffer-setup-hook
(lambda ()
(abbrev-mode 1)
(setq local-abbrev-table my-tramp-abbrev-table)))
@end group
@group
(advice-add 'minibuffer-complete
:before 'expand-abbrev)
@end group
@end lisp
The reduced typing: @kbd{C-x C-f xy @key{TAB}}.
The minibuffer expands for further editing.
@item Use bookmarks:
Use bookmarks to save @value{tramp} file names.
@ifinfo
@pxref{Bookmarks, , , emacs}.
@end ifinfo
Upon visiting a location with @value{tramp}, save it as a bookmark with
@kbd{@key{menu-bar} @key{edit} @key{bookmarks} @key{set}}.
To revisit that bookmark:
@kbd{@key{menu-bar} @key{edit} @key{bookmarks} @key{jump}}.
@item Use recent files:
@file{recentf} remembers visited places.
@ifinfo
@pxref{File Conveniences, , , emacs}.
@end ifinfo
Keep remote file names in the recent list without have to check for
their accessibility through remote access:
@lisp
(recentf-mode 1)
@end lisp
Reaching recently opened files: @kbd{@key{menu-bar} @key{file}
@key{Open Recent}}.
@item Use filecache:
Since @file{filecache} remembers visited places, add the remote
directory to the cache:
@lisp
@group
(with-eval-after-load 'filecache
(file-cache-add-directory
"@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}"))
@end group
@end lisp
Then use directory completion in the minibuffer with @kbd{C-x C-f
C-@key{TAB}}.
@item Use bbdb:
@file{bbdb} has a built-in feature for Ange FTP files, which also
works for @value{tramp} file names.
@ifinfo
@pxref{bbdb-ftp, Storing FTP sites in the BBDB, , bbdb}.
@end ifinfo
Load @file{bbdb} in Emacs:
@lisp
@group
(require 'bbdb)
(bbdb-initialize)
@end group
@end lisp
Create a BBDB entry with @kbd{M-x bbdb-create-ftp-site @key{RET}}.
Then specify a method and user name where needed. Examples:
@example
@group
@kbd{M-x bbdb-create-ftp-site @key{RET}}
@b{Ftp Site:} news.my.domain @key{RET}
@b{Ftp Directory:} /opt/news/etc/ @key{RET}
@b{Ftp Username:} ssh@value{postfixhop}news @key{RET}
@b{Company:} @key{RET}
@b{Additional Comments:} @key{RET}
@end group
@end example
In BBDB buffer, access an entry by pressing the key @kbd{F}.
@end enumerate
Thanks to @value{tramp} users for contributing to these recipes.
@item
Why saved multi-hop file names do not work in a new Emacs session?
When saving ad-hoc multi-hop @value{tramp} file names (@pxref{Ad-hoc
multi-hops}) via bookmarks, recent files, filecache, bbdb, or another
package, use the full ad-hoc file name including all hops, like
@file{@trampfn{ssh,bird@@bastion|ssh@value{postfixhop}@c
news.my.domain,/opt/news/etc}}.
Alternatively, when saving abbreviated multi-hop file names
@file{@trampfn{ssh,news@@news.my.domain,/opt/news/etc}}, the user
option @code{tramp-save-ad-hoc-proxies} must be set non-@code{nil}
value.
@item
How to connect to a remote Emacs session using @value{tramp}?
Configure Emacs Client
@ifinfo
(@pxref{Emacs Server, , , emacs}).
@end ifinfo
Then on the remote host, start the Emacs Server:
@lisp
@group
(require 'server)
(setq server-host (system-name)
server-use-tcp t)
(server-start)
@end group
@end lisp
If @code{(system-name)} of the remote host cannot be resolved on the
local host, use IP address instead.
Copy from the remote host the resulting file
@file{~/.emacs.d/server/server} to the local host, to the same
location.
Then start Emacs Client from the command line:
@example
$ emacsclient @trampfn{ssh,user@@host,/file/to/edit}
@end example
@code{user} and @code{host} refer to the local host.
To make Emacs Client an editor for other programs, use a wrapper
script @file{emacsclient.sh}:
@example
@group
#!/bin/sh
emacsclient @trampfn{ssh,$(whoami)@@$(hostname --fqdn),$1}
@end group
@end example
@vindex EDITOR@r{, environment variable}
Then change the environment variable @env{EDITOR} to point to the
wrapper script:
@example
$ export EDITOR=/path/to/emacsclient.sh
@end example
@item
How to determine whether a buffer is remote?
