\input texinfo @c -*- mode: texinfo; coding: utf-8 -*- @setfilename ../../info/tramp.info @c %**start of header @include docstyle.texi @c In the Tramp GIT, the version number and the bug report address @c are auto-frobbed from configure.ac. @include trampver.texi @settitle @value{tramp} @value{trampver} User Manual @c %**end of header @c This is *so* much nicer :) @footnotestyle end @copying Copyright @copyright{} 1999--2024 Free Software Foundation, Inc. @quotation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, with the Front-Cover Texts being ``A GNU Manual'', and with the Back-Cover Texts as in (a) below. A copy of the license is included in the section entitled ``GNU Free Documentation License''. (a) The FSF's Back-Cover Text is: ``You have the freedom to copy and modify this GNU manual.'' @end quotation @end copying @c Entries for @command{install-info} to use. We cannot use @value{tramp}. @dircategory Emacs network features @direntry * Tramp: (tramp). Transparent Remote Access, Multiple Protocol Emacs remote file access via ssh and scp. @end direntry @titlepage @title @value{tramp} @value{trampver} User Manual @author by Daniel Pittman @author based on documentation by Kai Großjohann @end titlepage @contents @node Top, Overview, (dir), (dir) @top @value{tramp} @value{trampver} User Manual This file documents @w{@value{tramp} @value{trampver}}, a remote file editing package for Emacs. @value{tramp} stands for ``Transparent Remote (file) Access, Multiple Protocol''. This package provides an easy, convenient, and consistent interface to editing remote files transparently, just as if they are local files. This extends to editing, version control, @code{dired}, and more. You can find the latest version of this document on the web at @uref{@value{trampurl}}. @ifhtml The latest release of @value{tramp} is available for @uref{https://ftp.gnu.org/gnu/tramp/, download}, or you may see @ref{Obtaining @value{tramp}} for more details, including the Git server details. @value{tramp} also has a @uref{https://savannah.gnu.org/projects/tramp/, Savannah Project Page}. @end ifhtml There is a mailing list for @value{tramp}, available at @email{@value{tramp-bug-report-address}}, and archived at @uref{https://lists.gnu.org/r/tramp-devel/, the @value{tramp} Mail Archive}. @page @insertcopying @menu * Overview:: What @value{tramp} can and cannot do. For the end user: * Obtaining @value{tramp}:: How to obtain @value{tramp}. @ifset installchapter * Installation:: Installing @value{tramp} with your Emacs. @end ifset * Quick Start Guide:: Short introduction how to use @value{tramp}. * Configuration:: Configuring @value{tramp} for use. * Usage:: An overview of the operation of @value{tramp}. * Bug Reports:: Reporting Bugs and Problems. * Frequently Asked Questions:: Questions and answers from the mailing list. For the developer: * Files directories and localnames:: How file names, directories and localnames are mangled and managed. * Traces and Profiles:: How to Customize Traces. * GNU Free Documentation License:: The license for this documentation. * Function Index:: @value{tramp} functions. * Variable Index:: User options and variables. * Concept Index:: An item for each concept. @detailmenu --- The Detailed Node Listing --- @c @ifset installchapter Installing @value{tramp} with your Emacs * System Requirements:: Prerequisites for @value{tramp} installation. * Basic Installation:: Installation steps. * Installation parameters:: Parameters in order to control installation. * Testing:: A test suite for @value{tramp}. * Load paths:: How to plug-in @value{tramp} into your environment. @end ifset Configuring @value{tramp} for use * Optional methods:: Optional methods which must be enabled first. * Connection types:: Types of connections to remote hosts. * Inline methods:: Inline methods. * External methods:: External methods. * GVFS-based methods:: @acronym{GVFS}-based external methods. * FUSE-based methods:: @acronym{FUSE}-based external methods. * Default Method:: Selecting a default method. * Default User:: Selecting a default user. * Default Host:: Selecting a default host. * Multi-hops:: Connecting to a remote host using multiple hops. * Firewalls:: Passing firewalls. * Customizing Methods:: Using Non-Standard Methods. * Customizing Completion:: Selecting config files for user/host name @c completion. * Password handling:: Reusing passwords for several connections. * Connection caching:: Reusing connection related information. * Predefined connection information:: Setting own connection related information. * Remote programs:: How @value{tramp} finds and uses programs @c on the remote host. * Remote shell setup:: Remote shell setup hints. * Ssh setup:: Ssh setup hints. * FUSE setup:: @acronym{FUSE} setup hints. * Android shell setup:: Android shell setup hints. * Kubernetes setup:: Kubernetes setup hints. * Auto-save File Lock and Backup:: Auto-save, File Lock and Backup. * Keeping files encrypted:: Protect remote files by encryption. Using @value{tramp} * File name syntax:: @value{tramp} file name conventions. @ifset unified * Change file name syntax:: Alternative file name syntax. @end ifset * File name completion:: File name completion. * Ad-hoc multi-hops:: Declaring multiple hops in the file name. * Home directories:: Expanding @file{~} to home directory. * Remote processes:: Integration with other Emacs packages. * Cleanup remote connections:: Cleanup remote connections. * Renaming remote files:: Renaming remote files. * Archive file names:: Access to files in file archives. How file names, directories and localnames are mangled and managed * Temporary directory:: Where temporary files are kept. * Localname deconstruction:: Breaking a localname into its components. * External packages:: Integration with external Lisp packages. @end detailmenu @end menu @node Overview @chapter An overview of @value{tramp} @cindex overview @value{tramp} is for transparently accessing remote files from within Emacs. @value{tramp} enables an easy, convenient, and consistent interface to remote files as if they are local files. @value{tramp}'s transparency extends to editing, version control, and @code{dired}. @value{tramp} can access remote hosts using any number of access methods, such as @command{ssh}, @command{scp}, @command{telnet}, and related programs. If these programs can successfully pass @acronym{ASCII} characters, @value{tramp} can use them. @value{tramp} does not require or mandate 8-bit clean connections. @value{tramp}'s most common access method is through @command{ssh}, a more secure alternative to @command{ftp} and other older access methods. @value{tramp} on MS Windows operating systems is integrated with the PuTTY package, and uses the @command{plink} program. @value{tramp} mostly operates transparently in the background using the connection programs. As long as these programs enable remote login and can use the terminal, @value{tramp} can adapt them for seamless and transparent access. @value{tramp} temporarily transfers a remote file's contents to the local host editing and related operations. @value{tramp} can also transfer files between hosts using standard Emacs interfaces, a benefit of direct integration of @value{tramp} in Emacs. @value{tramp} can transfer files using any number of available host programs for remote files, such as @command{rcp}, @command{scp}, @command{rsync} or (under MS Windows) @command{pscp}. @value{tramp} provides easy ways to specify these programs and customize them to specific files, hosts, or access methods. For faster small-size file transfers, @value{tramp} supports encoded transfers directly through the shell using @command{mimencode} or @command{uuencode} provided such tools are available on the remote host. @subsubheading @value{tramp} behind the scenes @cindex behind the scenes @cindex details of operation @cindex how it works Accessing a remote file through @value{tramp} entails a series of actions, many of which are transparent to the user. Yet some actions may require user response (such as entering passwords or completing file names). One typical scenario, opening a file on a remote host, is presented here to illustrate the steps involved: @kbd{C-x C-f} to initiate find-file, enter part of the @value{tramp} file name, then hit @kbd{@key{TAB}} for completion. If this is the first time connecting to that host, here's what happens: @itemize @item @value{tramp} invokes @samp{telnet @var{host}} or @samp{ssh -l @var{user} @var{host}} and establishes an external process to connect to the remote host. @value{tramp} communicates with the process through an Emacs buffer, which also shows output from the remote host. @item The remote host may prompt for a login name (for @command{telnet}, for example) in the buffer. If on the other hand, the login name was included in the file name portion, @value{tramp} sends the login name followed by a newline. @item The remote host may then prompt for a password or passphrase (for @command{ssh} or for @command{telnet}). @value{tramp} displays the password prompt in the minibuffer. @value{tramp} then sends whatever is entered to the remote host, followed by a newline. @item @value{tramp} now waits for either the shell prompt or a failed login message. If @value{tramp} does not receive any messages within a timeout period (a minute, for example), then @value{tramp} responds with an error message about not finding the remote shell prompt. If there are any messages from the remote host, @value{tramp} displays them in the buffer. For any @samp{login failed} message from the remote host, @value{tramp} aborts the login attempt, and repeats the login steps. @item Upon successful login, if @value{tramp} recognizes the shell prompt from the remote host, @value{tramp} prepares the shell environment by turning off echoing, setting the shell prompt, and other housekeeping chores. @strong{Note} that for the remote shell, @value{tramp} invokes @command{/bin/sh}. The remote host must recognize @samp{exec /bin/sh} and execute the appropriate shell. This shell must support Bourne shell syntax. @item @value{tramp} executes @command{cd} and @command{ls} commands to find which files exist on the remote host. @value{tramp} sometimes uses @command{echo} with globbing. @value{tramp} checks if a file or directory is writable with @command{test}. After each command, @value{tramp} parses the output from the remote host for completing the next operation. @item After remote file name completion, @value{tramp} transfers the file contents from the remote host. For inline transfers, @value{tramp} sends a command, such as @samp{mimencode -b /path/to/remote/file}, waits until the output has accumulated in the buffer, then decodes that output to produce the file's contents. For external transfers, @value{tramp} sends a command as follows: @example $ scp user@@host:/path/to/remote/file /tramp.4711 @end example @value{tramp} reads the local temporary file @file{/tramp.4711} into a buffer, and then deletes the temporary file.@footnote{@ref{Temporary directory}} @item Edit, modify, change the buffer contents as normal, and then save the buffer with @kbd{C-x C-s}. @item @value{tramp} transfers the buffer contents to the remote host in a reverse of the process using the appropriate inline or external program. @end itemize I hope this has provided you with a basic overview of what happens behind the scenes when you open a file with @value{tramp}. @c For the end user. @node Obtaining @value{tramp} @chapter Obtaining @value{tramp} @cindex obtaining @value{tramp} @cindex GNU ELPA @vindex tramp-version @value{tramp} is included as part of Emacs. @value{tramp} is also freely packaged for download on the Internet at @uref{https://ftp.gnu.org/gnu/tramp/}. The version number of @value{tramp} can be obtained by the variable @code{tramp-version}. For released @value{tramp} versions, this is a three-number string like ``2.4.5''. A @value{tramp} release, which is packaged with Emacs, could differ slightly from the corresponding standalone release. This is because it isn't always possible to synchronize release dates between Emacs and @value{tramp}. Such version numbers have the Emacs version number as suffix, like ``2.4.5.27.2''. This means @w{@value{tramp} 2.4.5} as integrated in @w{Emacs 27.2}. A complete list of @value{tramp} versions packaged with Emacs can be retrieved by @vindex customize-package-emacs-version-alist @lisp (assoc 'Tramp customize-package-emacs-version-alist) @end lisp @value{tramp} is also available as @uref{https://elpa.gnu.org, GNU ELPA} package. Besides the standalone releases, further minor versions of @value{tramp} will appear on GNU ELPA, until the next @value{tramp} release appears. These minor versions have a four-number string, like ``2.4.5.1''. The manual of the latest @value{tramp} ELPA package is located at @uref{https://elpa.gnu.org/packages/doc/tramp.html}. @value{tramp} development versions are available on Git servers. Development versions contain new and incomplete features. The development version of @value{tramp} is always the version number of the next release, plus the suffix ``-pre'', like ``2.4.4-pre''. One way to obtain @value{tramp} from the Git server is to visit the Savannah project page at the following URL and then clicking on the Git link in the navigation bar at the top. @noindent @uref{https://savannah.gnu.org/projects/tramp/} @noindent Another way is to follow the terminal session below: @example @group $ cd ~/emacs $ git clone https://git.savannah.gnu.org/git/tramp.git @end group @end example @noindent From behind a proxy: @example @group $ git config --global http.proxy https://user:pwd@@proxy.server.com:8080 $ git clone https://git.savannah.gnu.org/r/tramp.git @end group @end example @noindent @value{tramp} developers: @example $ git clone login@@git.sv.gnu.org:/srv/git/tramp.git @end example @noindent After one of the above commands, @file{~/emacs/tramp} will containing the latest version of @value{tramp}. @noindent To fetch updates from the repository, use @code{git pull}: @example @group $ cd ~/emacs/tramp $ git pull @end group @end example @noindent Run @command{autoconf} as follows to generate an up-to-date @file{configure} script: @example @group $ cd ~/emacs/tramp $ autoconf @end group @end example @ifset installchapter @c Installation chapter is necessary only in case of standalone @c installation. @include trampinst.texi @end ifset @ifclear installchapter See the file @file{INSTALL} in that directory for further information on how to install @value{tramp}. @end ifclear @node Quick Start Guide @chapter Short introduction how to use @value{tramp} @cindex quick start guide @value{tramp} extends the Emacs file name syntax by adding a remote component. A remote file name always looks like @file{@trampfn{method,user@@host,/path/to/file}}. You can use remote files exactly like ordinary files, that means you can open a file or directory by @kbd{C-x C-f @trampfn{method,user@@host,/path/to/file} @key{RET}}, edit the file, and save it. You can also mix local files and remote files in file operations with two arguments, like @code{copy-file} or @code{rename-file}. And finally, you can even run processes on a remote host, when the buffer you call the process from has a remote @code{default-directory}. @anchor{Quick Start Guide File name syntax} @section File name syntax @cindex file name syntax Remote file names have @code{method}, @code{user} and @code{host} parts prepended. All of them, and also the local file name part, are optional, in case of a missing part a default value is assumed. The default value for an empty local file name part is the remote user's home directory. The shortest remote file name is thus @file{@trampfn{-,,}}. The @samp{-} notation for the default method is used for syntactical reasons, @pxref{Default Method}. The @code{method} part describes the connection method used to reach the remote host, see below. The @code{user} part is the user name for accessing the remote host. For the @option{smb} method, this could also require a domain name, in which case it is written as @code{user%domain}. The @code{host} part must be a host name which can be resolved on your local host. It could be a short host name, a fully qualified domain name, an IPv4 or IPv6 address, @pxref{File name syntax}. Some connection methods also support a notation for the port to be used, in which case it is written as @code{host#port}. @anchor{Quick Start Guide ssh and plink methods} @section Using @option{ssh} and @option{plink} @cindex method @option{ssh} @cindex @option{ssh} method @cindex method @option{plink} @cindex @option{plink} method If your local host runs an SSH client, and the remote host runs an SSH server, the simplest remote file name is @file{@trampfn{ssh,user@@host,/path/to/file}}. The remote file name @file{@trampfn{ssh,,}} opens a remote connection to yourself on the local host, and is often used for testing @value{tramp}. On MS Windows, PuTTY is often used as the SSH client. Its @command{plink} method can be used there to open a connection to a remote host running an @command{ssh} server: @file{@trampfn{plink,user@@host,/path/to/file}}. @anchor{Quick Start Guide su, sudo, doas, run0, androidsu and sg methods} @section Using @option{su}, @option{sudo}, @option{doas}, @option{run0}, @option{androidsu} and @option{sg} @cindex method @option{su} @cindex @option{su} method @cindex method @option{sudo} @cindex @option{sudo} method @cindex method @option{doas} @cindex @option{doas} method @cindex method @option{run0} @cindex @option{run0} method @cindex method @option{androidsu} @cindex @option{androidsu} method @cindex method @option{sg} @cindex @option{sg} method Sometimes, it is necessary to work on your local host under different permissions. For this, you can use the @option{su} or @option{sudo} connection method. If your system is @code{systemd}-based, there is the @option{run0} connection method. On OpenBSD systems, the @option{doas} connection method offers the same functionality. If your local system is Android, use the method @option{androidsu} instead of @option{su}. These methods use @samp{root} as default user name and the return value of @code{(system-name)} as default host name. Therefore, it is convenient to open a file as @file{@trampfn{sudo,,/path/to/file}}. The method @option{sg} stands for ``switch group''; here the user name is used as the group to change to. The default host name is the same. @anchor{Quick Start Guide Combining ssh, plink, su, sudo, doas and run0 methods} @section Combining @option{ssh} or @option{plink} with @option{su}, @option{sudo}, @option{doas} or @option{run0} @cindex method @option{ssh} @cindex @option{ssh} method @cindex method @option{plink} @cindex @option{plink} method @cindex method @option{su} @cindex @option{su} method @cindex method @option{sudo} @cindex @option{sudo} method @cindex method @option{doas} @cindex @option{doas} method @cindex method @option{run0} @cindex @option{run0} method If the @option{su}, @option{sudo}, @option{doas} or @option{run0} method should be performed on another host, it can be combined with a leading @option{ssh} or @option{plink} method. That means that @value{tramp} connects first to the other host with non-administrative credentials, and changes to administrative credentials on that host afterwards. In a simple case, the syntax looks like @file{@trampfn{ssh@value{postfixhop}user@@host|sudo,,/path/to/file}}. @xref{Ad-hoc multi-hops}. @anchor{Quick Start Guide sudoedit method} @section Using @command{sudoedit} @cindex method @option{sudoedit} @cindex @option{sudoedit} method The @option{sudoedit} method is similar to the @option{sudo} method. However, it is a different implementation: it does not keep an open session running in the background. This is for security reasons; on the backside this method has worse performance than the @option{sudo} method, it is restricted to @samp{localhost} only, and it does not support external processes. @anchor{Quick Start Guide smb method} @section Using @command{smbclient} @cindex method @option{smb} @cindex @option{smb} method @cindex ms windows (with @option{smb} method) @cindex @command{smbclient} In order to access a remote MS Windows host or Samba server, the @command{smbclient} client is used. The remote file name syntax is @file{@trampfn{smb,user%domain@@host,/path/to/file}}. The first part of the local file name is the share exported by the remote host, @samp{path} in this example. @anchor{Quick Start Guide GVFS-based methods} @section Using @acronym{GVFS}-based methods @cindex methods, gvfs @cindex gvfs-based methods @cindex method @option{sftp} @cindex @option{sftp} method @cindex method @option{afp} @cindex @option{afp} method @cindex method @option{dav} @cindex method @option{davs} @cindex @option{dav} method @cindex @option{davs} method @cindex method @option{mtp} @cindex @option{mtp} method On systems which have @acronym{GVFS, the GNOME Virtual File System} installed, its offered methods can be used by @value{tramp}. Examples are @file{@trampfn{sftp,user@@host,/path/to/file}}, @file{@trampfn{afp,user@@host,/path/to/file}} (accessing Apple's AFP file system), @file{@trampfn{dav,user@@host,/path/to/file}}, @file{@trampfn{davs,user@@host,/path/to/file}} (for WebDAV shares) and @file{@trampfn{mtp,device,/path/to/file}} (for media devices). @anchor{Quick Start Guide GNOME Online Accounts based methods} @section Using @acronym{GNOME} Online Accounts based methods @cindex @acronym{GNOME} Online Accounts @cindex method @option{gdrive} @cindex @option{gdrive} method @cindex google drive @cindex method @option{nextcloud} @cindex @option{nextcloud} method @cindex nextcloud @acronym{GVFS}-based methods also include @acronym{GNOME} Online Accounts, which support the @option{Files} service. These are the Google Drive file system, and the OwnCloud/NextCloud file system. The file name syntax here is always @file{@trampfn{gdrive,john.doe@@gmail.com,/path/to/file}} (@samp{john.doe@@gmail.com} stands here for your Google Drive account), or @file{@trampfn{nextcloud,user@@host#8081,/path/to/file}} (@samp{8081} stands for the port number) for OwnCloud/NextCloud files. @anchor{Quick Start Guide FUSE-based methods} @section Using @acronym{FUSE}-based methods @cindex methods, fuse @cindex fuse-based methods @cindex method @option{rclone} @cindex @option{rclone} method @cindex method @option{sshfs} @cindex @option{sshfs} method @acronym{FUSE, Filesystem in Userspace} allows users to mount a virtual file system. It is also used by @acronym{GVFS} internally, but here we discuss methods which do not use the @acronym{GVFS} API. A convenient way to access system storages is the @command{rclone} program. If you have configured a storage in @command{rclone} under a name @samp{storage} (for example), you can access it via the remote file name syntax @file{@trampfn{rclone,storage,/path/to/file}}. User names are not needed. On local hosts which have installed the @command{sshfs} client for mounting a file system based on @command{sftp}, this method can be used. All remote files are available via the local mount point. @value{tramp} aids in mounting the file system if it isn't mounted yet, and it supports the access with the usual file name syntax @file{@trampfn{sshfs,user@@host,/path/to/file}}. @anchor{Quick Start Guide Android} @section Using Android @cindex method @option{adb} @cindex @option{adb} method @cindex android An Android device, which is connected via USB to your local host, can be accessed via the @command{adb} command. No user or host name is needed. The file name syntax is @file{@trampfn{adb,,/path/to/file}}. @node Configuration @chapter Configuring @value{tramp} @cindex configuration @cindex default configuration @value{tramp} is initially configured to use the @command{scp} program to