@findex file-remote-p
@vindex default-directory
The buffer-local variable @code{default-directory} tells this. If the
form @code{(file-remote-p default-directory)} returns non-@code{nil},
the buffer is remote. See the optional arguments of
@code{file-remote-p} for determining details of the remote connection.
@item
How to save files when a remote host isn't reachable anymore?
If the local machine Emacs is running on changes its network
integration, remote hosts could become unreachable. This happens, for
example, if the local machine is moved between your office and your
home without restarting Emacs.
In such cases, the command @code{tramp-rename-files} can be used to
alter remote buffers method, host, and/or directory names. This
permits saving their contents in the same location via another network
path, or somewhere else entirely (including locally). @pxref{Renaming
remote files}.
@item
How to prevent @value{tramp} from clearing the @code{recentf-list}?
When @value{tramp} cleans a connection, it removes the respective
remote file name(s) from @code{recentf-list}. This is needed, because
an unresponsive remote host could trigger @code{recentf} to connect
that host again and again.
If you find the cleanup disturbing, because the file names in
@code{recentf-list} are precious to you, you can add the following
two forms in your @file{~/.emacs} (after loading the @code{tramp} and
@code{recentf} packages):
@vindex tramp-cleanup-connection-hook
@vindex tramp-cleanup-all-connections-hook
@lisp
@group
(remove-hook
'tramp-cleanup-connection-hook
#'tramp-recentf-cleanup)
@end group
@group
(remove-hook
'tramp-cleanup-all-connections-hook
#'tramp-recentf-cleanup-all)
@end group
@end lisp
@item
I get a warning @samp{Tramp has been compiled with Emacs a.b, this is Emacs c.d}
@item
I get an error @samp{tramp-file-name-handler: Invalid function:
tramp-compat-with-mutex}
@value{tramp} comes with compatibility code for different Emacs
versions. When you see such a message (the text might differ), you
don't use the Emacs built-in version of @value{tramp}, and you must
recompile it. In case you have installed @value{tramp} from GNU ELPA,
@ifset installchapter
@xref{ELPA Installation}. Otherwise, @xref{Recompilation}.
@end ifset
@ifclear installchapter
see @uref{@value{trampurl}#ELPA-Installation}. Otherwise, see
@uref{@value{trampurl}#Recompilation}.
@end ifclear
@item
I get an error @samp{Remote file error: Forbidden reentrant call of Tramp}
@vindex remote-file-error
@vindex debug-ignored-errors
Timers, process filters and sentinels, and other event based functions
can run at any time, when a remote file operation is still running.
This can cause @value{tramp} to block. When such a situation is
detected, this error is triggered. It should be fixed in the
respective function (sending an error report will help), but for the
time being you can suppress this error by the following code in your
@file{~/.emacs}:
@lisp
@group
(setq debug-ignored-errors
(cons 'remote-file-error debug-ignored-errors))
@end group
@end lisp
@item
I get an error @samp{Remote file error: Not a valid Tramp file name
function `tramp-FOO-file-name-p'}
@value{tramp} has changed the signature of an internal function.
External packages implementing an own @value{tramp} backend must
follow this change. Please report this problem to the author of that
package.
For the running session, @value{tramp} disables the external package,
and you can continue to work. If you don't want to see this error
while activating @value{tramp}, you can suppress it by the same code
as above in your @file{~/.emacs}:
@lisp
@group
(setq debug-ignored-errors
(cons 'remote-file-error debug-ignored-errors))
@end group
@end lisp
@item
How to ignore errors when changing file attributes?
@vindex tramp-inhibit-errors-if-setting-file-attributes-fail
Sometimes, for example while saving remote files, errors appear when
changing file attributes like permissions, time stamps, or ownership.
If these errors can be ignored, set user option
@code{tramp-inhibit-errors-if-setting-file-attributes-fail} to a
non-@code{nil} value. This transforms the error into a warning.
@item
How to disable other packages from calling @value{tramp}?
There are packages that call @value{tramp} without the user ever
entering a remote file name. Even without applying a remote file
syntax, some packages enable @value{tramp} on their own. How can users
disable such features.
@itemize @minus
@item
@file{ido.el}
Disable @value{tramp} file name completion:
@lisp
(customize-set-variable 'ido-enable-tramp-completion nil)
@end lisp
@c Obsolete since Emacs 29.1.
@item
@file{rlogin.el}
Disable remote directory tracking mode:
@lisp
(rlogin-directory-tracking-mode -1)
@end lisp
@end itemize
@item
How to disable @value{tramp}?