connect to the remote host. Just type @kbd{C-x C-f} and then enter file name @file{@trampfn{scp,user@@host,/path/to/file}}. For details, @xref{Default Method}, @xref{Default User}, @xref{Default Host}. For problems related to the behavior of the remote shell, @xref{Remote shell setup}. For changing the connection type and file access method from the defaults to one of several other options, @xref{Connection types}. @strong{Note} that some user options described in these examples are not auto loaded by Emacs. All examples require @value{tramp} to be installed and loaded: @lisp (customize-set-variable 'tramp-verbose 6 "Enable remote command traces") @end lisp For functions used to configure @value{tramp}, the following clause may be used in your init file: @lisp (with-eval-after-load 'tramp (tramp-change-syntax 'simplified)) @end lisp @vindex enable-remote-dir-locals Changing other variables via directory-local variables on a remote directory must be enabled by setting @code{enable-remote-dir-locals} to non-@code{nil}, @xref{Directory Variables, , , emacs}. @menu * Optional methods:: Optional methods which must be enabled first. * Connection types:: Types of connections to remote hosts. * Inline methods:: Inline methods. * External methods:: External methods. * GVFS-based methods:: @acronym{GVFS}-based external methods. * FUSE-based methods:: @acronym{FUSE}-based external methods. * Default Method:: Selecting a default method. Here we also try to help those who don't have the foggiest which method is right for them. * Default User:: Selecting a default user. * Default Host:: Selecting a default host. * Multi-hops:: Connecting to a remote host using multiple hops. * Firewalls:: Passing firewalls. * Customizing Methods:: Using Non-Standard Methods. * Customizing Completion:: Selecting config files for user/host name @c completion. * Password handling:: Reusing passwords for several connections. * Connection caching:: Reusing connection related information. * Predefined connection information:: Setting own connection related information. * Remote programs:: How @value{tramp} finds and uses programs @c on the remote host. * Remote shell setup:: Remote shell setup hints. * Ssh setup:: Ssh setup hints. * FUSE setup:: @acronym{FUSE} setup hints. * Android shell setup:: Android shell setup hints. * Kubernetes setup:: Kubernetes setup hints. * Auto-save File Lock and Backup:: Auto-save, File Lock and Backup. * Keeping files encrypted:: Protect remote files by encryption. @end menu @node Optional methods @section Optional methods which must be enabled first @cindex optional methods Not all methods are enabled by default after loading @value{tramp}. Some of them don't work on the local host. Some of them are optional, and must be enabled if it is intended to use them. For all methods described in this manual, it is indicated when the method is optional. @deffn Command tramp-enable-method method This command enables the optional method @var{method}, a string. The command can be invoked interactively like @kbd{M-x tramp-enable-method @key{RET} toolbox @key{RET}}, with @option{toolbox} being an optional method. @end deffn If you want to enable an optional method permanently, add something like this to your @file{.emacs} file: @lisp (with-eval-after-load 'tramp (tramp-enable-method "toolbox")) @end lisp @node Connection types @section Types of connections to remote hosts @cindex connection types, overview @dfn{Inline method} and @dfn{external method} are the two basic types of access methods. While they both use the same remote shell access programs, such as @command{rsh}, @command{ssh}, or @command{telnet}, they differ in the file access methods. Choosing the right method becomes important for editing files, transferring large files, or operating on a large number of files. The performance of the external methods is generally better than that of the inline methods, at least for large files. This is caused by the need to encode and decode the data when transferring inline. The one exception to this rule are the @option{scp}-based access methods. While these methods do see better performance when actually transferring files, the overhead of the cryptographic negotiation at startup may drown out the improvement in file transfer times. External methods should be configured in such a way that they don't require a password (with @command{ssh-agent}, or similar). Modern @command{scp} implementations offer options to reuse existing @command{ssh} connections, which @value{tramp} enables by default if available. If that is not possible, you should consider @ref{Password handling}, otherwise you will be prompted for a password for every copy action. @node Inline methods @section Inline methods @cindex inline methods @cindex methods, inline Inline methods use the same login connection to transfer file contents. Inline methods are quick and easy for small files. They depend on the availability of suitable encoding and decoding programs on the remote host. For local source and destination, @value{tramp} may use built-in equivalents of such programs in Emacs. Inline methods can work in situations where an external transfer program is unavailable. Inline methods also work when transferring files between different @emph{user identities} on the same host. @cindex base-64 encoding @cindex base-64 encoding @cindex uu encoding @vindex tramp-remote-coding-commands @value{tramp} checks the remote host for the availability and usability of one of the commands defined in @code{tramp-remote-coding-commands}. @value{tramp} uses the first reliable command it finds. @value{tramp}'s search path can be customized, @pxref{Remote programs}. In case none of the commands are available, @value{tramp} first transfers a small Perl program to the remote host, and then tries to use that program for encoding and decoding. @vindex tramp-inline-compress-start-size @vindex tramp-inline-compress-commands To increase transfer speeds for large text files, @value{tramp} can use compression before encoding. The user option @code{tramp-inline-compress-start-size} specifies the file size above which to use this optimization. This feature depends on the availability and usability of one of the commands defined in @code{tramp-inline-compress-commands}. @table @asis @cindex method @option{rsh} @cindex @option{rsh} method @item @option{rsh} @command{rsh} is an option for connecting to hosts within local networks since @command{rsh} is not as secure as other methods. There should be no reason to use it, as @command{ssh} is a both a complete replacement and ubiquitous. @cindex method @option{ssh} @cindex @option{ssh} method @item @option{ssh} @command{ssh} is a more secure option than others to connect to a remote host. @command{ssh} can also take extra parameters as port numbers. For example, a host on port 42 is specified as @file{host#42} (the real host name, a hash sign, then a port number). It is the same as passing @samp{-p 42} to the @command{ssh} command. @cindex method @option{telnet} @cindex @option{telnet} method @item @option{telnet} Connecting to a remote host with @command{telnet} is as insecure as the @option{rsh} method. @cindex method @option{su} @cindex @option{su} method @item @option{su} Instead of connecting to a remote host, @command{su} program allows editing as another user. The host can be either @samp{localhost} or the host returned by the function @command{(system-name)}. See @ref{Multi-hops} for an exception to this behavior. @cindex method @option{androidsu} @cindex @option{androidsu} method @item @option{androidsu} Because the default implementation of the @option{su} method and other shell-based methods conflict with non-standard @command{su} implementations popular among Android users and the restricted command-line utilities distributed with that system, a largely equivalent @option{androidsu} method is provided for that system with workarounds for its many idiosyncrasies, with the exception that multi-hops are unsupported. This is an optional method, @pxref{Optional methods}. It is enabled by default on @code{android} systems only. @cindex method @option{sudo} @cindex @option{sudo} method @item @option{sudo} Similar to @option{su} method, @option{sudo} uses @command{sudo}. @command{sudo} must have sufficient rights to start a shell. For security reasons, a @option{sudo} connection is disabled after a predefined timeout (5 minutes by default). This can be changed, @pxref{Predefined connection information}. @cindex method @option{doas} @cindex @option{doas} method @item @option{doas} This method is used on OpenBSD like the @command{sudo} command. Like the @option{sudo} method, a @option{doas} connection is disabled after a predefined timeout. @cindex method @option{run0} @cindex @option{run0} method @item @option{run0} @c This requires systemd 256. Check with 'systemd-run --version'. This method is used on @code{systemd}-based hosts. A @option{run0} connection is disabled after a predefined timeout as well. This is an optional method, @pxref{Optional methods}. @cindex method @option{sg} @cindex @option{sg} method @item @option{sg} The @command{sg} program allows editing as different group. The host can be either @samp{localhost} or the host returned by the function @command{(system-name)}. The user name must be specified, but it denotes a group name. See @ref{Multi-hops} for an exception to this behavior. @cindex method @option{sshx} @cindex @option{sshx} method @item @option{sshx} Works like @option{ssh} but without the extra authentication prompts. @option{sshx} uses @samp{ssh -t -t -l @var{user} -o RemoteCommand='/bin/sh -i' @var{host}} to open a connection with a ``standard'' login shell. It supports changing the remote login shell @command{/bin/sh}. @strong{Note} that @option{sshx} does not bypass authentication questions. For example, if the host key of the remote host is not known, @option{sshx} will still ask ``Are you sure you want to continue connecting?''. @value{tramp} cannot handle such questions. Connections will have to be setup where logins can proceed without such questions. @option{sshx} is useful for MS Windows users when @command{ssh} triggers an error about allocating a pseudo tty. This happens due to missing shell prompts that confuses @value{tramp}. @option{sshx} supports the @samp{-p} argument. @cindex method @option{krlogin} @cindex @option{krlogin} method @cindex kerberos (with @option{krlogin} method) @item @option{krlogin} This method is also similar to @option{ssh}. It uses the @command{krlogin -x} command only for remote host login. This method is an optional method, @pxref{Optional methods}. @cindex method @option{ksu} @cindex @option{ksu} method @cindex kerberos (with @option{ksu} method) @item @option{ksu} This is another method from the Kerberos suite. It behaves like @option{su}. It is an optional method, @pxref{Optional methods}. @cindex method @option{plink} @cindex @option{plink} method @item @option{plink} @option{plink} method is for MS Windows users with the PuTTY implementation of SSH@. It uses @samp{plink -ssh} to log in to the remote host. It supports changing the remote login shell @command{/bin/sh}. Check the @samp{Share SSH connections if possible} control for that session. @option{plink} method supports the @samp{-P} argument. @cindex method @option{plinkx} @cindex @option{plinkx} method @item @option{plinkx} Another method using PuTTY on MS Windows with session names instead of host names. @option{plinkx} calls @samp{plink -load @var{session} -t}. User names and port numbers must be defined in the session. It supports changing the remote login shell @command{/bin/sh}. Check the @samp{Share SSH connections if possible} control for that session. @end table @noindent The following methods allow to access running containers in different ways: @table @asis @cindex method @option{docker} @cindex @option{docker} method @item @option{docker} Integration for Docker containers. The host name may be either a running container's name or ID, as returned by @samp{docker ps}. @cindex method @option{podman} @cindex @option{podman} method @item @option{podman} Podman is an alternative to @option{docker} which may be run rootless, if desired. @cindex method @option{kubernetes} @cindex @option{kubernetes} method @item @option{kubernetes} Integration for containers in Kubernetes pods. The host name is @samp{@var{pod}}, or @samp{@var{container}.@var{pod}} if an explicit container name shall be used. Otherwise, the first container in a pod is used. This method does not support user names. @cindex method @option{toolbox} @cindex @option{toolbox} method @item @option{toolbox} @cindex method @option{distrobox} @cindex @option{distrobox} method @item @option{distrobox} Integration of Toolbox or Distrobox system containers, respectively. The host name may be either a container's name or ID, as returned by @samp{toolbox list -c} or @samp{distrobox list}. Without a host name, the default Toolbox container for the host will be used. There is no such default for Distrobox. Contrary to the other container-based methods, these two methods start a created container, if it isn't running yet. These are optional methods, @pxref{Optional methods}. They do not support user names. @cindex method @option{flatpak} @cindex @option{flatpak} method @item @option{flatpak} Integration of Flatpak sandboxes. The host name may be either an application ID, a sandbox instance ID, or a PID, as returned by @samp{flatpak ps}. This is an optional method, @pxref{Optional methods}. It does not support user names. @cindex method @option{apptainer} @cindex @option{apptainer} method @item @option{apptainer} Integration of Apptainer instances. The host name is the instance name, as returned by @samp{apptainer instance list}. This is an optional method, @pxref{Optional methods}. It does not support user names. @cindex method @option{nspawn} @cindex @option{nspawn} method @item @option{nspawn} Integration of @code{systemd-nspawn} instances. The host name is the instance name, as returned by @samp{machinectl list --all}. This is an optional method, @pxref{Optional methods}. @end table @node External methods @section External methods @cindex methods, external @cindex external methods External methods operate over multiple channels, using the remote shell connection for some actions while delegating file transfers to an external transfer program. External methods save on the overhead of encoding and decoding of inline methods. Since external methods have the overhead of opening a new channel, files smaller than @code{tramp-copy-size-limit} still use inline methods. @table @asis @cindex method @option{rcp} @cindex @option{rcp} method @cindex @command{rsh} (with @option{rcp} method) @item @option{rcp} This method uses the @command{rsh} and @command{rcp} commands to connect to the remote host and transfer files. This is the fastest access method available. The alternative method @option{remcp} uses the @command{remsh} and @command{rcp} commands. @cindex method @option{scp} @cindex @option{scp} method @cindex @command{ssh} (with @option{scp} method) @item @option{scp} Using a combination of @command{ssh} to connect and @command{scp} to transfer is the most secure. While the performance is good, it is slower than the inline methods for smaller files. Though there is no overhead of encoding and decoding of the inline methods, @command{scp}'s cryptographic handshake negates those speed gains. @option{ssh}-based methods support @samp{-p} feature for specifying port numbers. For example, @file{host#42} passes @samp{-p 42} in the argument list to @command{ssh}, and @samp{-P 42} in the argument list to @command{scp}. @cindex method @option{rsync} @cindex @option{rsync} method @cindex @command{ssh} (with @option{rsync} method) @item @option{rsync} @command{ssh} command to connect in combination with @command{rsync} command to transfer is similar to the @option{scp} method. @command{rsync} performs much better than @command{scp} when transferring files that exist on both hosts. However, this advantage is lost if the file exists only on one side of the connection. This method supports the @samp{-p} argument. @cindex method @option{scpx} @cindex @option{scpx} method @cindex @command{ssh} (with @option{scpx} method) @item @option{scpx} @option{scpx} is useful to avoid login shell questions. It is similar in performance to @option{scp}. @option{scpx} uses @samp{ssh -t -t -l @var{user} -o RemoteCommand='/bin/sh -i' @var{host}} to open a connection. It supports changing the remote login shell @command{/bin/sh}. @option{scpx} is useful for MS Windows users when @command{ssh} triggers an error about allocating a pseudo tty. This happens due to missing shell prompts that confuses @value{tramp}. This method supports the @samp{-p} argument. @cindex method @option{pscp} @cindex @option{pscp} method @cindex @command{plink} (with @option{pscp} method) @cindex @command{putty} (with @option{pscp} method) @item @option{pscp} @cindex method @option{psftp} @cindex @option{psftp} method @cindex @command{plink} (with @option{psftp} method) @cindex @command{putty} (with @option{psftp} method) @item @option{psftp} These methods are similar to @option{scp} or @option{sftp}, but they use the @command{plink} command to connect to the remote host, and they use @command{pscp} or @command{psftp} for transferring the files. These programs are part of PuTTY, an SSH implementation for MS Windows. They support changing the remote login shell @command{/bin/sh}. Check the @samp{Share SSH connections if possible} control for that session. These methods support the @samp{-P} argument. @cindex method @option{dockercp} @cindex @option{dockercp} method @item @option{dockercp} @cindex method @option{podmancp} @cindex @option{podmancp} method @item @option{podmancp} These methods are similar to @option{docker} or @option{podman}, but they use the command @command{docker cp} or @command{podman cp} for transferring large files. These copy commands do not support file globs, and they ignore a user name. @cindex method @option{fcp} @cindex @option{fcp} method @cindex @command{fsh} (with @option{fcp} method) @item @option{fcp} This method is similar to @option{scp}, but uses @command{fsh} to connect and @command{fcp} to transfer files. @command{fsh/fcp}, a front-end for @command{ssh}, reuse @command{ssh} session by submitting several commands. This avoids the startup overhead due to @command{scp}'s secure connection. Inline methods have similar benefits. The command used for this connection is: @samp{fsh @var{host} -l @var{user} /bin/sh -i} @cindex method @option{fsh} @cindex @option{fsh} method @option{fsh} has no inline method since the multiplexing it offers is not useful for @value{tramp}. @command{fsh} connects to remote host and @value{tramp} keeps that one connection open. This is an optional method, @pxref{Optional methods}. @cindex method @option{nc} @cindex @option{nc} method @cindex @command{telnet} (with @option{nc} method) @item @option{nc} Using @command{telnet} to connect and @command{nc} to transfer files is sometimes the only combination suitable for accessing routers or NAS hosts. These dumb devices have severely restricted local shells, such as the @command{busybox} and do not host any other encode or decode programs. This is an optional method, @pxref{Optional methods}. @cindex method @option{sudoedit} @cindex @option{sudoedit} method @item @option{sudoedit} The @option{sudoedit} method facilitates editing a file as a different user on the local host. You could regard this as @value{tramp}'s implementation of the @command{sudoedit}. Contrary to the @option{sudo} method, all magic file name functions are implemented by single @command{sudo @dots{}} commands. The purpose is to make editing such a file as secure as possible; there must be no session running in the Emacs background which could be attacked from inside Emacs. Consequently, external processes are not implemented. The host name of such remote file names must represent the local host. Since the default value is already proper, it is recommended not to use any host name in the remote file name, like @file{@trampfn{sudoedit,,/path/to/file}} or @file{@trampfn{sudoedit,user@@,/path/to/file}}. Like the @option{sudo} method, a @option{sudoedit} password expires after a predefined timeout. @cindex method @option{ftp} @cindex @option{ftp} method @item @option{ftp} When @value{tramp} uses @option{ftp}, it forwards requests to whatever ftp program is specified by Ange FTP@. This external program must be capable of servicing requests from @value{tramp}. @cindex method @option{smb} @cindex @option{smb} method @cindex ms windows (with @option{smb} method) @cindex @command{smbclient} @item @option{smb} This non-native @value{tramp} method connects via the Server Message Block (SMB) networking protocol to hosts running file servers that are typically based on @uref{https://www.samba.org/,,Samba} or MS Windows. Using @command{smbclient} requires a few tweaks when working with @value{tramp}: The first directory in the localname must be a share name on the remote host. Since some SMB share names end in the @code{$} character, @value{tramp} must use @code{$$} when specifying those shares to avoid environment variable substitutions. When @value{tramp} is not specific about the share name or uses the generic remote directory @file{/}, @command{smbclient} returns all available shares. Since SMB authentication is based on each SMB share, @value{tramp} prompts for a password even when accessing a different share on the same SMB host. This prompting can be suppressed by @ref{Password handling}. To accommodate user name/domain name syntax required by MS Windows authorization, @value{tramp} provides for an extended syntax in @code{user%domain} format (where @code{user} is the user name, @code{%} is the percent symbol, and @code{domain} is the MS Windows domain name). An example: @example @trampfn{smb,daniel%BIZARRE@@melancholia,/daniel$$/.emacs} @end example where user @samp{daniel} connects as a domain user to the SMB host @samp{melancholia} in the MS Windows domain @samp{BIZARRE} to edit @file{.emacs} located in the home directory (share @samp{daniel$}). Alternatively, for local WINS users (as opposed to domain users), substitute the domain name with the name of the local host in UPPERCASE as shown here: @example @trampfn{smb,daniel%MELANCHOLIA@@melancholia,/daniel$$/.emacs} @end example where user @samp{daniel} connects as local user to the SMB host @samp{melancholia} in the local domain @samp{MELANCHOLIA} to edit @file{.emacs} located in the home directory (share @samp{daniel$}). The domain name and user name are optional for @command{smbclient} authentication. When user name is not specified, @command{smbclient} uses the anonymous user (without prompting for password). This behavior is unlike other @value{tramp} methods, where local user name is substituted. The @option{smb} method is unavailable if Emacs is run under a local user authentication context in MS Windows. However such users can still access remote files using UNC file names instead of @value{tramp}: @example //melancholia/daniel$$/.emacs @end example UNC file name specification does not allow the specification of a different user name for authentication like the @command{smbclient} can. @cindex method @option{adb} @cindex @option{adb} method @cindex android (with @option{adb} method) @item @option{adb} @vindex tramp-adb-program @vindex PATH@r{, environment variable} This method uses Android Debug Bridge program for accessing Android devices. The Android Debug Bridge must be installed locally for @value{tramp} to work. Some GNU/Linux distributions provide Android Debug Bridge as an installation package. Alternatively, the program is installed as part of the Android SDK@. @value{tramp} finds the @command{adb} program either via the @env{PATH} environment variable or the absolute path set in the user option @code{tramp-adb-program}. @vindex tramp-adb-connect-if-not-connected @value{tramp} connects to Android devices with @option{adb} only when the user option @code{tramp-adb-connect-if-not-connected} is not @code{nil}. Otherwise, the connection must be established outside Emacs. @value{tramp} does not require a host name part of the remote file name when a single Android device is connected to @command{adb}. @value{tramp} instead uses @file{@trampfn{adb,,}} as the default name. @command{adb devices}, run in a shell outside Emacs, shows available host names. @option{adb} method normally does not need user name to authenticate on the Android device because it runs under the @command{adbd} process. But when a user name is specified, however, @value{tramp} applies an @command{su} in the syntax. When authentication does not succeed, especially on un-rooted Android devices, @value{tramp} displays login errors. For Android devices connected through TCP/IP, a port number can be specified using @file{device#42} host name syntax or @value{tramp} can use the default value as declared in @command{adb} command. Port numbers are not applicable to Android devices connected through USB@. @end table @node GVFS-based methods @section @acronym{GVFS}-based external methods @cindex methods, gvfs @cindex gvfs-based methods @cindex dbus @acronym{GVFS} is the virtual file system for the @acronym{GNOME} Desktop, @uref{https://en.wikipedia.org/wiki/GVFS}. Remote files on @acronym{GVFS} are mounted locally through @acronym{FUSE} and @value{tramp} uses this locally mounted directory internally. Emacs uses the D-Bus mechanism to communicate with @acronym{GVFS}@. It must have been compiled with D-Bus support, @pxref{Top, , D-Bus, dbus}. @vindex tramp-gvfs-enabled The @code{tramp-gvfs-enabled} variable, being non-@code{nil}, signals that @value{tramp} can use @acronym{GVFS}-based methods. @table @asis @cindex method @option{afp} @cindex @option{afp} method @item @option{afp} This method is for connecting to remote hosts with the Apple Filing Protocol for accessing files on macOS volumes. @value{tramp} access syntax requires a leading volume (share) name, for example: @file{@trampfn{afp,user@@host,/volume}}. @cindex WebDAV @cindex method @option{dav} @cindex @option{dav} method @item @option{dav} @cindex method @option{davs} @cindex @option{davs} method @item @option{davs} @option{dav} method provides access to WebDAV files and directories based on standard protocols, such as HTTP@. @option{davs} does the same but with SSL encryption. Both methods support the port numbers. Paths being part of the WebDAV volume to be mounted by @acronym{GVFS}, as it is common for OwnCloud or NextCloud file names, are not supported by these methods. See method @option{nextcloud} for handling them. @cindex @acronym{GNOME} Online Accounts @cindex method @option{gdrive} @cindex @option{gdrive} method @cindex google drive @item @option{gdrive} Via the @option{gdrive} method it is possible to access your Google Drive online storage. User and host name of the remote file name are your email address of the Google Drive credentials, like @file{@trampfn{gdrive,john.doe@@gmail.com,/}}. These credentials must be populated in your @command{Online Accounts} application outside Emacs. Since Google Drive uses cryptic blob file names internally, @value{tramp} works with the @code{display-name} of the files. This could produce unexpected behavior in case two files in the same directory have the same @code{display-name}, such a situation must be avoided. @cindex method @option{mtp} @cindex @option{mtp} method @cindex media @item @option{mtp} Media devices, like cell phones, tablets, cameras, can be accessed via the @option{mtp} method. Just the device name is needed in order to specify the host in the file name. However, the device must already be connected via USB, before accessing it. Possible device names are visible via host name completion, @pxref{File name completion}. Depending on the device type, the access could be read-only. Some devices are accessible under different names in parallel, offering different parts of their file system. @value{tramp} does not require a host name as part of the remote file name when a single media device is connected. @value{tramp} instead uses @file{@trampfn{mtp,,}} as the default name. @cindex method @option{nextcloud} @cindex @option{nextcloud} method @cindex nextcloud @item @option{nextcloud} As the name indicates, the method @option{nextcloud} allows you to access OwnCloud or NextCloud hosted files and directories. Like the @option{gdrive} method, your credentials must be populated in your @command{Online Accounts} application outside Emacs. The method supports port numbers. @cindex method @option{sftp} @cindex @option{sftp} method @item @option{sftp} This method uses @command{sftp} in order to securely access remote hosts. @command{sftp} is a more secure option for connecting to hosts that for security reasons refuse @command{ssh} connections. When there is a respective entry in your @command{ssh} configuration, do @emph{not} set the @option{RemoteCommand} option. @end table @defopt tramp-gvfs-methods This user option is a list of external methods for @acronym{GVFS}@. By default, this list includes @option{afp}, @option{dav}, @option{davs}, @option{gdrive}, @option{mtp}, @option{nextcloud} and @option{sftp}. Other methods to include are @option{ftp}, @option{http}, @option{https} and @option{smb}. These methods are not intended to be used directly as @acronym{GVFS}-based method. Instead, they are added here for the benefit of @ref{Archive file names}. If you want to use @acronym{GVFS}-based @option{ftp} or @option{smb} methods, you must add them to @code{tramp-gvfs-methods}, and you must disable the corresponding @value{tramp} package by setting @code{tramp-ftp-method} or @code{tramp-smb-method} to @code{nil}, respectively: @lisp @group (add-to-list 'tramp-gvfs-methods "ftp") (customize-set-variable 'tramp-ftp-method nil) @end group @end lisp @end defopt @node FUSE-based methods @section @acronym{FUSE}-based external methods @cindex methods, fuse @cindex fuse-based methods Besides @acronym{GVFS}, there are other virtual file systems using the @acronym{FUSE} interface. Remote files are mounted locally through @acronym{FUSE} and @value{tramp} uses this locally mounted directory internally. When possible, @value{tramp} maps the remote file names to their respective local file name, and applies the file name operation on them. For some of the file name operations this is not possible, @value{tramp} emulates those operations otherwise. @table @asis @cindex method @option{rclone} @cindex @option{rclone} method @item @option{rclone} @vindex tramp-rclone-program The program @command{rclone} enables accessing different system storages in the cloud, see @uref{https://rclone.org/} for a list of supported systems. If the @command{rclone} program isn't found in your @env{PATH} environment variable, you can tell @value{tramp} its absolute path via the user option @code{tramp-rclone-program}. A system storage must be configured via the @command{rclone config} command, outside Emacs. If you have configured a storage in @command{rclone} under a name @samp{storage} (for example), you can access it via the remote file name @example @trampfn{rclone,storage,/path/to/file} @end example User names are part of the @command{rclone} configuration, and not needed in the remote file name. If a user name is contained in the remote file name, it is ignored. Access via @option{rclone} is slow. If you have an alternative method for accessing the system storage, you should use it. @ref{GVFS-based methods} for example, methods @option{gdrive} and @option{nextcloud}. @cindex method @option{sshfs} @cindex @option{sshfs} method @item @option{sshfs} @vindex tramp-sshfs-program On local hosts which have installed the @command{sshfs} client for mounting a file system based on the @command{sftp} subsystem of @command{ssh}, this method can be used, see @uref{https://github.com/libfuse/sshfs/blob/master/README.md}. If the @command{sshfs} program isn't found in your @env{PATH} environment variable, you can tell @value{tramp} its absolute path via the user option @code{tramp-sshfs-program}. All remote files are available via the local mount point. @value{tramp} aids in mounting the file system if it isn't mounted yet. The remote file name syntax is @example @trampfn{sshfs,user@@host#port,/path/to/file} @end example User name and port number are optional. This method does not support password handling, the file system must either be mounted already, or the connection must be established passwordless via ssh keys. The mount point and mount arguments can be passed as connection properties, @xref{Setup of sshfs method}. @end table @node Default Method @section Selecting a default method @cindex default method In a remote file name, the use of a default method is indicated by the pseudo method @option{-}, @pxref{File name syntax}. @defopt tramp-default-method Default method is for transferring files. The user option @code{tramp-default-method} sets it. @value{tramp} uses this user option to determine the default method for remote file names that do not have one specified. @lisp (customize-set-variable 'tramp-default-method "ssh") @end lisp @end defopt @defopt tramp-default-method-alist Default methods for transferring files can be customized for specific user and host combinations through the user option @code{tramp-default-method-alist}. For example, the following two lines specify to use the @option{ssh} method for all user names matching @samp{john} and the @option{rsync} method for all host names matching @samp{lily}. The third line specifies to use the @option{su} method for the user @samp{root} on the host @samp{localhost}. @lisp @group (add-to-list 'tramp-default-method-alist '("" "john" "ssh")) (add-to-list 'tramp-default-method-alist '("lily" "" "rsync")) (add-to-list 'tramp-default-method-alist '("\\`localhost\\'" "\\`root\\'" "su")) @end group @end lisp @end defopt @noindent External methods performance faster for large files. @pxref{Inline methods}. @pxref{External methods}. Choosing the access method also depends on the security environment. For example, @option{rsh} and @option{telnet} methods that use clear text password transfers are inappropriate for over the Internet connections. Secure remote connections should use @option{ssh} that provide encryption. @subsection Which method to use? @cindex choosing the right method @value{tramp} provides maximum number of choices for maximum flexibility. Choosing which method depends on the hosts, clients, network speeds, and the security context. Start by using an inline method. External methods might be more efficient for large files, but most @value{tramp} users edit small files more often than large files. Enable compression, @code{tramp-inline-compress-start-size}, for a performance boost for large files with inline methods. Since @command{ssh} has become the most common method of remote host access and it has the most reasonable security protocols, use @option{ssh} method. Typical @option{ssh} usage to edit the @file{/etc/motd} file on the otherhost: @example @kbd{C-x C-f @trampfn{ssh,root@@otherhost,/etc/motd} @key{RET}} @end example If @option{ssh} is unavailable for whatever reason, look for other obvious options. For MS Windows, try the @option{plink} method@footnote{This shouldn't be needed with recent @code{OpenSSH} versions for MS Windows. Use method @option{sshx}.}. For Kerberos, try @option{krlogin}. For editing local files as @option{su} or @option{sudo} methods, try the shortened syntax of @samp{root}: @example @kbd{C-x C-f @trampfn{su,,/etc/motd} @key{RET}} @end example For editing large files, @option{scp} is faster than @option{ssh}. @option{pscp} is faster than @option{plink}. But this speed improvement is not always true. When copying large files between two different remote hosts via @option{scp}, set @code{tramp-use-scp-direct-remote-copying} to non-@code{nil}. @node Default User @section Selecting a default user @cindex default user @defopt tramp-default-user A @value{tramp} file name can omit the user name part since @value{tramp} substitutes the currently logged-in user name. However this substitution can be overridden with @code{tramp-default-user}. For example: @lisp (customize-set-variable 'tramp-default-user "root") @end lisp @end defopt @defopt tramp-default-user-alist Instead of a single default user, @code{tramp-default-user-alist} allows multiple default user values based on access method or host name combinations. The alist can hold multiple values. For example, to use the @samp{john} as the default user for the domain @samp{somewhere.else} only: @lisp @group (add-to-list 'tramp-default-user-alist '("ssh" ".*\\.somewhere\\.else\\'" "john")) @end group @end lisp A Caution: @value{tramp} will override any default user specified in the configuration files outside Emacs, such as @file{~/.ssh/config}. To stop @value{tramp} from applying the default value, set the corresponding alist entry to @code{nil}: @lisp @group (add-to-list 'tramp-default-user-alist '("ssh" "\\`here\\.somewhere\\.else\\'" nil)) @end group @end lisp The last entry in @code{tramp-default-user-alist} should be reserved for catch-all or most often used login. @lisp @group (add-to-list 'tramp-default-user-alist '(nil nil "jonas") t) @end group @end lisp @end defopt @node Default Host @section Selecting a default host @cindex default host @defopt tramp-default-host When host name is omitted, @value{tramp} substitutes the value from the @code{tramp-default-host} user option. It is initially populated with the local host name where Emacs is running. The default method, default user and default host can be overridden as follows: @lisp @group (custom-set-variables '(tramp-default-method "ssh") '(tramp-default-user "john") '(tramp-default-host "target")) @end group @end lisp With all defaults set, @file{@trampfn{-,,}} will connect @value{tramp} to John's home directory on @samp{target} via method @option{ssh}. @end defopt @defopt tramp-default-host-alist Instead of a single default host, @code{tramp-default-host-alist} allows multiple default host values based on access method or user name combinations. The alist can hold multiple values. While @code{tramp-default-host} is sufficient in most cases, some methods, like @option{adb}, require defaults overwritten. The default host name for @option{nspawn} is @samp{.host}. Therefore, @file{@trampfn{nspawn,,}} and @file{@trampfn{sudo,,}} have the same effect. @end defopt @node Multi-hops @section Connecting to a remote host using multiple hops @cindex multi-hop @cindex proxy hosts Multi-hops are methods to reach hosts behind firewalls or to reach the outside world from inside a bastion host. With multi-hops, @value{tramp} can negotiate these hops with the appropriate user/host authentication at each hop. All methods until now have been the single hop kind, where the start and end points of the connection did not have intermediate check points. @defopt tramp-default-proxies-alist @code{tramp-default-proxies-alist} specifies proxy hosts to pass through. This user option is list of triples consisting of @code{(@var{host} @var{user} @var{proxy})}. The first match is the proxy host through which passes the file name and the target host matching @var{user}@@@var{host}. @var{host} and @var{user} are regular expressions or @code{nil}, interpreted as a regular expression which always matches. @var{proxy} is a literal @value{tramp} file name whose local name part is ignored, and the method and user name parts are optional. The method must be an inline method (@pxref{Inline methods}). If @var{proxy} is @code{nil}, no additional hop is required reaching @var{user}@@@var{host}. For example, to pass through the host @samp{bastion.your.domain} as user @samp{bird} to reach remote hosts outside the local domain: @lisp @group (add-to-list 'tramp-default-proxies-alist '("\\." nil "@trampfn{ssh,bird@@bastion.your.domain,}")) (add-to-list 'tramp-default-proxies-alist '("\\.your\\.domain\\'" nil nil)) @end group @end lisp @strong{Note}: @code{add-to-list} adds elements at the beginning of a list. Therefore, most relevant rules must come last in the list. Proxy hosts can be cascaded in the alist. If there is another host called @samp{jump.your.domain}, which is the only host allowed to connect to @samp{bastion.your.domain}, then: @lisp @group (add-to-list 'tramp-default-proxies-alist '("\\`bastion\\.your\\.domain\\'" "\\`bird\\'" "@trampfn{ssh,jump.your.domain,}")) @end group @end lisp @var{proxy} can take patterns @code{%h} or @code{%u} for @var{host} or @var{user} respectively. Ports or domains, if they are part of a hop file name, are not expanded by those patterns. To login as @samp{root} on remote hosts in the domain @samp{your.domain}, but login as @samp{root} is disabled for non-local access, then use this alist entry: @lisp @group (add-to-list 'tramp-default-proxies-alist '("\\.your\\.domain\\'" "\\`root\\'" "@trampfn{ssh,%h,}")) @end group @end lisp Opening @file{@trampfn{sudo,randomhost.your.domain,}} first connects to @samp{randomhost.your.domain} via @code{ssh} under your account name, and then performs @code{sudo -u root} on that host. It is key for the @option{sudo} method in the above example to be applied on the host after reaching it and not on the local host. @value{tramp} checks therefore, that the host name for such hops matches the host name of the previous hop. @var{host}, @var{user} and @var{proxy} can also take Lisp forms. These forms when evaluated must return either a string or @code{nil}. To generalize (from the previous example): For all hosts, except my local one, first connect via @command{ssh}, and then apply @command{sudo -u root}: @lisp @group (add-to-list 'tramp-default-proxies-alist '(nil "\\`root\\'" "@trampfn{ssh,%h,}")) (add-to-list 'tramp-default-proxies-alist `(,(regexp-quote (system-name)) nil nil)) @end group @end lisp @end defopt Passing through hops involves dealing with restricted shells, such as @command{rbash}. If @value{tramp} is made aware, then it would use them for proxies only. @defopt tramp-restricted-shell-hosts-alist An alist of regular expressions of hosts running restricted shells, such as @command{rbash}. @value{tramp} will then use them only as proxies. To specify the bastion host from the example above as running a restricted shell: @lisp @group (add-to-list 'tramp-restricted-shell-hosts-alist "\\`bastion\\.your\\.domain\\'") @end group @end lisp @end defopt @node Firewalls @section Passing firewalls @cindex http tunnel @cindex proxy hosts, http tunnel Sometimes, it is not possible to reach a remote host directly. A firewall might be in the way, which could be passed via a proxy server. Both OpenSSH and PuTTY support such proxy settings, using an HTTP tunnel via the @command{CONNECT} command (conforming to RFC 2616, 2817 specifications). Proxy servers using HTTP 1.1 or later protocol support this command. @subsection Tunneling with ssh @vindex ProxyCommand@r{, ssh option} With @command{ssh}, you can use the @option{ProxyCommand} entry in @file{~/.ssh/config}: @example @group Host host.other.domain ProxyCommand nc -X connect -x proxy.your.domain:3128 %h %p @end group @end example @code{nc} is BSD's netcat program, which establishes HTTP tunnels. Any other program with such a feature could be used as well. In the example, opening @file{@trampfn{ssh,host.your.domain,}} passes the HTTP proxy server @samp{proxy.your.domain} on port 3128. @subsection Tunneling with PuTTY PuTTY does not need an external program, HTTP tunnel support is built-in. In the PuTTY config program, create a session for @samp{host.your.domain}. In the @option{Connection/Data} entry, select the @option{HTTP} option, and add @samp{proxy.your.domain} as @option{Proxy hostname}, and 3128 as @option{Port}. Opening @file{@trampfn{plinkx,host.your.domain,}} passes the HTTP proxy server @samp{proxy.your.domain} on port 3128. @node Customizing Methods @section Using Non-Standard Methods @cindex customizing methods @cindex using non-standard methods @cindex create your own methods @vindex tramp-methods The @code{tramp-methods} variable currently has an exhaustive list of predefined methods. Any part of this list can be modified with more suitable settings. Refer to the Lisp documentation of that variable, accessible with @kbd{C-h v tramp-methods @key{RET}}. In the ELPA archives, there are several examples of such extensions. They can be installed with Emacs's Package Manager. This includes @table @samp @c @item anything-tramp @c @item counsel-tramp @c @item helm-tramp @c Contact Masashí Míyaura @c @item ibuffer-tramp.el @c Contact Svend Sorensen @cindex method @option{lxc} @cindex @option{lxc} method @item lxc-tramp Integration for LXC containers. A container is accessed via @file{@trampfn{lxc,container,/path/to/file}}, @samp{container} has the same meaning as with the @option{docker} method. A @samp{user} specification is ignored. @cindex method @option{lxd} @cindex @option{lxd} method @item lxd-tramp Integration for LXD containers. A container is accessed via @file{@trampfn{lxd,user@@container,/path/to/file}}, @samp{user} and @samp{container} have the same meaning as with the @option{docker} method. @cindex method @option{git} @cindex @option{git} method @item magit-tramp Browsing Git repositories with @code{magit}. A versioned file is accessed via @file{@trampfn{git,rev@@root-dir,/path/to/file}}. @samp{rev} is a Git revision, and @samp{root-dir} is a virtual host name for the root directory, specified in @code{magit-tramp-hosts-alist}. @cindex method @option{hdfs} @cindex @option{hdfs} method @item tramp-hdfs Access of a hadoop/hdfs file system. A file is accessed via @file{@trampfn{hdfs,user@@node,/path/to/file}}, where @samp{user} is the user that you want to use, and @samp{node} is the name of the hadoop server. @cindex method @option{vagrant} @cindex @option{vagrant} method @item vagrant-tramp Convenience method to access vagrant boxes. It is often used in multi-hop file names like @file{@trampfn{vagrant@value{postfixhop}box|sudo,box,/path/to/file}}, where @samp{box} is the name of the vagrant box. @end table @node Customizing Completion @section Selecting config files for user/host name completion @cindex customizing completion @cindex selecting config files @vindex tramp-completion-function-alist @code{tramp-completion-function-alist} uses predefined files for user and host name completion (@pxref{File name completion}). For each method, it keeps a set of configuration files and a function that can parse that file. Each entry in @code{tramp-completion-function-alist} is of the form (@var{method} @var{pair1} @var{pair2} @dots{}). Each @var{pair} is composed of (@var{function} @var{file}). @var{function} is responsible for extracting user names and host names from @var{file} for completion. There are two functions which access this variable: @defun tramp-get-completion-function method This function returns the list of completion functions for @var{method}. Example: @example @group (tramp-get-completion-function "rsh") @result{} ((tramp-parse-rhosts "/etc/hosts.equiv") (tramp-parse-rhosts "~/.rhosts")) @end group @end example @end defun @defun tramp-set-completion-function method function-list This function sets @var{function-list} as list of completion functions for @var{method}. Example: @example @group (tramp-set-completion-function "ssh" '((tramp-parse-sconfig "/etc/ssh_config") (tramp-parse-sconfig "~/.ssh/config"))) @result{} ((tramp-parse-sconfig "/etc/ssh_config") (tramp-parse-sconfig "~/.ssh/config")) @end group @end example @end defun The following predefined functions parsing configuration files exist: @ftable @asis @item @code{tramp-parse-rhosts} This function parses files which are syntactical equivalent to @file{~/.rhosts}. It returns both host names and user names, if specified. @item @code{tramp-parse-shosts} This function parses files which are syntactical equivalent to @file{~/.ssh/known_hosts}. Since there are no user names specified in such files, it can return host names only. @item @code{tramp-parse-sconfig} This function returns the host nicknames defined by @option{Host} entries in @file{~/.ssh/config} style files. @item @code{tramp-parse-shostkeys} SSH2 parsing of directories @file{/etc/ssh2/hostkeys/*} and @file{~/ssh2/hostkeys/*}. Hosts are coded in file names @file{hostkey_@var{portnumber}_@var{host-name}.pub}. User names are always @code{nil}. @item @code{tramp-parse-sknownhosts} Another SSH2 style parsing of directories like @file{/etc/ssh2/knownhosts/*} and @file{~/ssh2/knownhosts/*}. This case, hosts names are coded in file names @file{@var{host-name}.