@itemize @minus
@item
To keep Ange FTP as default the remote files access package, set this
in @file{.emacs}:
@lisp
(customize-set-variable 'tramp-default-method "ftp")
@end lisp
If you want to enable Ange FTP's syntax, add the following form:
@lisp
(tramp-change-syntax 'simplified)
@end lisp
@vindex tramp-ignored-file-name-regexp
@item
To deactivate @value{tramp} for some look-alike remote file names, set
@code{tramp-ignored-file-name-regexp} to a proper regexp in
@file{.emacs}. @strong{Note}, that we don't use
@code{customize-set-variable}, in order to avoid loading
@value{tramp}.
@lisp
(setq tramp-ignored-file-name-regexp "\\`/ssh:example\\.com:")
@end lisp
This is needed, if you mount for example a virtual file system on your
local host's root directory as @file{/ssh:example.com:}.
@findex inhibit-remote-files
@item
To disable both @value{tramp} (and Ange FTP), type @kbd{M-x
inhibit-remote-files @key{RET}}. You can also add this to your
@file{.emacs}.
@lisp
(inhibit-remote-files)
@end lisp
@findex without-remote-files
@item
If you write code, which is intended to run only for local files, you
can use the @code{without-remote-files} macro.
@lisp
(without-remote-files @dots{})
@end lisp
This improves performance, because many primitive file name operations
don't check any longer for @value{tramp} file name regexps then.
@findex tramp-unload-tramp
@item
To unload @value{tramp}, type @kbd{M-x tramp-unload-tramp @key{RET}}.
Unloading @value{tramp} resets Ange FTP plugins also.
@end itemize
@item
What is the difference between Ange FTP and @value{tramp}?
The difference is that Ange FTP uses @command{ftp} to transfer files
between the local and the remote host, whereas @value{tramp} uses a
combination of @command{ssh} and @command{scp} or other work-alike
programs.
@end itemize
@c For the developer.
@node Files directories and localnames
@chapter How file names, directories and localnames are mangled and managed
@menu
* Temporary directory:: Where temporary files are kept.
* Localname deconstruction:: Splitting a localname into its component parts.
* External packages:: Integrating with external Lisp packages.
* Extension packages:: Adding new methods to @value{tramp}.
@end menu
@node Temporary directory
@section Where temporary files are kept
@vindex temporary-file-directory
Internally, @value{tramp} uses @t{"~/.cache/emacs"}
as local temporary directory if it exists. Otherwise, the value of
@code{temporary-file-directory} is used, which is often @t{"/tmp"}.
@vindex tramp-compat-temporary-file-directory
@vindex <TMP>
This local temporary directory is kept in the constant
@code{tramp-compat-temporary-file-directory}. In this manual, we use
@t{"<TMP>"} for its value.
The temporary directory on a remote host is @t{"/data/local/tmp"} for
the @option{adb} method, @t{"/C$/Temp"} for the @option{smb} method,
and @t{"/tmp"} otherwise. For some methods, this can be customized.
@vindex tramp-temp-name-prefix
Temporary files have the file name prefix @t{"tramp."}. If you want
to change this prefix, for example because you want to identify
temporary files produced by @code{file-local-copy} in your package,
you can bind the variable @code{tramp-temp-name-prefix} temporarily:
@example
@group
(let ((tramp-temp-name-prefix "my-prefix."))
(file-local-copy "@trampfn{ssh,,.emacs}"))
@result{} "/tmp/my-prefix.HDfgDZ"
@end group
@end example
@node Localname deconstruction
@section Splitting a localname into its component parts
@value{tramp} package redefines lisp functions
@code{file-name-directory} and @code{file-name-nondirectory} to
accommodate the unique file naming syntax that @value{tramp} requires.
The replacements dissect the file name, use the original handler for
the localname, take that result, and then re-build the @value{tramp}
file name. By relying on the original handlers for localnames,
@value{tramp} benefits from platform specific hacks to the original
handlers.
@node External packages
@section Integrating with external Lisp packages
In general, it is not recommended to use @value{tramp} functions and
variables not described in this manual. They might change their
signature and/or semantics without any announcement.
@subsection File name completion
@vindex non-essential
Sometimes, it is not convenient to open a new connection to a remote
host, including entering the password and alike. For example, this is
nasty for packages providing file name completion. Such a package
could signal to @value{tramp}, that they don't want it to establish a
new connection. Use the variable @code{non-essential} temporarily and
bind it to non-@code{nil} value.
@lisp
@group
(let ((non-essential t))
@dots{})
@end group
@end lisp
@subsection File attributes cache
@vindex process-file-side-effects
Keeping a local cache of remote file attributes in sync with the
remote host is a time-consuming operation. Flushing and re-querying
these attributes can tax @value{tramp} to a grinding halt on busy
remote hosts.