@var{algorithm}.pub}. User names are always @code{nil}. @item @code{tramp-parse-hosts} A function dedicated to @file{/etc/hosts} for host names. @item @code{tramp-parse-passwd} A function which parses @file{/etc/passwd} for user names. @item @code{tramp-parse-etc-group} A function which parses @file{/etc/group} for group names. @item @code{tramp-parse-netrc} A function which parses @file{~/.netrc} and @file{~/.authinfo}-style files. @end ftable To keep a custom file with custom data in a custom structure, a custom function has to be provided. This function must meet the following conventions: @defun my-tramp-parse file @var{file} must be either a file on the host, or @code{nil}. The function must return a list of (@var{user} @var{host}), which are taken as candidates for completion for user and host names. Example: @example @group (my-tramp-parse "~/.my-tramp-hosts") @result{} ((nil "toto") ("daniel" "melancholia")) @end group @end example @end defun @node Password handling @section Reusing passwords for several connections @cindex passwords To avoid repeated prompts for passwords, consider native caching mechanisms, such as @command{ssh-agent} for @option{ssh}-like methods, or @command{pageant} for @option{plink}-like methods. @value{tramp} offers alternatives when native solutions cannot meet the need. @anchor{Using an authentication file} @subsection Using an authentication file @vindex auth-sources The package @file{auth-source.el}, originally developed for No Gnus, reads passwords from different sources, @xref{Help for users, , auth-source, auth}. The default authentication file is @file{~/.authinfo.gpg}, but this can be changed via the user option @code{auth-sources}. @noindent A typical entry in the authentication file: @example machine melancholia port scp login daniel password geheim @end example The port can take any @value{tramp} method (@pxref{Inline methods}, @pxref{External methods}). Omitting port values matches all @value{tramp} methods. Domain and ports, as used in @value{tramp} file name syntax, must be appended to the machine and login items: @example machine melancholia#4711 port davs login daniel%BIZARRE password geheim @end example For the methods @option{doas}, @option{sudo}, @option{sudoedit} and @option{nspawn} the password of the user requesting the connection is needed, and not the password of the target user@footnote{On the local host, @code{run0} uses a graphical password agent.}. If these connections happen on the local host, an entry with the local user and local host is used: @example machine @var{host} port sudo login @var{user} password secret @end example @var{user} and @var{host} are the strings returned by @code{(user-login-name)} and @code{(system-name)}. If one of these methods is connected via a multi-hop (@pxref{Multi-hops}), the credentials of the previous hop are used. @vindex auth-source-save-behavior If no proper entry exists, the password is read interactively. After successful login (verification of the password), Emacs offers to save a corresponding entry for further use by @code{auth-source} backends which support this. This can be changed by setting the user option @code{auth-source-save-behavior} to @code{nil}. @vindex auth-source-debug Set @code{auth-source-debug} to @code{t} to debug messages. @vindex ange-ftp-netrc-filename @strong{Note} that @file{auth-source.el} is not used for @option{ftp} connections, because @value{tramp} passes the work to Ange FTP@. If you want, for example, use your @file{~/.authinfo.gpg} authentication file, you must customize @code{ange-ftp-netrc-filename}: @lisp (customize-set-variable 'ange-ftp-netrc-filename "~/.authinfo.gpg") @end lisp In case you do not want to use an authentication file for @value{tramp} passwords, use connection-local variables @ifinfo (@pxref{Connection Variables, , , emacs}) @end ifinfo like this: @lisp @group (connection-local-set-profile-variables 'remote-without-auth-sources '((auth-sources . nil))) @end group @group (connection-local-set-profiles '(:application tramp) 'remote-without-auth-sources) @end group @end lisp @anchor{Caching passwords} @subsection Caching passwords @value{tramp} can cache passwords as entered and reuse when needed for the same user or host name independent of the access method. @vindex auth-source-cache-expiry @code{auth-source-cache-expiry}@footnote{It overrides @code{password-cache-expiry}.} sets the duration (in seconds) the passwords are remembered. Set @code{auth-source-cache-expiry} to @code{nil} to disable expiration. Cached passwords are never saved permanently nor can they extend beyond the lifetime of the current Emacs session unless you confirm this interactively. @vindex auth-source-do-cache Set @code{auth-source-do-cache} to @code{nil} to disable password caching. @node Connection caching @section Reusing connection related information @cindex caching @vindex tramp-persistency-file-name For faster initial connection times, @value{tramp} stores previous connection properties in a file specified by the user option @code{tramp-persistency-file-name}. The default file name for @code{tramp-persistency-file-name} is @file{~/.emacs.d/tramp}. @value{tramp} reads this file during Emacs startup, and writes to it when exiting Emacs. Delete this file for @value{tramp} to recreate a new one on next Emacs startup. Set @code{tramp-persistency-file-name} to @code{nil} to disable storing connections persistently. When @value{tramp} detects a change in the operating system version in a remote host (via the command @command{uname -sr}), it flushes all connection related information for that host and creates a new entry. @node Predefined connection information @section Setting own connection related information For more precise customization, parameters specified by @code{tramp-methods} can be overwritten manually. @vindex tramp-connection-properties Set @code{tramp-connection-properties} to manually override @code{tramp-methods}. Properties in this list are in the form @code{(@var{regexp} @var{property} @var{value})}. @var{regexp} matches remote file names. Use @code{nil} to match all. @var{property} is the property's name, and @var{value} is the property's value. @var{property} is any method specific parameter contained in @code{tramp-methods}. The parameter key in @code{tramp-methods} is a symbol name @code{tramp-}. To overwrite that property, use the string @t{""} for @var{property}. For example, this changes the remote shell: @lisp @group (add-to-list 'tramp-connection-properties (list (regexp-quote "@trampfn{ssh,user@@randomhost.your.domain,}") "remote-shell" "/bin/ksh")) @end group @group (add-to-list 'tramp-connection-properties (list (regexp-quote "@trampfn{ssh,user@@randomhost.your.domain,}") "remote-shell-login" '("-"))) @end group @end lisp The parameters @code{tramp-remote-shell} and @code{tramp-remote-shell-login} in @code{tramp-methods} now have new values for the remote host. @var{property} can also be any property found in @code{tramp-persistency-file-name}. @subsection Relevant connection properties to override Not all connection properties need to be changed. The most relevant properties are listed here: @itemize @item @t{"login-program"} The property @t{"login-program"} stores the program to be used to connect to the remote host. Sometimes, the program might have another name on your host, or it might be located in another path. In this case, you can overwrite the default value, which is special for every connection method. It is used in all connection methods of @file{tramp-sh.el}. @item @t{"login-args"} @t{"login-args"} specifies a list of lists of arguments to pass to @t{"login-program"}. Read the docstring of @code{tramp-methods} how to construct these lists. @item @t{"remote-shell"} This property tells @value{tramp} which remote shell to apply on the remote host. It is used in all connection methods of @file{tramp-sh.el}. The default value is @t{"/bin/sh"}. @item @t{"remote-shell-login"} A property to be used in conjunction with @t{"remote-shell"}. It specifies, which shell argument triggers a login shell. Its default value is @t{"-l"}, but some shells, like @command{ksh}, prefer @t{"-"}. @item @t{"session-timeout"} All @file{tramp-sh.el} based methods accept the property @t{"session-timeout"}. This is the time (in seconds) after a connection is disabled for security reasons, and must be reestablished. A value of @code{nil} disables this feature. Most of the methods do not set this property except the @option{sudo}, @option{doas} and @option{run0} methods, which use predefined values. @item @t{"~"}@* @t{"~user"} This is the home directory on the remote host. Setting this connection property helps especially for methods which cannot expand to a remote home directory, like @option{adb}, @option{rclone} and @option{sshfs}. @ref{Home directories} for an example. @item @t{"tmpdir"} The temporary directory on the remote host. If not specified, the default value is @t{"/data/local/tmp"} for the @option{adb} method, @t{"/C$/Temp"} for the @option{smb} method, and @t{"/tmp"} otherwise. @ref{Temporary directory}. @item @t{"posix"} Connections using the @option{smb} method check, whether the remote host supports posix commands. If the remote host runs Samba, it confirms this capability. However, some very old Samba versions have errors in their implementation. In order to suppress the posix commands for those hosts, the property @t{"posix"} should be set to @code{nil}. The default value of this property is @code{t} (not specified in @code{tramp-methods}). If the remote host runs native MS Windows, this property has no effect. @item @t{"mount-point"} The directory file name an @acronym{FUSE}-based file system is mounted on. The default value of this property is @t{"/tramp.method.user@@host#port"} (not specified in @code{tramp-methods}). @ref{Temporary directory}. @item @t{"mount-args"}@* @t{"copyto-args"}@* @t{"moveto-args"}@* @t{"about-args"} These properties keep optional flags to the different @option{rclone} operations. See their default values in @code{tramp-methods} if you want to change their values. @end itemize @node Remote programs @section How @value{tramp} finds and uses programs on the remote host @value{tramp} requires access to and rights to several commands on remote hosts: @command{ls}, @command{test}, @command{find} and @command{cat}. Besides there are other required programs for @ref{Inline methods} and @ref{External methods} of connection. To improve performance and accuracy of remote file access, @value{tramp} uses @command{perl} (or @command{perl5}) and @command{grep} when available. @defopt tramp-remote-path @code{tramp-remote-path} specifies which remote directory paths @value{tramp} can search for @ref{Remote programs}. @vindex tramp-default-remote-path @value{tramp} uses standard defaults, such as @file{/bin} and @file{/usr/bin}, which are reasonable for most hosts. To accommodate differences in hosts and paths, for example, @file{/bin:/usr/bin} on Debian GNU/Linux or @file{/usr/xpg4/bin:/usr/ccs/bin:/usr/bin:/opt/developerstudio12.6/bin} on Solaris, @value{tramp} queries the remote host with @command{getconf PATH} and updates the symbol @code{tramp-default-remote-path}. For instances where hosts keep obscure locations for paths for security reasons, manually add such paths to local @file{.emacs} as shown below for @value{tramp} to use when connecting. @lisp (add-to-list 'tramp-remote-path "/usr/local/perl/bin") @end lisp @vindex tramp-own-remote-path Another way to find the remote path is to use the path assigned to the remote user by the remote host. @value{tramp} does not normally retain this remote path after login. However, @code{tramp-own-remote-path} preserves the path value, which can be used to update @code{tramp-remote-path}. @lisp (add-to-list 'tramp-remote-path 'tramp-own-remote-path) @end lisp @strong{Note} that this works only if your remote @command{/bin/sh} shell supports the login argument @samp{-l}. @end defopt @code{tramp-remote-path} can also be set per host via connection-local @ifinfo variables, @xref{Connection Variables, , , emacs}. @end ifinfo @ifnotinfo variables. @end ifnotinfo You can define your own search directories like this: @lisp @group (connection-local-set-profile-variables 'remote-path-with-bin '((tramp-remote-path . ("~/bin" tramp-default-remote-path)))) @end group @group (connection-local-set-profile-variables 'remote-path-with-apply-pub-bin '((tramp-remote-path . ("/appli/pub/bin" tramp-default-remote-path)))) @end group @group (connection-local-set-profiles '(:application tramp :machine "randomhost") 'remote-path-with-bin) @end group @group (connection-local-set-profiles '(:application tramp :user "anotheruser" :machine "anotherhost") 'remote-path-with-apply-pub-bin) @end group @end lisp When remote search paths are changed, local @value{tramp} caches must be recomputed. To force @value{tramp} to recompute afresh, call @kbd{M-x tramp-cleanup-this-connection @key{RET}} or friends (@pxref{Cleanup remote connections}). @node Remote shell setup @section Remote shell setup hints @subsection Changing the default remote or local shell @cindex zsh setup By default, @value{tramp} uses the command @command{/bin/sh} for starting a shell on the remote host. This can be changed by setting the connection property @t{"remote-shell"}; @pxref{Predefined connection information}. If you want, for example, use @command{/usr/bin/zsh} on a remote host, you might apply @lisp @group (add-to-list 'tramp-connection-properties (list (regexp-quote "@trampfn{sshx,user@@host,}") "remote-shell" "/usr/bin/zsh")) @end group @end lisp This works only for connection methods which allow overriding the remote login shell, like @option{sshx} or @option{plink}. See @ref{Inline methods} and @ref{External methods} for connection methods which support this. @vindex tramp-sh-extra-args This approach has also the advantage, that settings in @code{tramp-sh-extra-args} will be applied. For @command{zsh}, the trouble with the shell prompt due to set zle options will be avoided. For @command{bash}, loading @file{~/.editrc} or @file{~/.inputrc} is suppressed. Similar problems can happen with the local shell @value{tramp} uses to create a process. By default, it uses the command @command{/bin/sh} for this, which could also be a link to another shell. In order to overwrite this, you might apply @vindex tramp-encoding-shell @lisp (customize-set-variable 'tramp-encoding-shell "/usr/bin/zsh") @end lisp This uses also the settings in @code{tramp-sh-extra-args}. @vindex RemoteCommand@r{, ssh option} @strong{Note}: If you use an @option{ssh}-based method for connection, do @emph{not} set the @option{RemoteCommand} option in your @command{ssh} configuration to something like @command{screen}. If used, @option{RemoteCommand} must open an interactive shell on the remote host. On the other hand, some @option{ssh}-based methods, like @option{sshx} or @option{scpx}, silently overwrite a @option{RemoteCommand} option of the configuration file. @subsection Other remote shell setup hints @cindex remote shell setup @cindex @file{.profile} file @cindex @file{.login} file @cindex shell init files @value{tramp} checks for the availability of standard programs in the usual locations. Common tactics include successively trying @command{test -e}, @command{/usr/bin/test -e}, and @command{/bin/test -e}. @command{ls -d} is another approach. But these approaches do not help with these new login patterns. When @value{tramp} encounters two-factor logins or additional challenge questions, such as entering birth date or security code or passphrase, @value{tramp} needs a few more configuration steps to accommodate them. The difference between a password prompt and a passphrase prompt is that the password for completing the login while the passphrase is for authorizing access to local authentication information, such as the ssh key. There is no one configuration to accommodate all the variations in login security, especially not the exotic ones. However, @value{tramp} provides a few tweaks to address the most common ones. @table @asis @vindex tramp-shell-prompt-pattern @item @code{tramp-shell-prompt-pattern} @code{tramp-shell-prompt-pattern} is for remote login shell prompt, which may not be the same as the local login shell prompt, @code{shell-prompt-pattern}. Since most hosts use identical prompts, @value{tramp} sets a similar default value for both prompts. @vindex tramp-password-prompt-regexp @item @code{tramp-password-prompt-regexp} @vindex tramp-otp-password-prompt-regexp @item @code{tramp-otp-password-prompt-regexp} @vindex tramp-wrong-passwd-regexp @item @code{tramp-wrong-passwd-regexp} @value{tramp} uses @code{tramp-password-prompt-regexp} to distinguish between prompts for passwords and prompts for passphrases. By default, @code{tramp-password-prompt-regexp} handles the detection in English language environments. See a localization example below: @lisp @group (customize-set-variable 'tramp-password-prompt-regexp (concat "^.*" (regexp-opt '("passphrase" "Passphrase" ;; English "password" "Password" ;; Deutsch "passwort" "Passwort" ;; Français "mot de passe" "Mot de passe") t) ".*:\0? *")) @end group @end lisp @vindex password-word-equivalents This user option is, by default, initialized from @code{password-word-equivalents} when @value{tramp} is loaded, and it is usually more convenient to add new passphrases to that user option instead of altering this user option. The user option @code{tramp-otp-password-prompt-regexp} has a similar purpose, but for one-time passwords. Those passwords are not cached by @value{tramp} for reuse. Similar localization may be necessary for handling wrong password prompts, for which @value{tramp} uses @code{tramp-wrong-passwd-regexp}. @vindex tramp-terminal-type @vindex TERM@r{, environment variable} @item @code{tramp-terminal-type} @value{tramp} uses the user option @code{tramp-terminal-type} to set the remote environment variable @env{TERM} for the shells it runs. By default, it is @t{"dumb"}, but this can be changed. A dumb terminal is best suited to run the background sessions of @value{tramp}. However, running interactive remote shells might require a different setting. This can be achieved by tweaking the @env{TERM} environment variable in @code{process-environment}. @lisp @group (let ((process-environment (cons "TERM=xterm-256color" process-environment))) (shell)) @end group @end lisp @vindex TERM@r{, environment variable} @vindex INSIDE_EMACS@r{, environment variable} @item Determining a @value{tramp} session Sometimes, it is needed to identify whether a shell runs under @value{tramp} control. The setting of environment variable @env{TERM} will help: @example @group if test "$TERM" = "dumb"; then ... fi @end group @end example Another possibility is to check the environment variable @env{INSIDE_EMACS}. Like for all subprocesses of Emacs, this is set to the version of the parent Emacs @ifinfo process, @xref{Interactive Shell, , , emacs}. @end ifinfo @ifnotinfo process. @end ifnotinfo @value{tramp} adds its own package version to this string, which can be used for further tests in an inferior shell. The string of that environment variable looks always like @example @group echo $INSIDE_EMACS @result{} 27.2,tramp:2.4.5 @end group @end example @cindex unix command @command{tset} @cindex @command{tset} unix command @item @command{tset} and other questions To suppress inappropriate prompts for terminal type, @value{tramp} sets the @env{TERM} environment variable before the remote login process begins via the user option @code{tramp-terminal-type} (see above). This will silence common @command{tset} related prompts. @value{tramp}'s strategy for handling such prompts (commonly triggered from login scripts on remote hosts) is to set the environment variables so that no prompts interrupt the shell initialization process. @vindex tramp-actions-before-shell An alternative approach is to configure @value{tramp} with strings that can identify such questions using @code{tramp-actions-before-shell}. Example: @lisp @group (defconst my-tramp-prompt-regexp "Enter the birth date of your mother:\\s-*" "Regular expression matching my login prompt question.") @end group @group (defun my-tramp-action (proc vec) "Enter \"19000101\" in order to give a correct answer." (save-window-excursion (with-current-buffer (tramp-get-connection-buffer vec) (tramp-message vec 6 "\n%s" (buffer-string)) (tramp-send-string vec "19000101")))) @end group @group (add-to-list 'tramp-actions-before-shell '(my-tramp-prompt-regexp my-tramp-action)) @end group @end lisp The regular expressions used in @code{tramp-actions-before-shell} must match the end of the connection buffer. Due to performance reasons, this search starts at the end of the buffer, and it is limited to 256 characters backwards. @item Conflicting names for users and variables in @file{.profile} When a user name is the same as a variable name in a local file, such as @file{.profile}, then @value{tramp} may send incorrect values for environment variables. To avoid incorrect values, change the local variable name to something different from the user name. For example, if the user name is @env{FRUMPLE}, then change the variable name to @env{FRUMPLE_DIR}. @item Non-Bourne commands in @file{.profile} When the remote host's @file{.profile} is also used for shells other than Bourne shell, then some incompatible syntaxes for commands in @file{.profile} may trigger errors in Bourne shell on the host and may not complete client's @value{tramp} connections. One example of a Bourne shell incompatible syntax in @file{.profile}: using @command{export FOO=bar} instead of @command{FOO=bar; export FOO}. After remote login, @value{tramp} will trigger an error during its execution of @command{/bin/sh} on the remote host because Bourne shell does not recognize the export command as entered in @file{.profile}. Likewise, (@samp{~}) character in paths will cause errors because Bourne shell does not do (@samp{~}) character expansions. One approach to avoiding these incompatibilities is to make all commands in @file{~/.shrc} and @file{~/.profile} Bourne shell compatible so @value{tramp} can complete connections to that remote. To accommodate using non-Bourne shells on that remote, use other shell-specific config files. For example, bash can use @file{~/.bash_profile} and ignore @file{.profile}. @item Interactive shell prompt @vindex INSIDE_EMACS@r{, environment variable} @vindex SHELLNAME@r{, environment variable} @vindex ESHELL@r{, environment variable} @value{tramp} redefines the remote shell prompt internally for robust parsing. This redefinition affects the looks of a prompt in an interactive remote shell through commands, such as @kbd{M-x shell @key{RET}}. Such prompts, however, can be reset to something more readable and recognizable using these environment variables. @value{tramp} sets the @env{INSIDE_EMACS} environment variable in the startup script file @file{~/.emacs_SHELLNAME}. @env{SHELLNAME} is @code{bash} or equivalent shell names. Change it by setting the environment variable @env{ESHELL} in the @file{.emacs} as follows: @lisp (setenv "ESHELL" "bash") @end lisp Then re-set the prompt string in @file{~/.emacs_SHELLNAME} as follows: @example @group # Reset the prompt for remote @value{tramp} shells. if [ "$@{INSIDE_EMACS/*tramp*/tramp@}" == "tramp" ] ; then PS1="[\u@@\h \w]$ " fi @end group @end example @ifinfo @xref{Interactive Shell, , , emacs}. @end ifinfo @cindex unix command @command{nc} @cindex @command{nc} unix command @item @command{busybox} / @command{nc} @value{tramp}'s @option{nc} method uses the @command{nc} command to install and execute a listener as follows (see @code{tramp-methods}): @example $ nc -l -p 42 @end example The above command-line syntax has changed with @command{busybox} versions. If @command{nc} refuses the @samp{-p} parameter, then overwrite as follows: @lisp @group (add-to-list 'tramp-connection-properties `(,(regexp-quote "192.168.0.1") "remote-copy-args" (("-l") ("%r")))) @end group @end lisp @noindent where @samp{192.168.0.1} is the remote host IP address (@pxref{Predefined connection information}). @end table @node Ssh setup @section Ssh setup hints The most common @value{tramp} connection family is based on either @command{ssh} or @command{scp} of OpenSSH, or @command{plink} or @command{pscp} of PuTTY on MS Windows. In the following, some configuration recommendations are given. @subsection Using ssh config include for host name completion @vindex Include@r{, ssh option} @findex tramp-set-completion-function @findex tramp-get-completion-function OpenSSH configuration files can use an @option{Include} option for further configuration files. Default @value{tramp} host name completion ignores this option. However, you can configure this yourself. Given, your @file{~/.ssh/config} file contains the following option: @example Include ~/.ssh/conf.d/* @end example The following code snippet in your @file{.emacs} uses all files in that directory for host name completion: @lisp @group (tramp-set-completion-function "ssh" (append (tramp-get-completion-function "ssh") (mapcar (lambda (file) `(tramp-parse-sconfig ,file)) (directory-files "~/.ssh/conf.d/" 'full directory-files-no-dot-files-regexp)))) @end group @end lisp This code snippet does it for the @option{ssh} method. If you replace @t{"ssh"} by @t{"scp"}, it does it also for that method (or any other method you like). @subsection Detection of session hangouts @vindex ServerAliveInterval@r{, ssh option} @vindex ServerAliveCountMax@r{, ssh option} @command{ssh} sessions on the local host hang when the network is down. @value{tramp} cannot safely detect such hangs. OpenSSH can be configured to kill such hangs with the following settings in @file{~/.ssh/config}: @example @group Host * ServerAliveInterval 5 ServerAliveCountMax 2 @end group @end example The corresponding PuTTY configuration is in the @option{Connection} entry, @option{Seconds between keepalives} option. Set this to 5. PuTTY does not have a configuration option equivalent to OpenSSH's @option{ServerAliveCountMax}. @anchor{Using ssh connection sharing} @subsection Using ssh connection sharing @vindex ControlPath@r{, ssh option} @vindex ControlPersist@r{, ssh option} @value{tramp} uses the @option{ControlMaster=auto} OpenSSH option by default, if possible. However, it overwrites @option{ControlPath} settings when initiating @command{ssh} sessions. @value{tramp} does this to fend off a stall if a master session opened outside the Emacs session is no longer open. That is why @value{tramp} prompts for the password again even if there is an @command{ssh} already open. @vindex tramp-ssh-controlmaster-options Some OpenSSH versions support a @option{ControlPersist} option, which allows you to set the @option{ControlPath} provided the variable @code{tramp-ssh-controlmaster-options} is customized as follows: @lisp @group (customize-set-variable 'tramp-ssh-controlmaster-options (concat "-o ControlPath=/tmp/ssh-ControlPath-%%r@@%%h:%%p " "-o ControlMaster=auto -o ControlPersist=yes")) @end group @end lisp Note how @samp{%r}, @samp{%h} and @samp{%p} must be encoded as @samp{%%r}, @samp{%%h} and @samp{%%p}. @vindex tramp-use-connection-share Using a predefined string in @code{tramp-ssh-controlmaster-options}, or puzzling an own string, happens only when user option @code{tramp-use-connection-share} is set to @code{t}. If the @file{~/.ssh/config} file is configured appropriately for the above behavior, then any changes to @command{ssh} can be suppressed with this @code{nil} setting: @lisp (customize-set-variable 'tramp-use-connection-share nil) @end lisp Sometimes, it is not possible to use OpenSSH's @option{ControlMaster} option for remote processes. This could result in concurrent access to the OpenSSH socket when reading data by different processes, which could block Emacs. In this case, setting @code{tramp-use-connection-share} to @code{suppress} disables shared access. It is not needed to set this user option permanently to @code{suppress}, binding the user option prior calling @code{make-process} is sufficient. @value{tramp} does this for esxample for compilation processes on its own. @vindex ProxyCommand@r{, ssh option} @vindex ProxyJump@r{, ssh option} @code{tramp-use-connection-share} should also be set to @code{nil} or @code{suppress} if you use the @option{ProxyCommand} or @option{ProxyJump} options in your @command{ssh} configuration. In order to use the @option{ControlMaster} option, @value{tramp} must check whether the @command{ssh} client supports this option. This is only possible on the local host, for the first hop. @value{tramp} does not use this option on proxy hosts, therefore. If you want to use this option also for the other hops, you must configure @file{~/.ssh/config} on the proxy host: @example @group Host * ControlMaster auto ControlPath tramp.%C ControlPersist no @end group @end example Check the @samp{ssh_config(5)} man page whether these options are supported on your proxy host. On MS Windows, @code{tramp-use-connection-share} is set to @code{nil} by default, because the MS Windows and MSYS2 implementations of @command{OpenSSH} do not support this option properly. In PuTTY, you can achieve connection sharing in the @option{Connection/SSH} entry, enabling the @option{Share SSH connections if possible} option. @code{tramp-use-connection-share} must be set to @code{nil}. If @code{tramp-use-connection-share} is set to @code{t} or @code{suppress}, @command{plink} is called with the option @option{-share} or @option{-noshare}, respectively. @subsection Configure direct copying between two remote servers @vindex tramp-use-scp-direct-remote-copying @value{tramp} uses a temporary local copy when copying two files between different remote hosts via external methods. This behavior is due to authentication problems @value{tramp} cannot handle sufficiently. However, for @option{scp} connections this can be changed. When a file shall be copied between two different remote hosts @samp{source} and @samp{target}, and @itemize @minus @item Variable @code{tramp-use-scp-direct-remote-copying} is non-@code{nil}, @item Remote host @samp{source} doesn't use the @option{RemoteCommand} option in @file{~/.ssh/config}, @item Remote host @samp{target} shows the same host key when seen from the local host and from host @samp{source}, and @item @command{scp} running on host @samp{source} can authenticate to host @samp{target} without requiring a password, @end itemize @noindent @value{tramp} applies direct remote copying between hosts @samp{source} and @samp{target} like @example scp -p -T -R -q -r source:/path/to/file target:/path/to/another/file @end example This protects also your local temporary directory from overrun when copying large files. If these conditions do not apply, and @code{tramp-use-scp-direct-remote-copying} is non-@code{nil}, the option @samp{-3} is used instead of @samp{-R}. @c FIXME When @value{tramp} uses direct remote copying, password caches are not consulted. @subsection Issues with Cygwin and MS Windows ssh @cindex cygwin, issues @cindex ms Windows, issues This section is incomplete. Please share your solutions. @cindex ms windows and @command{ssh} @cindex ms windows and @command{ssh-agent} MS Windows' @command{ssh} does not open a remote TTY@. Use the method @option{sshx} or @option{scpx} instead. Furthermore, it cannot read a passphrase for ssh private keys. Use the MS @code{ssh-agent}. @cindex method @option{sshx} with cygwin @cindex @option{sshx} method with cygwin Cygwin's @command{ssh} works only with a Cygwin version of Emacs. To check for compatibility: type @kbd{M-x eshell @key{RET}}, and start @kbd{ssh test.host @key{RET}}. Incompatibilities trigger this message: @example Pseudo-terminal will not be allocated because stdin is not a terminal. @end example Some older versions of Cygwin's @command{ssh} work with the @option{sshx} access method. Consult Cygwin's FAQ at @uref{https://cygwin.com/faq/} for details. @cindex cygwin and @command{fakecygpty} @cindex @command{fakecygpty} and cygwin On @uref{https://www.emacswiki.org/emacs/SshWithNTEmacs, the Emacs Wiki} it is explained how to use the helper program @command{fakecygpty} to fix this problem. @cindex method @option{scpx} with cygwin @cindex @option{scpx} method with cygwin When using the @option{scpx} access method, Emacs may call @command{scp} with MS Windows file naming, such as @file{c:/foo}. But the version of @command{scp} that is installed with Cygwin does not know about MS Windows file naming, which causes it to incorrectly look for a host named @samp{c}. A workaround: write a wrapper script for @option{scp} to convert Windows file names to Cygwin file names. @cindex cygwin and @command{ssh-agent} @cindex @env{SSH_AUTH_SOCK} and emacs on ms windows @vindex SSH_AUTH_SOCK@r{, environment variable} When using the cygwin @command{ssh-agent} on MS Windows for password-less interaction, @option{ssh} methods depend on the environment variable @env{SSH_AUTH_SOCK}. But this variable is not set when Emacs is started from a Desktop shortcut and authentication fails. One workaround is to use an MS Windows based SSH Agent, such as the native MS @command{ssh-agent} or @command{Pageant}. The latter is part of the PuTTY Suite of tools. The fallback is to start Emacs from a shell. @node FUSE setup @section @acronym{FUSE} setup hints The @acronym{FUSE} file systems are mounted by default at @t{"/tramp.method.user@@host#port"}.@footnote{@ref{Temporary directory}} Method is either @t{"rclone"} or @t{"sshfs"}. The user name and port number are optional. If the file system is already mounted, it will be used as it is. If the mount point does not exist yet, @value{tramp} creates this directory. The mount point can be overwritten by the connection property @t{"mount-point"}, @pxref{Predefined connection information}. Example: @lisp @group (add-to-list 'tramp-connection-properties `(,(regexp-quote "@trampfn{sshfs,user@@host,}") "mount-point" ,(expand-file-name "sshfs.user@@host" user-emacs-directory))) @end group @end lisp @vindex tramp-fuse-unmount-on-cleanup The user option @code{tramp-fuse-unmount-on-cleanup}, when set to non-@code{nil}, controls, whether a mount point is unmounted on connection cleanup or on Emacs exiting. @anchor{Setup of rclone method} @subsection @option{rclone} setup @cindex rclone setup The default arguments of the @command{rclone} operations @command{mount}, @command{copyto}, @command{moveto} and @command{about} are declared in the variable @code{tramp-methods} as method specific parameters. Usually, they don't need to be overwritten. If needed, these parameters can be overwritten as connection properties @t{"mount-args"}, @t{"copyto-args"}, @t{"moveto-args"} and @t{"about-args"}, @xref{Predefined connection information}. All of them are list of strings. Be careful changing @t{"--dir-cache-time"}, this could delay visibility of files. @anchor{Setup of sshfs method} @subsection @option{sshfs} setup @cindex sshfs setup The method @option{sshfs} declares the mount arguments in the variable @code{tramp-methods}, passed to the @command{sshfs} command. This is a list of list of strings, and can be overwritten by the connection property @t{"mount-args"}, @xref{Predefined connection information}. Additionally, it declares also the arguments for running remote processes, using the @command{ssh} command. These don't need to be changed. @node Android shell setup @section Android shell setup hints @cindex android shell setup for ssh @value{tramp} uses the @option{adb} method to access Android devices. Android devices provide a restricted shell access through an USB connection. The local host must have the @command{adb} program installed. Usually, it is sufficient to open the file @file{@trampfn{adb,,/}}. Then you can navigate in the file system via @code{dired}. Alternatively, applications such as @code{Termux} or @code{SSHDroid} that run @command{sshd} process on the Android device can accept any @option{ssh}-based methods provided these settings are adjusted: @itemize @item @command{sh} must be specified for remote shell since Android devices do not provide @command{/bin/sh}. @command{sh} will then invoke whatever shell is installed on the device with this setting: @lisp @group (add-to-list 'tramp-connection-properties (list (regexp-quote "192.168.0.26") "remote-shell" "sh")) @end group @end lisp @noindent where @samp{192.168.0.26} is the Android device's IP address. (@pxref{Predefined connection information}). @item On the Android device the directory names are prefixed with an application specific prefix, which is @file{/data/data/com.termux/files/usr/bin} instead of @file{/usr/bin} in the @code{Termux} case. You must adapt the file names in @code{tramp-remote-path}, for example via connection-local @ifinfo settings (@pxref{Connection Variables, , , emacs}): @end ifinfo @ifnotinfo settings: @end ifnotinfo @lisp @group (connection-local-set-profile-variables 'tramp-connection-local-termux-profile `((tramp-remote-path . ,(mapcar (lambda (x) (if (stringp x) (concat "/data/data/com.termux/files" x) x)) (copy-tree tramp-remote-path))))) (connection-local-set-profiles '(:application tramp :machine "192.168.0.26") 'tramp-connection-local-termux-profile) @end group @end lisp @item When the Android device is not @samp{rooted}, specify a writable directory for temporary files: @lisp (add-to-list 'tramp-connection-properties (list (regexp-quote "192.168.0.26") "tmpdir" "/data/data/com.termux/files/home/tmp")) @end lisp @item Open a remote connection with the command @kbd{C-x C-f @trampfn{ssh,192.168.0.26#2222,} @key{RET}}, where @command{sshd} is listening on port @samp{2222}. To add a corresponding entry to the @file{~/.ssh/config} file (recommended), use this: @example @group Host android HostName 192.168.0.26 User root Port 2222 @end group @end example @noindent To use the host name @samp{android} instead of the IP address shown in the previous example, fix the connection properties as follows: @lisp @group (add-to-list 'tramp-connection-properties (list (regexp-quote "android") "remote-shell" "sh")) (add-to-list 'tramp-connection-properties (list (regexp-quote "android") "tmpdir" "/data/data/com.termux/files/home/tmp")) (connection-local-set-profiles '(:application tramp :machine "android") 'tramp-connection-local-termux-profile) @end group @end lisp @noindent Open a remote connection with the more concise command @kbd{C-x C-f @trampfn{ssh,android,} @key{RET}}. @end itemize @node Kubernetes setup @section Kubernetes setup hints With the @option{kubernetes} method, containers in Kubernetes pods can be accessed. The host name is a pod name returned by @samp{kubectl get pods}, or @samp{@var{container}.@var{pod}} if an explicit container name shall be used. Otherwise, the first container in a pod is used. Sometimes, asynchronous processes for a host without a dedicated container name show a warning like @samp{Defaulted container "container1" out of: container1, container2}. This can be mitigated by setting the pod annotation @samp{kubectl.kubernetes.io/default-container} to a proper value (@samp{container1} in this example). @vindex tramp-kubernetes-context @vindex tramp-kubernetes-namespace @value{tramp} uses the default Kubernetes context and namespace. If another context or namespace shall be used, configure the user options @code{tramp-kubernetes-context} and @code{tramp-kubernetes-namespace}. @node Auto-save File Lock and Backup @section Auto-save, File Lock and Backup configuration @cindex auto-save @cindex file-lock @cindex backup @vindex backup-directory-alist To avoid @value{tramp} from saving backup files owned by @samp{root} to locations accessible to others, default backup settings in @code{backup-directory-alist} have to be altered. Here's a scenario where files could be inadvertently exposed. Emacs by default writes backup files to the same directory as the original files unless changed to another location, such as @file{~/.emacs.d/backups/}. Such a directory will also be used by default by @value{tramp} when using, say, a restricted file @file{@trampfn{su,root@@localhost,/etc/secretfile}}. The backup file of the secretfile is now owned by the user logged in from @value{tramp} and not @samp{root}. When @code{backup-directory-alist} is @code{nil} (the default), such problems do not occur. To ``turn off'' the backup feature for remote files and stop @value{tramp} from saving to the backup directory, use this: @lisp @group (add-to-list 'backup-directory-alist (cons tramp-file-name-regexp nil)) @end group @end lisp @noindent Disabling backups can be targeted to just the @option{su} and @option{sudo} methods: @lisp @group (setq backup-enable-predicate (lambda (name) (and (normal-backup-enable-predicate name) (not (let ((method (file-remote-p name 'method))) (when (stringp method) (member method '("su" "sudo")))))))) @end group @end lisp @vindex tramp-backup-directory-alist Another option is to create better backup file naming with user and host names prefixed to the file name. For example, transforming @file{/etc/secretfile} to @file{~/.emacs.d/backups/!su:root@@localhost:!etc!secretfile}, set the @value{tramp} user option @code{tramp-backup-directory-alist} from the existing user option @code{backup-directory-alist}. Then @value{tramp} backs up to a file name that is transformed with a prefix consisting of the DIRECTORY name. This file name prefixing happens only when the DIRECTORY is an absolute local file name. @noindent Example: @lisp @group (add-to-list 'backup-directory-alist (cons "." "~/.emacs.d/backups/")) (customize-set-variable 'tramp-backup-directory-alist backup-directory-alist) @end group @end lisp @noindent The backup file name of @file{@trampfn{su,root@@localhost,/etc/secretfile}} would be @ifset unified @file{@trampfn{su,root@@localhost,~/.emacs.d/backups/!su:root@@localhost:!etc!secretfile~}}. @end ifset @ifset separate @file{@trampfn{su,root@@localhost,~/.emacs.d/backups/![su!root@@localhost]!etc!secretfile~}}. @end ifset @vindex auto-save-file-name-transforms Just as for backup files, similar issues of file naming affect auto-saving remote files. Auto-saved files are saved in the directory specified by the user option @code{auto-save-file-name-transforms}. By default this is set to the local temporary directory. But in some versions of Debian GNU/Linux, this points to the source directory where the Emacs was compiled. Reset such values to a valid directory. Set @code{auto-save-file-name-transforms} to @code{nil} to save auto-saved files to the same directory as the original file. @vindex tramp-auto-save-directory Alternatively, set the user option @code{tramp-auto-save-directory} to direct all auto saves to that location. @c Since Emacs 30. @vindex remote-file-name-inhibit-auto-save If you want to suppress auto-saving of remote files at all, set user option @code{remote-file-name-inhibit-auto-save} to non-@code{nil}. @c Since Emacs 29. @vindex remote-file-name-inhibit-auto-save-visited An alternative to @code{auto-save-mode} is @code{auto-save-visited-mode}. In this mode, auto-saving is identical to explicit saving. If you want to disable this behavior for remote files, set user option @code{remote-file-name-inhibit-auto-save-visited} to non-@code{nil}. @vindex lock-file-name-transforms And still more issues to handle. Since @w{Emacs 28}, file locks use a similar user option as auto-save files, called @code{lock-file-name-transforms}. By default this user option is @code{nil}, meaning to keep file locks in the same directory as the original file. If you change @code{lock-file-name-transforms} in order to keep file locks for remote files somewhere else, you will lose Emacs's feature to warn you, if a file is changed in parallel from different Emacs sessions, or via different remote connections. Be careful with such settings. @vindex remote-file-name-inhibit-locks Setting @code{remote-file-name-inhibit-locks} to non-@code{nil} prevents the creation of remote lock files at all. @vindex tramp-allow-unsafe-temporary-files Per default, @value{tramp} asks for confirmation if a @samp{root}-owned remote backup, auto-save or lock file has to be written to your local temporary directory. If you want to suppress this confirmation question, set user option @code{tramp-allow-unsafe-temporary-files} to @code{t}. @node Keeping files encrypted @section Protect remote files by encryption @cindex Encrypt remote directories @strong{Note}: File encryption in @value{tramp} is experimental, don't use it in production systems! Sometimes, it is desirable to protect files located on remote directories, like cloud storages. In order to do this, you might instruct @value{tramp} to encrypt all files copied to a given remote directory, and to decrypt such files when accessing. This includes both file contents and file names. @value{tramp} does this transparently. Although both files and file names are encrypted on the remote side, they are accessible inside Emacs as they wouldn't be transformed as such. @cindex @command{encfs} @cindex @command{encfsctl} Internally, @value{tramp} uses the @command{encfs} package. Therefore, this feature is available only if this package is installed on the local host. @value{tramp} does not keep and @samp{encfs mountpoint} permanently. Instead, it encrypts / decrypts files and file names on the fly, using @command{encfsctl}. @deffn Command tramp-crypt-add-directory name This command marks the existing remote directory @var{name} for encryption. Files in that directory and all subdirectories will be encrypted before copying to, and decrypted after copying from that directory. File and directory names will be also encrypted. @end deffn @defopt tramp-crypt-encfs-option If a remote directory is marked for encryption, it is initialized via @command{encfs} the very first time a file in this directory is accessed. This user option controls, which default @command{encfs} configuration option will be selected, it can be @t{"--standard"} or @t{"--paranoia"}. See the @samp{encfs(1)} man page for details. However, @value{tramp} must adapt these configuration sets. The @option{chainedNameIV} configuration option must be disabled; otherwise @value{tramp} couldn't handle file name encryption transparently. @end defopt A password protected @option{encfs} configuration file is created the very first time you access an encrypted remote directory. It is kept in your @code{user-emacs-directory} with the url-encoded directory name as part of the basename, and @file{encfs6.xml} as