To get around these types of slow-downs in @value{tramp}'s
responsiveness, set the @code{process-file-side-effects} to @code{nil}
to stop @value{tramp} from flushing the cache. This is helpful in
situations where callers to @code{process-file} know there are no file
attribute changes. The let-bind form to accomplish this:
@lisp
@group
(let (process-file-side-effects)
@dots{})
@end group
@end lisp
For asynchronous processes, @value{tramp} uses a process sentinel to
flush file attributes cache. When callers to @code{start-file-process}
know beforehand no file attribute changes are expected, then the
process sentinel should be set to the default state. In cases where
the caller defines its own process sentinel, @value{tramp}'s process
sentinel is overwritten. The caller can still flush the file
attributes cache in its process sentinel with this code:
@lisp
@group
(unless (memq (process-status proc) '(run open))
(dired-uncache remote-directory))
@end group
@end lisp
Since @value{tramp} traverses subdirectories starting with the
root directory, it is most likely sufficient to make the
@code{default-directory} of the process buffer as the root directory.
@subsection Timers, process filters, process sentinels, redisplay
@vindex remote-file-error
Timers run asynchronously at any time when Emacs is waiting for
sending a string to a process, or waiting for process output. They
can run any remote file operation, which would conflict with the
already running remote file operation, if the same connection is
affected. @value{tramp} detects this situation, and raises the
@code{remote-file-error} error. A timer function should avoid this
situation. As a minimum, it should protect itself against this error, by
wrapping the timer function body as follows:
@lisp
@group
(ignore-error 'remote-file-error
@dots{})
@end group
@end lisp
A similar problem could happen with process filters, process
sentinels, and redisplay (updating the mode line).
@node Extension packages
@section Adding new methods to @value{tramp}
There are two ways to add new methods to @value{tramp}: writing a new
backend including an own file name handler, or adding the new method,
using the existing @code{tramp-sh-file-name-handler}. The former
shall happen inside the @value{tramp} repository, and it isn't
discussed here. The latter means usually a new ELPA package.
@pxref{Customizing Methods} for some examples.
@subsection Writing an own ELPA package
An external ELPA package @file{foo-tramp.el}, which intends to
provide a new @value{tramp} method, say @option{foo}, must add this
new method to the variable @code{tramp-methods}. This variable is an
alist with elements @code{(@var{name} @var{param1} @var{param2}
@dots{})}.
@var{name} is the method name, @t{"foo"} in this case.
@var{param}@t{x} is a pair of the form @code{(@var{key} @var{value})}.
See the docstring of variable @code{tramp-methods} for possible
@var{key}s and @var{value}s. An example would be
@lisp
@group
(add-to-list
'tramp-methods
`("foo"
(tramp-login-program ,foo-tramp-executable)
(tramp-login-args (("exec") ("%h") ("--") ("su - %u")))
(tramp-remote-shell "/bin/sh")
(tramp-remote-shell-args ("-i" "-c"))))
@end group
@end lisp
@code{foo-tramp-executable} in this example would be a Lisp constant,
which is the program name of @command{foo}.
Another initialization could tell @value{tramp} which are the default
user and host name for method @option{foo}. This is done by calling
@code{tramp-set-completion-function}:
@lisp
@group
(tramp-set-completion-function
"foo"
'((tramp-foo--completion-function @var{arg})))
@end group
@end lisp
@code{tramp-foo--completion-function} is a function, which returns
completion candidates. @var{arg}, a string, is the argument for the
completion function, for example a file name to read from.
@pxref{Customizing Completion} for details.
Finally, it might also be helpful to define default user or host names
for method @option{foo}, in case a remote file name leaves them empty.
This can be performed by calling
@lisp
@group
(add-to-list 'tramp-default-user-alist '("foo" nil "root"))
(add-to-list 'tramp-default-host-alist '("foo" nil "localhost"))
@end group
@end lisp
@pxref{Default User} and @ref{Default Host} explaining the user options
@code{tramp-default-user-alist} and @code{tramp-default-host-alist}.
@subsection Making a customized method optional
The settings of the previous subsection are global in the package
@file{foo-tramp.el}, meaning they are activated when loading
@code{foo-tramp}. Sometimes, it is desired to make these settings
available without loading the whole package @code{foo-tramp}, but
declaring the new method @option{foo} as optional method only. In
this case, declare a function @code{tramp-enable-foo-method} which
collects the initialization. This function must be auto loaded.