suffix. If you, for example, mark the remote directory @file{@trampfn{nextcloud,user@@host,/path/to/dir}} for encryption, the configuration file is saved as @file{tramp-%2Fnextcloud%3Auser%40host%3A%2Fpath%2Fto%2Fdir%2F.encfs6.xml} in @code{user-emacs-directory}. Do not lose this file and the corresponding password; otherwise there is no way to decrypt your encrypted files. @defopt tramp-crypt-save-encfs-config-remote If this user option is non-@code{nil} (the default), the @option{encfs} configuration file @file{.encfs6.xml} is also kept in the encrypted remote directory. It depends on you, whether you regard the password protection of this file as sufficient. The advantage would be, that such a remote directory could be accessed by different Emacs sessions, different users, without presharing the configuration file between the users. @end defopt The command @command{encfsctl}, the workhorse for encryption / decryption, needs the configuration file password every call. Therefore, it is recommend to cache this password in Emacs. This can be done using @code{auth-sources}, @pxref{Using an authentication file}. An entry needs the url-encoded directory name as machine, your local user name as user, and the password. The port is optional, if given it must be the string @t{"crypt"}. The example above would require the following entry in the authentication file (@t{"yourname"} is the result of @code{(user-login-name)}): @example machine %2Fnextcloud%3Auser%40host%3A%2Fpath%2Fto%2Fdir%2F \ login yourname port crypt password geheim @end example If you use a remote file name with a quoted localname part, this localname and the corresponding file will not be encrypted / decrypted. If you have an encrypted remote directory @file{@trampfn{nextcloud,user@@host,/path/to/dir}}, the command @example @kbd{C-x d @trampfn{nextcloud,user@@host,/path/to/dir}} @end example @noindent will show the directory listing with the plain file names, and the command @example @kbd{C-x d @trampfn{nextcloud,user@@host,/:/path/to/dir}} @end example @noindent will show the directory listing with the encrypted file names, and visiting a file will show its encrypted contents. However, it is highly discouraged to mix encrypted and not encrypted files in the same directory. @deffn Command tramp-crypt-remove-directory name This command should be used to indicate that files in @code{name} should no longer be encrypted. Existing encrypted files and subdirectories will remain encrypted. @end deffn @node Usage @chapter Using @value{tramp} @cindex using @value{tramp} @value{tramp} operates transparently, accessing remote files as if they are local. However, @value{tramp} employs a formalized remote file naming syntax to perform its functions transparently. This syntax consists of many parts specifying access methods, authentication, host names, and file names. Ange FTP uses a similar syntax. @cindex type-ahead Unlike opening local files in Emacs, which are instantaneous, opening remote files in @value{tramp} is slower at first. Sometimes there is a noticeable delay before the prompts for passwords or authentication appear in the minibuffer. Hitting @kbd{@key{RET}} or other keys during this gap will be processed by Emacs. This type-ahead facility is a feature of Emacs that may cause missed prompts when using @value{tramp}. @menu * File name syntax:: @value{tramp} file name conventions. @ifset unified * Change file name syntax:: Alternative file name syntax. @end ifset * File name completion:: File name completion. * Ad-hoc multi-hops:: Declaring multiple hops in the file name. * Home directories:: Expanding @file{~} to home directory. * Remote processes:: Integration with other Emacs packages. * Cleanup remote connections:: Cleanup remote connections. * Renaming remote files:: Renaming remote files. * Archive file names:: Access to files in file archives. @end menu @node File name syntax @section @value{tramp} file name conventions @cindex file name syntax @cindex file name examples @file{@trampfn{method,host,/path/to/file}} opens file @var{/path/to/file} on the remote host @var{host}, using the method @var{method}. @c We cannot use @trampfn{} in @item. @table @file @item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}.emacs For the file @file{.emacs} located in the home directory, on the host @samp{melancholia}, using method @option{ssh}. @item @value{prefix}ssh@value{postfixhop}melancholia.danann.net@value{postfix}.emacs For the file @file{.emacs} specified using the fully qualified domain name of the host. @item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}~/.emacs For the file @file{.emacs} specified using the @file{~}, which is expanded. @item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}~daniel/.emacs For the file @file{.emacs} located in @samp{daniel}'s home directory on the host, @samp{melancholia}. The @file{~} construct is expanded to the home directory of that user on the remote host. @item @value{prefix}ssh@value{postfixhop}melancholia@value{postfix}/etc/squid.conf For the file @file{/etc/squid.conf} on the host @samp{melancholia}. @end table @var{host} can take IPv4 or IPv6 address, as in @file{@trampfn{ssh,127.0.0.1,.emacs}} or @file{@trampfn{ssh,@value{ipv6prefix}::1@value{ipv6postfix},.emacs}}. @ifset unified For syntactical reasons, IPv6 addresses must be embedded in square brackets @file{@value{ipv6prefix}} and @file{@value{ipv6postfix}}. @end ifset By default, @value{tramp} will use the current local user name as the remote user name for log in to the remote host. Specifying a different name using the proper syntax will override this default behavior: @file{@trampfn{method,user@@host,path/to/file}}. @file{@trampfn{ssh,daniel@@melancholia,.emacs}} is for file @file{.emacs} in @samp{daniel}'s home directory on the host, @samp{melancholia}, accessing via method @option{ssh}. For specifying port numbers, affix @file{#} to the host name. For example: @file{@trampfn{ssh,daniel@@melancholia#42,.emacs}}. All method, user name, host name, port number and local name parts are optional, @xref{Default Method}, @xref{Default User}, @xref{Default Host}. @ifset unified For syntactical reasons, the default method must be indicated by the pseudo method @file{-}. @end ifset @ifset unified @node Change file name syntax @section Alternative file name syntax @cindex change file name syntax @cindex alternative file name syntax The syntax described in @ref{File name syntax} is the @code{default} syntax, which is active after Emacs startup. However, this can be changed. @deffn Command tramp-change-syntax syntax This command changes the syntax @value{tramp} uses for remote file names. Beside the @code{default} value, @var{syntax} can be @itemize @cindex simplified syntax @item @code{simplified} This remote file name syntax is similar to the syntax used by Ange FTP@. A remote file name has the form @file{@value{prefix}user@@host@value{postfix}path/to/file}. The @samp{user@@} part is optional, and the method is determined by @ref{Default Method}. @cindex separate syntax @item @code{separate} @clear unified @set separate @include trampver.texi This remote file name syntax originated in the XEmacs text editor. A remote file name has the form @file{@trampfn{method,user@@host,path/to/file}}. The @samp{method} and @samp{user@@} parts are optional. @clear separate @set unified @include trampver.texi @end itemize @end deffn @defvar tramp-file-name-regexp This variable keeps a regexp which matches the selected remote file name syntax. Its value changes after every call of @code{tramp-change-syntax}. However, it is not recommended to use this variable in external packages, a call of @code{file-remote-p} is much more appropriate. @ifinfo @pxref{Magic File Names, , , elisp}. @end ifinfo @end defvar @end ifset @node File name completion @section File name completion @cindex file name completion @value{tramp} can complete the following @value{tramp} file name components: method names, user names, host names, and file names located on remote hosts. For example, type @kbd{C-x C-f @value{prefixwithspace} s @key{TAB}}, @value{tramp} completion choices show up as @example @group @multitable @columnfractions .2 .2 .2 .2 .2 @item @c sbin/ @tab @c @value{prefixhop}scp@value{postfix} @tab @c @value{prefixhop}scpx@value{postfix} @tab @c @value{prefixhop}sftp@value{postfix} @tab @c @value{prefixhop}sg@value{postfix} @item @c @value{prefixhop}smb@value{postfix} @tab @c srv/ @tab @c @value{prefixhop}ssh@value{postfix} @tab @c @value{prefixhop}sshx@value{postfix} @tab @c @value{prefixhop}su@value{postfix} @item @c @value{prefixhop}sudo@value{postfix} @tab @c sys/ @end multitable @end group @end example @samp{@value{prefixhop}ssh@value{postfixhop}} is a possible completion for the respective method, and @samp{sbin/} stands for the directory @file{/sbin} on your local host. Type @kbd{s h @value{postfixhop}} for the minibuffer completion to @samp{@value{prefix}ssh@value{postfixhop}}. Typing @kbd{@key{TAB}} shows host names @value{tramp} extracts from @file{~/.ssh/config} file, for example: @example @group @multitable @columnfractions .5 .5 @item @c @value{prefixhop}ssh@value{postfixhop}127.0.0.1@value{postfix} @tab @c @value{prefixhop}ssh@value{postfixhop}192.168.0.1@value{postfix} @item @c @value{prefixhop}ssh@value{postfixhop}@value{ipv6prefix}::1@value{ipv6postfix}@value{postfix} @tab @c @value{prefixhop}ssh@value{postfixhop}localhost@value{postfix} @item @c @value{prefixhop}ssh@value{postfixhop}melancholia.danann.net@value{postfix} @tab @c @value{prefixhop}ssh@value{postfixhop}melancholia@value{postfix} @end multitable @end group @end example Choose a host from the above list and then continue to complete file names on that host. When the configuration (@pxref{Customizing Completion}) includes user names, then the completion lists will account for the user names as well. @vindex tramp-completion-use-auth-sources Results from @code{auth-sources} search (@pxref{Using an authentication file}) are added to the completion candidates. This search could be annoying, for example due to a passphrase request of the @file{~/.authinfo.gpg} authentication file. The user option @code{tramp-completion-use-auth-sources} controls, whether such a search is performed during completion. @vindex tramp-completion-use-cache Remote hosts previously visited or hosts whose connections are kept persistently (@pxref{Connection caching}) will be included in the completion lists. If you want to suppress this completion because there are invalid entries in the persistency file, for example if the host configuration changes often, or if you plug your laptop to different networks frequently, you can set the user option @code{tramp-completion-use-cache} to @code{nil}. After remote host name completion comes completion of file names on the remote host. It works the same as with local host file completion except that killing with double-slash @file{//} kills only the file name part of the @value{tramp} file name syntax. A triple-slash stands for the default behavior. @ifinfo @xref{Minibuffer File, , , emacs}. @end ifinfo @noindent Example: @example @group @kbd{C-x C-f @trampfn{ssh,melancholia,/usr/local/bin//etc} @key{TAB}} @print{} @trampfn{ssh,melancholia,/etc} @kbd{C-x C-f @trampfn{ssh,melancholia,//etc} @key{TAB}} @print{} @trampfn{ssh,melancholia,/etc} @kbd{C-x C-f @trampfn{ssh,melancholia,/usr/local/bin///etc} @key{TAB}} @print{} /etc @end group @end example @node Ad-hoc multi-hops @section Declaring multiple hops in the file name @cindex multi-hop, ad-hoc @cindex proxy hosts, ad-hoc @value{tramp} file name syntax can accommodate ad-hoc specification of multiple proxies without using @code{tramp-default-proxies-alist} configuration setup (@pxref{Multi-hops}). Each proxy is specified using the same syntax as the remote host specification minus the file name part. Each hop is separated by a @samp{|}. Chain the proxies from the starting host to the destination remote host name and file name. For example, hopping over a single proxy @samp{bird@@bastion} to a remote file on @samp{you@@remotehost}: @example @c @kbd{C-x C-f @trampfn{ssh@value{postfixhop}bird@@bastion|ssh,you@@remotehost,/path} @key{RET}} @kbd{C-x C-f @value{prefix}ssh@value{postfixhop}bird@@bastion|@c ssh@value{postfixhop}you@@remotehost@value{postfix}/path @key{RET}} @end example Each involved method must be an inline method (@pxref{Inline methods}). @value{tramp} adds the ad-hoc definitions on the fly to @code{tramp-default-proxies-alist} and is available for reuse during that Emacs session. Subsequent @value{tramp} connections to the same remote host can then use the shortcut form: @samp{@trampfn{ssh,you@@remotehost,/path}}. @defopt tramp-show-ad-hoc-proxies If this user option is non-@code{nil}, ad-hoc definitions are kept in remote file names instead of showing the shortcuts. @lisp (customize-set-variable 'tramp-show-ad-hoc-proxies t) @end lisp @end defopt Ad-hoc definitions are removed from @code{tramp-default-proxies-alist} via the command @kbd{M-x tramp-cleanup-all-connections @key{RET}} (@pxref{Cleanup remote connections}). @defopt tramp-save-ad-hoc-proxies For ad-hoc definitions to be saved automatically in @code{tramp-default-proxies-alist} for future Emacs sessions, set @code{tramp-save-ad-hoc-proxies} to non-@code{nil}. @lisp (customize-set-variable 'tramp-save-ad-hoc-proxies t) @end lisp @end defopt Ad-hoc proxies can take patterns @code{%h} or @code{%u} like in @code{tramp-default-proxies-alist}. The following file name expands to user @samp{root} on host @samp{remotehost}, starting with an @option{ssh} session on host @samp{remotehost}: @file{@trampfn{ssh@value{postfixhop}%h|su,remotehost,}}. On the other hand, if a trailing hop does not specify a host name, the host name of the previous hop is reused. Therefore, the following file name is equivalent to the previous example: @file{@trampfn{ssh@value{postfixhop}remotehost|su,,}}. @defopt tramp-completion-multi-hop-methods When this list includes the last method in a multi-hop connection, the remote host will be queried for a list of completion candidates. This can, for example, provide a list of running docker or podman containers on the remote host. @lisp (customize-set-variable 'tramp-completion-multi-hop-methods `(,tramp-docker-method ,tramp-podman-method)) @end lisp @end defopt A common use case for ad-hoc specifications is to visit a file or a directory with proper permissions, for example with the @option{sudo} method. The command @code{tramp-revert-buffer-with-sudo} supports this. @deffn Command tramp-revert-buffer-with-sudo This command shows the current buffer with @option{sudo} permissions. The buffer must either visit a file, or a directory (@code{dired-mode}). @end deffn @defopt tramp-file-name-with-method The method @code{tramp-revert-buffer-with-sudo} shows an alternate buffer. It defaults to @option{sudo}, other valid methods are @option{su}, @option{doas}, @option{run0}, and @option{ksu}. @lisp (customize-set-variable 'tramp-file-name-with-method "doas") @end lisp @end defopt These methods apply the user @samp{root} as default. If another user shall be taken, add a proper rule to the user option @code{tramp-default-user-alist} (@pxref{Default User}): @lisp (add-to-list 'tramp-default-user-alist '("sudo" "remotehost" "admin")) @end lisp @node Home directories @section Expanding @file{~} to home directory Home directories on remote hosts can be typed as tilde @file{~}. If possible, they are expanded to the remote user's home directory on the remote host. Example: @example @group @trampfn{ssh,user@@host,~} @result{} @trampfn{ssh,user@@host,/home/user} @end group @end example This works in general for @option{ssh}-like methods, and for @option{sudoedit}. These methods allow also the home directory expansion for another user, like @example @group @trampfn{sudoedit,,~otheruser} @result{} @trampfn{sudoedit,root@@localhost,/home/otheruser} @end group @end example For other methods, a home directory can be expanded only if supported. This happens for example for the @option{sftp} method. Methods, which require a share directory in the remote file name (@option{afp}, @option{smb}), use the value of this share directory as home directory: @example @group @trampfn{smb,user@@host,~} @result{} @trampfn{smb,user@@host,/share} @end group @end example Since @value{tramp} cannot know in advance which share directory is intended to use, this expansion can be applied only when a share directory has been used already. The methods @option{adb}, @option{rclone} and @option{sshfs} do not support home directory expansion at all. However, @value{tramp} keeps the home directory in the cache. Therefore, those methods can be configured to expand a home directory via a connection property, @xref{Predefined connection information}. Example: @lisp @group (add-to-list 'tramp-connection-properties (list (regexp-quote "@trampfn{sshfs,user@@randomhost.your.domain,}") "~user" "/home/user")) @end group @end lisp When your remote file name does not contain a @samp{user} part, the connection property @t{"~"} must be used instead. @node Remote processes @section Integration with other Emacs packages @cindex @code{compile} @cindex @code{recompile} @value{tramp} supports starting new running processes on the remote host for discovering remote file names. Emacs packages on the remote host need no specific modifications for @value{tramp}'s use. This type of integration does not work with the @option{ftp} method, and does not support the pty association as specified in @code{start-file-process}. @code{process-file} and @code{start-file-process} work on the remote host when the variable @code{default-directory} is remote: @lisp @group (let ((default-directory "/ssh:remote.host:")) (start-file-process "grep" (get-buffer-create "*grep*") "/bin/sh" "-c" "grep -e tramp *")) @end group @end lisp @vindex process-file-return-signal-string For a local process, @code{process-file} returns either the exit code of the process, or a string describing a signal, when the process has been interrupted. Since it cannot be determined reliably whether a remote process has been interrupted, @code{process-file} will always returns the exit code for it. When the user option @code{process-file-return-signal-string} is non-@code{nil}, @code{process-file} treats all exit codes greater than 128 as an indication that the process has been interrupted, and returns a corresponding string. This remote process handling does not apply to @acronym{GVFS} (@pxref{GVFS-based methods}) because the remote file system is mounted on the local host and @value{tramp} accesses it by changing the @code{default-directory}. @value{tramp} starts a remote process when a command is executed in a remote file or directory buffer. As of now, these packages have been integrated to work with @value{tramp}: @file{shell.el}, @file{eshell.el}, @file{compile.el} (commands like @code{compile} and @code{grep}) and @file{gud.el} (@code{gdb} or @code{perldb}). @vindex INSIDE_EMACS@r{, environment variable} @value{tramp} always modifies the @env{INSIDE_EMACS} environment variable for remote processes. By default, this environment variable shows the Emacs version. @value{tramp} adds its own version string, so it looks like @samp{27.2,tramp:2.4.5.1}. However, other packages might also add their name to this environment variable, like @samp{27.2,comint,tramp:2.4.5.1}. For @value{tramp} to find the command on the remote, it must be accessible through the default search path as setup by @value{tramp} upon first connection. Alternatively, use an absolute path or extend @code{tramp-remote-path} (@pxref{Remote programs}): @lisp @group (add-to-list 'tramp-remote-path "~/bin") (add-to-list 'tramp-remote-path "/appli/pub/bin") @end group @end lisp @vindex tramp-remote-process-environment Customize user option @code{tramp-remote-process-environment} to suit the remote program's environment for the remote host. @code{tramp-remote-process-environment} is a list of strings structured similar to @code{process-environment}, where each element is a string of the form @samp{ENVVARNAME=VALUE}. To avoid any conflicts with local host environment variables set through local configuration files, such as @file{~/.profile}, use @samp{ENVVARNAME=} to unset them for the remote environment. @noindent Use @code{add-to-list} to add entries: @lisp (add-to-list 'tramp-remote-process-environment "JAVA_HOME=/opt/java") @end lisp @vindex HISTORY@r{, environment variable} Modifying or deleting already existing values in the @code{tramp-remote-process-environment} list may not be feasible on restricted remote hosts. For example, some system administrators disallow changing @env{HISTORY} environment variable. To accommodate such restrictions when using @value{tramp}, fix the @code{tramp-remote-process-environment} by the following code in the local @file{.emacs} file: @lisp @group (let ((process-environment tramp-remote-process-environment)) (setenv "HISTORY" nil) (setq tramp-remote-process-environment process-environment)) @end group @end lisp @vindex ENV@r{, environment variable} Setting the @env{ENV} environment variable instructs some shells to read an initialization file. By default, @value{tramp} disables this. You can override this behavior by evaluating @lisp @group (let ((process-environment tramp-remote-process-environment)) (setenv "ENV" "$HOME/.profile") (setq tramp-remote-process-environment process-environment)) @end group @end lisp In addition to @code{tramp-remote-process-environment}, you can set environment variables for individual remote process calls by let-binding @code{process-environment}. @value{tramp} applies any entries not present in the global default value of @code{process-environment} (overriding @code{tramp-remote-process-environment} settings, if they conflict). For example: @lisp @group (let ((process-environment (cons "HGPLAIN=1" process-environment))) (process-file @dots{})) @end group @end lisp @vindex HGPLAIN@r{, environment variable} Let-binding in this way works regardless of whether the process to be called is local or remote, since @value{tramp} would add just the @env{HGPLAIN} setting and local processes would take whole value of @code{process-environment} along with the new value of @env{HGPLAIN}. For integrating other Emacs packages so @value{tramp} can execute remotely, please file a bug report. @xref{Bug Reports}. @subsection Running remote programs that create local X11 windows @vindex DISPLAY@r{, environment variable} To allow a remote program to create an X11 window on the local host, set the @env{DISPLAY} environment variable for the remote host as follows in the local @file{.emacs} file: @lisp @group (add-to-list 'tramp-remote-process-environment (format "DISPLAY=%s" (getenv "DISPLAY"))) @end group @end lisp @noindent @code{(getenv "DISPLAY")} should return a recognizable name for the local host that the remote host can redirect X11 window interactions. If querying for a recognizable name is not possible for whatever reason, then replace @code{(getenv "DISPLAY")} with a hard-coded, fixed name. Note that using @samp{:0} for X11 display name here will not work as expected. @vindex ForwardX11@r{, ssh option} @vindex ForwardX11Trusted@r{, ssh option} An alternate approach is specify @option{ForwardX11 yes} or @option{ForwardX11Trusted yes} in @file{~/.ssh/config} on the local host. Furthermore, set @code{tramp-use-connection-share} to @code{nil} (@pxref{Using ssh connection sharing}), in order to avoid unwanted side effects. @anchor{Managing remote shell history} @subsection Managing remote shell history @cindex shell history @vindex tramp-histfile-override @vindex HISTFILE@r{, environment variable} @vindex HISTFILESIZE@r{, environment variable} @vindex HISTSIZE@r{, environment variable} Due to the remote shell saving tilde expansions triggered by @value{tramp}, the shell history file is probably growing rapidly. @value{tramp} can suppress this behavior with the user option @code{tramp-histfile-override}. When set to @code{t}, environment variable @env{HISTFILE} is unset, and environment variables @env{HISTFILESIZE} and @env{HISTSIZE} are set to 0. Don't use this with @command{bash} 5.0.0@: that version has a bug which causes @command{bash} to die. Alternatively, @code{tramp-histfile-override} can be a string. The environment variable @env{HISTFILE} is then set to this file name. Be careful if using @file{/dev/null}; this might result in undesired results when using @command{bash} as remote shell. Another approach is to completely disable @value{tramp}'s handling of the @env{HISTFILE} by setting @code{tramp-histfile-override} to @code{nil}. In this case, saving history can be turned off by putting this shell code in @file{.bashrc} or @file{.kshrc}: @example @group if [ -f $HOME/.sh_history ] ; then /bin/rm $HOME/.sh_history fi if [ "$@{HISTFILE-unset@}" != "unset" ] ; then unset HISTFILE fi if [ "$@{HISTSIZE-unset@}" != "unset" ] ; then unset HISTSIZE fi @end group @end example For @option{ssh}-based method, add the following line to your @file{~/.ssh/environment}: @example HISTFILE=/dev/null @end example @subsection Running @code{shell} on a remote host @cindex @code{shell} @vindex explicit-shell-file-name @vindex shell-history-file-name Set @code{explicit-shell-file-name} to the appropriate shell name when using @value{tramp} between two hosts with different operating systems, such as @samp{windows-nt} and @samp{gnu/linux}. This option ensures the correct name of the remote shell program. When @code{explicit-shell-file-name} is equal to @code{nil}, calling @code{shell} interactively will prompt for a shell name. You can use connection-local variables for setting different values of @code{explicit-shell-file-name} for different remote hosts. @ifinfo @xref{Connection Variables, , , emacs}. @end ifinfo @lisp @group (connection-local-set-profile-variables 'remote-bash '((explicit-shell-file-name . "/bin/bash") (explicit-bash-args . ("-i")))) @end group @group (connection-local-set-profile-variables 'remote-ksh '((explicit-shell-file-name . "/bin/ksh") (explicit-ksh-args . ("-i")))) @end group @group (connection-local-set-profiles '(:application tramp :protocol "ssh" :machine "localhost") 'remote-bash) @end group @group (connection-local-set-profiles `(:application tramp :protocol "sudo" :user "root" :machine ,(system-name)) 'remote-ksh) @end group @end lisp The command @code{shell} reads the remote history file in order to to initialize the history input ring. You can set the user option @code{shell-history-file-name} in order to specify which remote history file is taken, or whether to suppress this at all. It accepts the same values as @code{tramp-histfile-override}, see @pxref{Managing remote shell history}. @code{shell-history-file-name} accepts also connection-local values in @code{shell} buffers. @subsection Running @code{shell-command} on a remote host @cindex @code{shell-command} @code{shell-command} executes commands synchronously or asynchronously on remote hosts and displays output in buffers on the local host. Example: @example @group @kbd{C-x C-f @trampfn{sudo,,} @key{RET}} @kbd{M-& tail -f /var/log/syslog.log @key{RET}} @end group @end example @command{tail} command outputs continuously to the local buffer whose name is the value of the variable @code{shell-command-buffer-name-async}. @kbd{M-x auto-revert-tail-mode @key{RET}} runs similarly showing continuous output. @vindex shell-file-name @vindex shell-command-switch @code{shell-command} uses the user option @code{shell-file-name} and the variable @code{shell-command-switch} in order to determine which shell to run. For remote hosts, their default values are @file{/bin/sh} and @option{-c}, respectively (except for the @option{adb} method, which uses @file{/system/bin/sh}). Like the variables in the previous section, these variables can be changed via connection-local variables. @vindex async-shell-command-width @vindex COLUMNS@r{, environment variable} @value{tramp} cares about the user option @code{async-shell-command-width} for asynchronous shell commands. It specifies the number of display columns for command output. For synchronous shell commands, a similar effect can be achieved by adding the environment variable @env{COLUMNS} to @code{tramp-remote-process-environment}. @subsection Running @code{eshell} on a remote host @cindex @code{eshell} @value{tramp} is integrated into @file{eshell.el}, which enables interactive eshell sessions on remote hosts at the command prompt. You must add the module @code{eshell-tramp} to @code{eshell-modules-list}. Here's a sample interaction after opening @kbd{M-x eshell @key{RET}} on a remote host: @example @group @b{~ $} cd @trampfn{sudo,,/etc} @key{RET} @b{@trampfn{sudo,root@@host,/etc} $} hostname @key{RET} host @b{@trampfn{sudo,root@@host,/etc} $} id @key{RET} uid=0(root) gid=0(root) groups=0(root) @b{@trampfn{sudo,root@@host,/etc} $} find-file shadow @key{RET} # @b{@trampfn{sudo,root@@host,/etc} $} @end group @end example @code{eshell} added custom @code{su} and @code{sudo} commands that set the default directory correctly for the @file{*eshell*} buffer. @value{tramp} silently updates @code{tramp-default-proxies-alist} with an entry for this directory (@pxref{Multi-hops}): @example @group @b{~ $} cd @trampfn{ssh,user@@remotehost,/etc} @key{RET} @b{@trampfn{ssh,user@@remotehost,/etc} $} find-file shadow @key{RET} File is not readable: @trampfn{ssh,user@@remotehost,/etc/shadow} @b{@trampfn{ssh,user@@remotehost,/etc} $} sudo find-file shadow @key{RET} # @end group @group @b{@trampfn{ssh,user@@remotehost,/etc} $} su - @key{RET} @b{@trampfn{su,root@@remotehost,/root} $} id @key{RET} uid=0(root) gid=0(root) groups=0(root) @b{@trampfn{su,root@@remotehost,/root} $} @end group @end example @anchor{Running a debugger on a remote host} @subsection Running a debugger on a remote host @cindex @file{gud.el} @cindex @code{gdb} @cindex @code{perldb} @file{gud.el} provides a unified interface to symbolic @ifinfo debuggers (@pxref{Debuggers, , , emacs}). @end ifinfo @ifnotinfo debuggers. @end ifnotinfo @value{tramp} can run debug on remote hosts by calling @code{gdb} with a remote file name: @example @group @kbd{M-x gdb @key{RET}} @b{Run gdb (like this):} gdb -i=mi @trampfn{ssh,host,~/myprog} @key{RET} @end group @end example Since the remote @code{gdb} and @code{gdb-inferior} processes do not belong to the same process group on the remote host, there will be a warning, which can be ignored: @example &"warning: GDB: Failed to set controlling terminal: Operation not permitted\n" @end example @noindent As consequence, there will be restrictions in I/O of the process to be debugged. Relative file names are based on the remote default directory. When @file{myprog.pl} exists in @file{@trampfn{ssh,host,/home/user}}, valid calls include: @example @group @kbd{M-x perldb @key{RET}} @b{Run perldb (like this):} perl -d myprog.pl @key{RET} @end group @end example Just the local part of a remote file name, such as @command{perl -d /home/user/myprog.pl}, is not possible. Arguments of the program to be debugged must be literal, can take relative or absolute paths, but not remote paths. @subsection Running remote processes on MS Windows hosts @cindex @command{winexe} @cindex @command{powershell} @command{winexe} runs processes on a remote MS Windows host, and @value{tramp} can use it for @code{process-file} and @code{start-file-process}. @code{tramp-smb-winexe-program} specifies the local @command{winexe} command. Powershell V2.0 on the remote host is required to run processes triggered from @value{tramp}. @code{explicit-shell-file-name} and @code{explicit-*-args} have to be set properly so @kbd{M-x shell @key{RET}} can open a proper remote shell on a MS Windows host. To open @command{cmd}, set it as follows: @lisp @group (setq explicit-shell-file-name "cmd" explicit-cmd-args '("/q")) @end group @end lisp @noindent To open @command{powershell} as a remote shell, use this: @lisp @group (setq explicit-shell-file-name "powershell" explicit-powershell-args '("-file" "-")) @end group @end lisp @subsection Remote process connection type @vindex process-connection-type @vindex tramp-process-connection-type Asynchronous processes behave differently based on whether they use a pseudo tty or not. This is controlled by the variable @code{process-connection-type}, which can be @code{t} or @code{pty} (use a pseudo tty), or @code{nil} or @code{pipe} (don't use one). @value{tramp} is based on running shells on the remote host, which requires a pseudo tty. Therefore, it declares the variable @code{tramp-process-connection-type}, which carries this information for remote processes. Its default value is @code{t}, and there is no need to change it. The name of the remote pseudo tty is returned by the function @code{process-tty-name}. If a remote process, started by @code{start-file-process}, should @emph{not} use a pseudo tty, this can be requested by setting @code{process-connection-type} to @code{nil} or @code{pipe}. There is still a pseudo tty for the started process, but some terminal properties are changed, like suppressing translation of carriage return characters into newline. The function @code{make-process} allows controlling this explicitly by using the @code{:connection-type} keyword. If this keyword is not used, the value of @code{process-connection-type} is applied instead. @subsection Process properties of asynchronous remote processes @cindex Asynchronous remote processes When available, @value{tramp} adds process properties to process objects of asynchronous properties. However, it is not guaranteed that all these properties are set. @itemize @item @code{remote-tty} This is the name of the terminal a @var{process} uses on the remote host, i.e., it reads and writes on. @item @code{remote-pid} The process id of the command executed on the remote host. This is used when sending signals remotely. @item @code{remote-command} The remote command which has been invoked via @code{make-process} or @code{start-file-process}, a list of strings (program and its arguments). This does not show the additional shell sugar @value{tramp} makes around the commands, in order to see this you must inspect @value{tramp} @ref{Traces and Profiles, traces}. @end itemize @findex list-system-processes @findex process-attributes The functions @code{list-system-processes} and @code{process-attributes} return information about system processes on the respective remote host. In order to retrieve this information, they use the command @command{ps}, driven by the following constants: @defvr Constant tramp-process-attributes-ps-args This is a list of arguments (strings) @command{ps} is called with. The default value is appropriate for GNU/Linux remote hosts. @end defvr @defvr Constant tramp-process-attributes-ps-format This is a list of cons cells @code{(@var{key} . @var{type})} for interpretation of the @command{ps} output. @var{key} is a key used in the @code{process-attributes} output plus the key @code{pid}, and @var{type} is the respective value returned by @command{ps}. It can be @multitable {@bullet{} @code{numberp}} {--- a string of @var{number} width, can contain spaces} @item @bullet{} @code{numberp} @tab --- a number @item @bullet{} @code{stringp} @tab --- a string without spaces @item @bullet{} @var{number} @tab --- a string of @var{number} width, can contain spaces @item @bullet{} @code{nil} @tab --- a string until end of line @end multitable The default value is appropriate for GNU/Linux remote hosts. @end defvr If, for example, @code{tramp-process-attributes-ps-args} is declared as @code{("-eww" "-o" "pid,euid,euser,egid,egroup,comm:40,state")}, the output of the respective @command{ps} command would look like @smallexample @group PID EUID EUSER EGID EGROUP COMMAND S 1 0 root 0 root systemd S 1610 0 root 0 root NFSv4 callback S @dots{} @end group @end smallexample The corresponding @code{tramp-process-attributes-ps-format} has the value @smallexample @group @code{((pid . numberp) (euid . numberp) (user . stringp) (egid . numberp) (group . stringp) (comm . 40) (state . stringp))} @end group @end smallexample @vindex tramp-adb-connection-local-default-ps-profile @vindex tramp-adb-connection-local-default-ps-variables @vindex tramp-connection-local-bsd-ps-profile @vindex tramp-connection-local-bsd-ps-variables @vindex tramp-connection-local-busybox-ps-profile @vindex tramp-connection-local-busybox-ps-variables @vindex tramp-connection-local-darwin-ps-profile @vindex tramp-connection-local-darwin-ps-variables The default values for @code{tramp-process-attributes-ps-args} and @code{tramp-process-attributes-ps-format} can be overwritten by connection-local variables. @ifinfo @xref{Connection Variables, , , emacs}. @end ifinfo This is already done by @value{tramp} for the @option{adb} method, see @code{tramp-adb-connection-local-default-ps-profile} and @code{tramp-adb-connection-local-default-ps-variables}. There are three further predefined sets of connection-local variables for remote BSD systems, for remote macOS systems, and for a remote @command{ps} command implemented with @command{busybox}. These are called @code{tramp-connection-local-*-ps-profile} and @code{tramp-connection-local-*-ps-variables}. Use them like @lisp @group (connection-local-set-profiles '(:application tramp :machine "mybsdhost") 'tramp-connection-local-bsd-ps-profile) @end group @end lisp @cindex @code{proced} @vindex proced-show-remote-processes If you want to see a listing of remote system processes when calling @code{proced}, set user option @code{proced-show-remote-processes} to non-@code{nil}, or invoke that command with a negative argument like @kbd{C-u - M-x proced @key{RET}} when your buffer has a remote @code{default-directory}. @anchor{Improving performance of asynchronous remote processes} @subsection Improving performance of asynchronous remote processes @cindex Asynchronous remote processes @findex make-process @findex start-file-process @value{tramp}'s implementation of @code{make-process} and @code{start-file-process} requires a serious overhead for initialization, every process invocation. This is needed for handling interactive dialogs when connecting the remote host (like providing a password), and initial environment setup. Sometimes, this is not needed. Instead of starting a remote shell and running the command afterwards, it is sufficient to run the command directly. @value{tramp} supports this by an alternative implementation of @code{make-process} and @code{start-file-process}. This is triggered by the connection-local variable @code{tramp-direct-async-process}, @ifinfo @xref{Connection Variables, , , emacs}, @end ifinfo which must be set to a non-@code{nil} value. Example: @lisp @group (connection-local-set-profile-variables 'remote-direct-async-process '((tramp-direct-async-process . t))) @end group @group (connection-local-set-profiles '(:application tramp :machine "remotehost") 'remote-direct-async-process) @end group @end lisp This enables direct async processes for the host @samp{remotehost}. If you want to enable direct async processes for all remote hosts connected via the same method (e.g., @option{ssh}), use instead @lisp @group (connection-local-set-profiles '(:application tramp :protocol "ssh") 'remote-direct-async-process) @end group @end lisp Using direct asynchronous processes in @value{tramp} is not possible, if the remote host is connected via multiple hops (@pxref{Multi-hops}). In this case, @value{tramp} falls back to its classical implementation. Furthermore, this approach has the following limitations: @itemize @item It works only for some connection methods defined in @file{tramp-adb.el}, @file{tramp-container.el}, @file{tramp-sh.el} and @file{tramp-sshfs.el}. @item It does not support interactive user authentication. With @option{ssh}-based methods, this can be avoided by using a password agent like @command{ssh-agent}, using public key authentication, or using @option{ControlMaster} options. @item It cannot be applied for @option{ssh}-based methods, which use the @option{RemoteCommand} option. @item It cannot be killed via @code{interrupt-process}. @item It does not report the remote terminal name via @code{process-tty-name}. @item It does not set process property @code{remote-pid}. @item It fails, when the command is too long. This can happen on directories with a long directory name, or when the remote @env{PATH} and/or other environment variables, which must be set, are too long. @end itemize In order to gain even more performance, it is recommended to bind @code{tramp-verbose} to 0 when running @code{make-process} or @code{start-file-process}. Furthermore, you might set @code{tramp-use-connection-share} to @code{nil} in order to bypass @value{tramp}'s handling of the @option{ControlMaster} options, and use your own settings in @file{~/.ssh/config}, @pxref{Using ssh connection sharing}. @c Since Emacs 30. @strong{Note}: In previous @value{tramp} versions this was triggered by the connection property @t{"direct-async-process"}. This is still supported but deprecated, and it will be removed in a future @value{tramp} version. @node Cleanup remote connections @section Cleanup remote connections @cindex cleanup @value{tramp} provides several ways to flush remote connections. @deffn Command tramp-cleanup-connection vec &optional keep-debug keep-password This command flushes all connection related objects. @var{vec} is the internal representation of a remote connection. When called interactively, this command lists active remote connections in the minibuffer. Each connection is of the format @file{@trampfn{method,user@@host,}}. Flushing remote connections also cleans the password cache (@pxref{Password handling}), file cache, connection cache (@pxref{Connection caching}), and recentf @ifinfo cache (@pxref{File Conveniences, , , emacs}). @end ifinfo @ifnotinfo cache. @end ifnotinfo It also deletes session timers (@pxref{Predefined connection information}) and connection buffers. If @var{keep-debug} is non-@code{nil}, the debug buffer is kept. A non-@code{nil} @var{keep-password} preserves the password cache. @end deffn @deffn Command tramp-cleanup-this-connection Flushes the current buffer's remote connection objects, the same as in @code{tramp-cleanup-connection}. @end deffn @deffn Command tramp-cleanup-all-connections Flushes all active remote connection objects, the same as in @code{tramp-cleanup-connection}. This command removes also ad-hoc proxy definitions (@pxref{Ad-hoc multi-hops}). @end deffn @deffn Command tramp-cleanup-all-buffers Just as for @code{tramp-cleanup-all-connections}, all remote connections and ad-hoc proxy definition are cleaned up in addition to killing all buffers related to remote connections. @end deffn @deffn Command tramp-cleanup-some-buffers Similar to @code{tramp-cleanup-all-buffers}, where all remote connections and ad-hoc proxy definition are cleaned up. However, additional buffers are killed only if one of the functions in @code{tramp-cleanup-some-buffers-hook} returns @code{t}. @end deffn @defopt tramp-cleanup-some-buffers-hook The functions in this hook determine, whether a remote buffer is killed when @code{tramp-cleanup-some-buffers} is called. Per default, remote buffers which are linked to a remote file, remote @code{dired} buffers, and buffers related to a remote process are cleaned up. @end defopt @node Renaming remote files @section Renaming remote files @cindex save remote files Sometimes, it is desirable to safe file contents of buffers visiting a given remote host. This could happen for example, if the local host changes its network integration, and the remote host is not reachable anymore. @deffn Command tramp-rename-files source target Replace in all buffers the visiting file name from @var{source} to @var{target}. @var{source} is a remote directory name, which can contain also a localname part. @var{target} is the directory name @var{source} is replaced with. Often, @var{target} is a remote directory name on another host, but it can also be a local directory name. If @var{target} has no local part, the local part from @var{source} is used. If @var{target} is @code{nil}, it is selected according to the first match in @code{tramp-default-rename-alist}. If called interactively, this match is offered as initial value for selection. On all buffers, which have a @code{buffer-file-name} matching @var{source}, this name is modified by replacing @var{source} with @var{target}. This is applied by calling @code{set-visited-file-name}. The new @code{buffer-file-name} is prompted for modification in the minibuffer. The buffers are marked modified, and must be saved explicitly. If user option @code{tramp-confirm-rename-file-names} is @code{nil}, changing the file name happens without confirmation. This requires a matching entry in @code{tramp-default-rename-alist}. Remote buffers related to the remote connection identified by @var{source}, which are not visiting files, or which are visiting files not matching @var{source}, are not modified. Interactively, @var{target} is selected from @code{tramp-default-rename-alist} without confirmation if the prefix argument is non-@code{nil}. The remote connection identified by @var{source} is flushed by @code{tramp-cleanup-connection}. @end deffn @deffn Command tramp-rename-these-files target Replace visiting file names to @var{target}. The current buffer must be related to a remote connection. In all buffers, which are visiting a file with the same directory name, the buffer file name is changed. Interactively, @var{target} is selected from @code{tramp-default-rename-alist} without confirmation if the prefix argument is non-@code{nil}. @end deffn @defopt tramp-default-rename-alist The default target for renaming remote buffer file names. This is an alist of cons cells @code{(source . target)}. The first matching item specifies the target to be applied for renaming buffer file names from source via @code{tramp-rename-files}. @code{source} is a regular expression, which is used to match a remote file name. @code{target} must be a directory name, which can be remote (including remote directories which @value{tramp} infers by default, such as @file{@trampfn{method,user@@host,}}). @code{target} can contain the format specifiers @code{%m}, @code{%u}, or @code{%h}, which are replaced by the method name, user name, or host name of @code{source} respectively when calling @code{tramp-rename-files}. @code{source} can also be a Lisp form, which is evaluated. The result must be a string (which is used as a regular expression to match) or @code{nil}, which is interpreted as a regular expression which always matches. Example entries: @lisp @group ("@trampfn{ssh,badhost,/path/to/dir/}" . "@trampfn{ssh,goodhost,/path/to/another/dir/}") @end group @end lisp would trigger renaming of buffer file names on @samp{badhost} to @samp{goodhost}, including changing the directory name. @lisp ("@trampfn{ssh,.