@lisp
@group
;;;###autoload
(defun tramp-enable-foo-method ()
(add-to-list 'tramp-methods '("foo" @dots{}))
(tramp-set-completion-function "foo" @dots{})
(add-to-list 'tramp-default-user-alist '("foo" @dots{}))
(add-to-list 'tramp-default-host-alist '("foo" @dots{})))
@end group
@end lisp
Then, you can activate method @option{foo} by calling @kbd{M-x
tramp-enable-method @key{RET} foo @key{RET}}. @pxref{Optional methods}.
@subsection Activating a customized method without loading the package
If you want to make method @option{foo} known after loading
@value{tramp}, without loading the package @file{foo-tramp.el}, you
must autoload the implementation of function
@code{tramp-enable-foo-method}. Add the following code in
@file{foo-tramp.el}:
@lisp
@group
;;;###autoload
(progn
(defun tramp-enable-foo-method ()
(add-to-list 'tramp-methods '("foo" @dots{}))
(tramp-set-completion-function "foo" @dots{})
(add-to-list 'tramp-default-user-alist '("foo" @dots{}))
(add-to-list 'tramp-default-host-alist '("foo" @dots{}))))
;;;###autoload
(with-eval-after-load 'tramp (tramp-enable-method "foo"))
@end group
@end lisp
The trick is to wrap the function definition of
@code{tramp-enable-foo-method} with @code{progn} for the
@code{;;;###autoload} cookie.
@node Traces and Profiles
@chapter How to Customize Traces
@vindex tramp-verbose
@vindex tramp-debug-to-file
@vindex tramp-debug-command-messages
@value{tramp} messages are raised with verbosity levels ranging from 0
to 10. @value{tramp} does not display all messages; only those with a
verbosity level less than or equal to @code{tramp-verbose}.
@noindent
The verbosity levels are
@itemize @w{}
@item @w{ 0} Silent (no @value{tramp} messages at all)
@item @w{ 1} Errors
@item @w{ 2} Warnings
@item @w{ 3} Connection to remote hosts (default verbosity)
@item @w{ 4} Activities
@item @w{ 5} Internal
@item @w{ 6} Sent and received strings
@item @w{ 7} Connection properties
@item @w{ 8} File caching
@item @w{ 9} Test commands
@item @w{10} Traces (huge)
@item @w{11} Call traces (maintainer only)
@end itemize
With @code{tramp-verbose} greater than or equal to 4, messages are
also written to the @value{tramp} debug buffer @file{*debug
tramp/foo*}. Such debug buffers are essential to bug and problem
analyzes. For @value{tramp} bug reports, set the @code{tramp-verbose}
level to 6 (@pxref{Bug Reports}).
The debug buffer is in
@ifinfo
@ref{Outline Mode, , , emacs}.
@end ifinfo
@ifnotinfo
Outline Mode.
@end ifnotinfo
In this buffer, messages can be filtered by their level. To see
messages up to verbosity level 5, enter @kbd{C-u 6 C-c C-q}.
@ifinfo
Other navigation keys are described in
@ref{Outline Visibility, , , emacs}.
@end ifinfo
@value{tramp} handles errors internally. Hence, to get a Lisp backtrace,
the following settings are required:
@lisp
@group
(setq debug-on-error t
debug-on-signal t)
@end group
@end lisp
If @code{tramp-verbose} is greater than or equal to 10, Lisp
backtraces are also added to the @value{tramp} debug buffer in case of
errors.
In very rare cases it could happen, that @value{tramp} blocks Emacs.
Killing Emacs does not allow inspecting the debug buffer. In that
case, you can instruct @value{tramp} to mirror the debug buffer to
a file:
@lisp
(customize-set-variable 'tramp-debug-to-file t)
@end lisp
The debug buffer is written as a file in your @ref{Temporary
directory}. Use this option with care, because it could decrease the
performance of @value{tramp} actions.
If @code{tramp-verbose} is greater than or equal to 11, @value{tramp}
function call traces are written to the buffer @file{*trace tramp/foo*}.
When @code{tramp-debug-command-messages} is non-@code{nil}, the debug
buffer contains all messages with verbosity level 6 (sent and received
strings), and the entry and exit messages for the function
@code{tramp-file-name-handler}. This is intended for @value{tramp}
maintainers, analyzing the remote commands for performance analysis.
@node GNU Free Documentation License
@appendix GNU Free Documentation License
@include doclicense.texi
@node Function Index
@unnumbered Function Index
@printindex fn
@node Variable Index
@unnumbered Variable Index
@printindex vr
@node Concept Index
@unnumbered Concept Index
@printindex cp
@bye
@c TODO
@c
@c * Say something about the .login and .profile files of the remote
@c shells.
@c
@c * Explain how tramp.el works in principle: open a shell on a remote
@c host and then send commands to it.
@c
@c * Consistent small or capitalized words especially in menus.