+\\\\.company\\\\.org,}" @c . "@value{prefix}ssh@value{postfixhop}multi.hop|@c ssh@value{postfixhop}%h@value{postfix}") @end lisp routes all connections to a host in @samp{company.org} via @file{@trampfn{ssh,multi.hop,}}, which might be useful when using Emacs outside the company network. @lisp (nil . "~/saved-files/%m:%u@@%h/") @end lisp saves all remote files locally, with a directory name including method name, user name and host name of the remote connection. @end defopt @defopt tramp-confirm-rename-file-names Whether renaming a buffer file name by @code{tramp-rename-files} or @code{tramp-rename-these-files} must be confirmed. @end defopt @node Archive file names @section Archive file names @cindex file archives @cindex archive file names @cindex method archive @cindex archive method @value{tramp} offers also transparent access to files inside file archives. This is possible only on hosts which have installed @acronym{GVFS, the GNOME Virtual File System}, @pxref{GVFS-based methods}. Internally, file archives are mounted via the @acronym{GVFS} @option{archive} method. A file archive is a regular file of kind @file{/path/to/dir/file.EXT}. The extension @samp{.EXT} identifies the type of the file archive. To examine the contents of an archive with Dired, open file name as if it were a directory (i.e., open @file{/path/to/dir/file.EXT/}). A file inside a file archive, called archive file name, has the name @file{/path/to/dir/file.EXT/dir/file}. Most of the @ref{Magic File Names, , magic file name operations, elisp}, are implemented for archive file names, exceptions are all operations which write into a file archive, and process related operations. Therefore, functions like @lisp (copy-file "/path/to/dir/file.tar/dir/file" "/somewhere/else") @end lisp @noindent work out of the box. This is also true for file name completion, and for libraries like @code{dired} or @code{ediff}, which accept archive file names as well. @vindex tramp-archive-suffixes File archives are identified by the file name extension @samp{.EXT}. Since @acronym{GVFS} uses internally the library @code{libarchive(3)}, all suffixes, which are accepted by this library, work also for archive file names. Accepted suffixes are listed in the constant @code{tramp-archive-suffixes}. They are @itemize @cindex @file{7z} file archive suffix @cindex file archive suffix @file{7z} @item @samp{.7z} --- 7-Zip archives @cindex @file{apk} file archive suffix @cindex file archive suffix @file{apk} @item @samp{.apk} --- Android package kits @cindex @file{ar} file archive suffix @cindex file archive suffix @file{ar} @item @samp{.ar} --- UNIX archiver formats @cindex @file{cab} file archive suffix @cindex @file{CAB} file archive suffix @cindex file archive suffix @file{cab} @cindex file archive suffix @file{CAB} @item @samp{.cab}, @samp{.CAB} --- Microsoft Windows cabinets @cindex @file{cpio} file archive suffix @cindex file archive suffix @file{cpio} @item @samp{.cpio} --- CPIO archives @cindex @file{crate} file archive suffix @cindex file archive suffix @file{crate} @item @samp{.crate} --- Cargo (Rust) packages @cindex @file{deb} file archive suffix @cindex file archive suffix @file{deb} @item @samp{.deb} --- Debian packages @cindex @file{depot} file archive suffix @cindex file archive suffix @file{depot} @item @samp{.depot} --- HP-UX SD depots @cindex @file{epub} file archive suffix @cindex file archive suffix @file{epub} @item @samp{.epub} --- Electronic publications @cindex @file{exe} file archive suffix @cindex file archive suffix @file{exe} @item @samp{.exe} --- Self extracting Microsoft Windows EXE files @cindex @file{iso} file archive suffix @cindex file archive suffix @file{iso} @item @samp{.iso} --- ISO 9660 images @cindex @file{jar} file archive suffix @cindex file archive suffix @file{jar} @item @samp{.jar} --- Java archives @cindex @file{lzh} file archive suffix @cindex @file{LZH} file archive suffix @cindex file archive suffix @file{lzh} @cindex file archive suffix @file{LZH} @item @samp{.lzh}, @samp{.LZH} --- Microsoft Windows compressed LHA archives @cindex @file{msu} file archive suffix @cindex @file{MSU} file archive suffix @cindex file archive suffix @file{msu} @cindex file archive suffix @file{MSU} @item @samp{.msu}, @samp{.MSU} --- Microsoft Windows Update packages @cindex @file{mtree} file archive suffix @cindex file archive suffix @file{mtree} @item @samp{.mtree} --- BSD mtree format @cindex @file{odb} file archive suffix @cindex @file{odf} file archive suffix @cindex @file{odg} file archive suffix @cindex @file{odp} file archive suffix @cindex @file{ods} file archive suffix @cindex @file{odt} file archive suffix @cindex file archive suffix @file{odb} @cindex file archive suffix @file{odf} @cindex file archive suffix @file{odg} @cindex file archive suffix @file{odp} @cindex file archive suffix @file{ods} @cindex file archive suffix @file{odt} @item @samp{.odb}, @samp{.odf}, @samp{.odg}, @samp{.odp}, @samp{.ods}, @samp{.odt} --- OpenDocument formats @cindex @file{pax} file archive suffix @cindex file archive suffix @file{pax} @item @samp{.pax} --- Posix archives @cindex @file{rar} file archive suffix @cindex file archive suffix @file{rar} @item @samp{.rar} --- RAR archives @cindex @file{rpm} file archive suffix @cindex file archive suffix @file{rpm} @item @samp{.rpm} --- Red Hat packages @cindex @file{shar} file archive suffix @cindex file archive suffix @file{shar} @item @samp{.shar} --- Shell archives @cindex @file{tar} file archive suffix @cindex @file{tbz} file archive suffix @cindex @file{tgz} file archive suffix @cindex @file{tlz} file archive suffix @cindex @file{txz} file archive suffix @cindex @file{tzst} file archive suffix @cindex file archive suffix @file{tar} @cindex file archive suffix @file{tbz} @cindex file archive suffix @file{tgz} @cindex file archive suffix @file{tlz} @cindex file archive suffix @file{txz} @cindex file archive suffix @file{tzst} @item @samp{.tar}, @samp{.tbz}, @samp{.tgz}, @samp{.tlz}, @samp{.txz}, @samp{.tzst} --- (Compressed) tape archives @cindex @file{warc} file archive suffix @cindex file archive suffix @file{warc} @item @samp{.warc} --- Web archives @cindex @file{xar} file archive suffix @cindex file archive suffix @file{xar} @item @samp{.xar} --- macOS XAR archives @cindex @file{xpi} file archive suffix @cindex file archive suffix @file{xpi} @item @samp{.xpi} --- XPInstall Mozilla addons @cindex @file{xps} file archive suffix @cindex file archive suffix @file{xps} @item @samp{.xps} --- Open XML Paper Specification (OpenXPS) documents @cindex @file{zip} file archive suffix @cindex @file{ZIP} file archive suffix @cindex file archive suffix @file{zip} @cindex file archive suffix @file{ZIP} @item @samp{.zip}, @samp{.ZIP} --- ZIP archives @end itemize @vindex tramp-archive-compression-suffixes File archives could also be compressed, identified by an additional compression suffix. Valid compression suffixes are listed in the constant @code{tramp-archive-compression-suffixes}. They are @samp{.bz2}, @samp{.gz}, @samp{.lrz}, @samp{.lz}, @samp{.lz4}, @samp{.lzma}, @samp{.lzo}, @samp{.uu}, @samp{.xz}, @samp{.Z}, and @samp{.zst}. A valid archive file name would be @file{/path/to/dir/file.tar.gz/dir/file}. Even several suffixes in a row are possible, like @file{/path/to/dir/file.tar.gz.uu/dir/file}. @vindex tramp-archive-all-gvfs-methods An archive file name can be a remote file name, as in @file{/ftp:anonymous@@ftp.gnu.org:/gnu/tramp/tramp-2.4.5.tar.gz/INSTALL}. Since all file operations are mapped internally to @acronym{GVFS} operations, remote file names supported by @code{tramp-gvfs} perform better, because no local copy of the file archive must be downloaded first. For example, @samp{/sftp:user@@host:...} performs better than the similar @samp{/scp:user@@host:...}. See the constant @code{tramp-archive-all-gvfs-methods} for a complete list of @code{tramp-gvfs} supported method names. If @code{url-handler-mode} is enabled, archives can be visited via URLs, like @file{https://ftp.gnu.org/gnu/tramp/tramp-2.4.5.tar.gz/INSTALL}. This allows complex file operations like @lisp @group (progn (url-handler-mode 1) (ediff-directories "https://ftp.gnu.org/gnu/tramp/tramp-2.4.4.tar.gz/tramp-2.4.4" "https://ftp.gnu.org/gnu/tramp/tramp-2.4.5.tar.gz/tramp-2.4.5" "")) @end group @end lisp It is even possible to access file archives in file archives, as @lisp @group (progn (url-handler-mode 1) (find-file "https://ftp.debian.org/debian/pool/main/c/coreutils/\ coreutils_8.28-1_amd64.deb/control.tar.gz/control")) @end group @end lisp @vindex tramp-archive-enabled In order to disable file archives, you can add the following form to your init file: @lisp (customize-set-variable 'tramp-archive-enabled nil) @end lisp @node Bug Reports @chapter Reporting Bugs and Problems @cindex bug reports @value{tramp}'s development team is actively engaged in solving bugs and problems and looks to feature requests and suggestions. @value{tramp}'s mailing list is the place for more advice and information on working with @value{tramp}, solving problems, discussing, and general discussions about @value{tramp}. @value{tramp}'s mailing list is moderated but even non-subscribers can post for moderator approval. Sometimes this approval step may take as long as 48 hours due to public holidays. @email{@value{tramp-bug-report-address}} is the mailing list. Messages sent to this address go to all the subscribers. This is @emph{not} the address to send subscription requests to. To subscribe to the mailing list, visit: @uref{https://lists.gnu.org/mailman/listinfo/tramp-devel/, the @value{tramp} Mail Subscription Page}. There is also a @acronym{Gmane} group, mirroring the mailing list. Its name is @samp{gmane.emacs.tramp}. @ifset installchapter Before sending a bug report, run the test suite first @ref{Testing}. @end ifset @findex tramp-bug Check if the bug or problem is already addressed in @xref{Frequently Asked Questions}. Run @kbd{M-x tramp-bug @key{RET}} to generate a buffer with details of the system along with the details of the @value{tramp} installation. Please include these details with the bug report. The bug report must describe in as excruciating detail as possible the steps required to reproduce the problem. These details must include the setup of the remote host and any special or unique conditions that exist. Include a minimal test case that reproduces the problem. This will help the development team find the best solution and avoid unrelated detours. To exclude cache-related problems, flush all caches before running the test, @pxref{Cleanup remote connections}. Alternatively, and often better for analysis, reproduce the problem in a clean Emacs session started with @command{emacs -Q}. Then, @value{tramp} does not load the persistency file (@pxref{Connection caching}), and it does not use passwords from @file{auth-source.el} (@pxref{Password handling}). The latter does not happen for the @option{sudoedit} method, otherwise it would be unusable. If you use the GNU ELPA version of @value{tramp}, you must load it explicitly, because @command{emacs -Q} ignores installed ELPA packages. Call (version number adapted) @example $ emacs -Q -l ~/.emacs.d/elpa/tramp-2.4.5.1/tramp-autoloads @end example When including @value{tramp}'s messages in the bug report, increase the verbosity level to 6 (@pxref{Traces and Profiles, Traces}) in the @file{~/.emacs} file before repeating steps to the bug. Include the contents of the @file{*tramp/foo*} and @file{*debug tramp/foo*} buffers with the bug report. Since those buffers could contain non-@acronym{ASCII} characters which are relevant for analysis, append the buffers as attachments to the bug report rather than placing them inline. This is also needed in order to avoid line breaks getting added or deleted during mail transfer. If you send the message from Emacs, you are asked whether to append these buffers to the bug report. If you use an external mail program, you must save these buffers to files, and append them with that mail program. @strong{Note} that a verbosity level greater than 6 is not necessary at this stage. Also note that with a verbosity level of 6 or greater, the contents of files and directories will be included in the debug buffer. Passwords typed in @value{tramp} will never be included there. @node Frequently Asked Questions @chapter Frequently Asked Questions @cindex frequently asked questions @cindex FAQ @itemize @bullet @item What is the official name - ``Tramp'' or ``@value{tramp}''? The official name is ``Tramp''. This is used in comments, docstrings, and everywhere speaking about @value{tramp}. However, for historical reasons this is formatted as ``@@sc@{Tramp@}'' in the @value{tramp} manual. @ifinfo @pxref{Smallcaps, , , texinfo}. @end ifinfo So it looks different there. @item Where is the latest @value{tramp}? @value{tramp} is available at the GNU URL: @noindent @uref{https://ftp.gnu.org/gnu/tramp/} @noindent @value{tramp}'s GNU project page is located here: @noindent @uref{https://savannah.gnu.org/projects/tramp/} @item Which systems does it work on? The package works successfully on @w{Emacs 27}, @w{Emacs 28}, @w{Emacs 29}, and @w{Emacs 30}. While Unix and Unix-like systems are the primary remote targets, @value{tramp} has equal success connecting to other platforms, such as MS Windows 7/8/10. @item How to speed up @value{tramp}? @value{tramp} does many things in the background, some of which depends on network speeds, response speeds of remote hosts, and authentication delays. During these operations, @value{tramp}'s responsiveness slows down. Some suggestions within the scope of @value{tramp}'s settings include: @itemize @minus @item Use an external method, such as @option{scp}, which are faster than internal methods for large files. @item Keep the file @code{tramp-persistency-file-name}, which is where @value{tramp} caches remote information about hosts and files. Caching is enabled by default. Don't disable it. @vindex remote-file-name-inhibit-cache Set @code{remote-file-name-inhibit-cache} to @code{nil} if remote files are not independently updated outside @value{tramp}'s control. That cache cleanup will be necessary if the remote directories or files are updated independent of @value{tramp}. @item Disable version control to avoid delays: @lisp @group (setq vc-ignore-dir-regexp (format "\\(%s\\)\\|\\(%s\\)" vc-ignore-dir-regexp tramp-file-name-regexp)) @end group @end lisp If this is too radical, because you want to use version control remotely, trim @code{vc-handled-backends} to just those you care about, for example: @lisp (setq vc-handled-backends '(SVN Git)) @end lisp @vindex remote-file-name-inhibit-locks @item Disable file locks. Set @code{remote-file-name-inhibit-locks} to @code{t} if you know that different Emacs sessions are not modifying the same remote file. @vindex remote-file-name-inhibit-auto-save @item Keep auto-save files local. This is already the default configuration in Emacs, don't change it. If you want to disable auto-saving for remote files at all, set @code{remote-file-name-inhibit-auto-save} to @code{t}, but think about the consequences! If you want to disable auto-saving just for selected connections, for example due to security considerations, use connection-local variables in order to set @code{buffer-auto-save-file-name}. If you, for example, want to disable auto-saving for all @option{sudo} connections, apply the following code. @ifinfo @xref{Connection Variables, , , emacs}. @end ifinfo @lisp @group (connection-local-set-profile-variables 'my-auto-save-profile '((buffer-auto-save-file-name . nil))) @end group @group (connection-local-set-profiles '(:application tramp :protocol "sudo") 'my-auto-save-profile) @end group @end lisp @item Use direct asynchronous processes if possible. @item Suppress reading the remote history file in @code{shell}. Set @code{shell-history-file-name} to @code{t}. @item Disable excessive traces. Set @code{tramp-verbose} to 3 or lower, default being 3. Increase trace levels temporarily when hunting for bugs. @end itemize @item @value{tramp} does not connect to the remote host Three main reasons for why @value{tramp} does not connect to the remote host: @itemize @minus @item Unknown characters in the prompt @value{tramp} needs a clean recognizable prompt on the remote host for accurate parsing. Shell prompts that contain escape sequences for coloring cause parsing problems. @ref{Remote shell setup} for customizing prompt detection using regular expressions. To check if the remote host's prompt is being recognized, use this test: switch to @value{tramp} connection buffer @file{*tramp/foo*}, put the cursor at the top of the buffer, and then apply the following expression: @example @kbd{M-: (re-search-forward (concat tramp-shell-prompt-pattern "$")) @key{RET}} @end example If the cursor has not moved to the prompt at the bottom of the buffer, then @value{tramp} has failed to recognize the prompt. When using zsh on remote hosts, disable zsh line editor because zsh uses left-hand side and right-hand side prompts in parallel. Add the following line to @file{~/.zshrc}: @example [[ $TERM == "dumb" ]] && unsetopt zle && PS1='$ ' && return @end example This uses the default value of @code{tramp-terminal-type}, @t{"dumb"}, as value of the @env{TERM} environment variable. If you want to use another value for @env{TERM}, change @code{tramp-terminal-type} and this line accordingly. Alternatively, you can set the remote login shell explicitly. See @ref{Remote shell setup} for discussion of this technique, When using fish shell on remote hosts, disable fancy formatting by adding the following to @file{~/.config/fish/config.fish}: @example @group function fish_prompt if test $TERM = "dumb" echo "\$ " else @dots{} end end @end group @end example When using WinSSHD on remote hosts, @value{tramp} does not recognize the strange prompt settings. A similar problem exist with the iTerm2 shell integration, which sends proprietary escape codes when starting a shell. This can be suppressed by changing the respective integration snippet in your @file{~/.profile} like this: @example @group [ $TERM = "dumb" ] || \ test -e "$@{HOME@}/.iterm2_shell_integration.bash" && \ source "$@{HOME@}/.iterm2_shell_integration.bash" @end group @end example And finally, bash's readline should not use key bindings like @samp{C-j} to commands. Disable this in your @file{~/.inputrc}: @example @group $if term=dumb # Don't bind Control-J or it messes up @value{tramp}. $else "\C-j": next-history $endif @end group @end example @item Echoed characters after login @value{tramp} suppresses echos from remote hosts with the @command{stty -echo} command. But sometimes it is too late to suppress welcome messages from the remote host containing harmful control characters. Using @option{sshx} or @option{scpx} methods can avoid this problem because they allocate a pseudo tty. @xref{Inline methods}. @item @value{tramp} stops transferring strings longer than 500 characters Set @code{tramp-chunksize} to 500 to get around this problem, which is related to faulty implementation of @code{process-send-string} on HP-UX, FreeBSD and Tru64 Unix systems. Consult the documentation for @code{tramp-chunksize} to see when this is necessary. Set @code{file-precious-flag} to @code{t} for files accessed by @value{tramp} so the file contents are checked using checksum by first saving to a temporary file. @ifinfo @pxref{Saving Buffers, , , elisp}. @end ifinfo @lisp @group (add-hook 'find-file-hook (lambda () (when (file-remote-p default-directory) (set (make-local-variable 'file-precious-flag) t)))) @end group @end lisp @end itemize @item @value{tramp} fails in a chrooted environment @vindex tramp-local-host-regexp When connecting to a local host, @value{tramp} uses some internal optimizations. They fail when Emacs runs in a chrooted environment. In order to disable those optimizations, set user option @code{tramp-local-host-regexp} to @code{nil}. @item @value{tramp} blocks Emacs at startup @vindex remote-file-name-access-timeout Some packages, like @file{desktop.el} or @file{recentf.el}, access remote files when loaded. If the requested file is not accessible, @value{tramp} could block. In order to check whether this could happen, add a test via @code{access-file} with a proper timeout prior to loading these packages: @lisp @group (let ((remote-file-name-access-timeout 10)) (access-file "@file{@trampfn{method,user@@host,/path/to/file}}" "error")) @result{} nil @end group @end lisp The result @code{nil} means success. If the file is not accessible, or if the underlying operations last too long, @code{access-file} returns with an error. The value of the timeout (10 seconds in the example) depends on your preference and on the quality of the connection to the remote host. If the connection to the remote host isn't established yet, and if this requires an interactive password, the timeout check doesn't work properly. @c Since Emacs 30. @strong{Note}: In recent versions of Emacs, both packages already apply this check. You just need to customize @code{remote-file-name-access-timeout} to the desired timeout (in seconds). @item Does @value{tramp} support @acronym{SSH} security keys? Yes. @command{OpenSSH} has added support for @acronym{FIDO} hardware devices via special key types @option{*-sk}. @value{tramp} supports the additional handshaking messages for them. This requires at least @command{OpenSSH} 8.2, and a @acronym{FIDO} @acronym{U2F} or @acronym{FIDO2} compatible security key, like yubikey, solokey, nitrokey, or titankey. @c @uref{https://docs.fedoraproject.org/en-US/quick-docs/using-yubikeys/} @strong{Note} that there are reports on problems of handling FIDO2 (residential) keys by @command{ssh-agent}. As workaround, you might disable @command{ssh-agent} for such keys. @item @value{tramp} does not connect to Samba or MS Windows hosts running SMB1 connection protocol @vindex tramp-smb-options Recent versions of @command{smbclient} do not support old connection protocols by default. In order to connect to such a host, add a respective option: @lisp (add-to-list 'tramp-smb-options "client min protocol=NT1") @end lisp @strong{Note} that using a deprecated connection protocol raises security problems, you should do it only if absolutely necessary. @item File name completion does not work with @value{tramp} @acronym{ANSI} escape sequences from the remote shell may cause errors in @value{tramp}'s parsing of remote buffers. To test if this is the case, open a remote shell and check if the output of @command{ls} is in color. To disable @acronym{ANSI} escape sequences from the remote hosts, disable @samp{--color=yes} or @samp{--color=auto} in the remote host's @file{.bashrc} or @file{.profile}. Turn this alias on and off to see if file name completion works. @item File name completion does not work in directories with large number of files This may be related to globbing, which is the use of shell's ability to expand wild card specifications, such as @samp{*.c}. For directories with large number of files, globbing might exceed the shell's limit on length of command lines and hang. @value{tramp} uses globbing. To test if globbing hangs, open a shell on the remote host and then run @command{ls -d * ..?* > /dev/null}. When testing, ensure the remote shell is the same shell (@command{/bin/sh}, @command{ksh} or @command{bash}), that @value{tramp} uses when connecting to that host. @item How to get notified after @value{tramp} completes file transfers? Make Emacs beep after reading from or writing to the remote host with the following code in @file{~/.emacs}. @vindex tramp-handle-write-region-hook @vindex tramp-handle-file-local-copy-hook @lisp (add-hook 'tramp-handle-write-region-hook 'beep) (add-hook 'tramp-handle-file-local-copy-hook 'beep) @end lisp @item How to get a Visual Warning when working with @samp{root} privileges? Host indication in the mode line? @cindex @value{tramp} theme @vindex tramp-theme-face-remapping-alist Install @file{tramp-theme} from GNU ELPA via Emacs's Package Manager. Enable it via @kbd{M-x load-theme @key{RET} tramp @key{RET}}. Further customization is explained in user option @code{tramp-theme-face-remapping-alist}. @item Remote host does not understand default options for directory listing @vindex dired-listing-switches Emacs computes the @command{dired} options based on the local host. Since @w{Emacs 30}, these options can be set connection-local. @ifinfo @xref{Connection Variables, , , emacs}. @end ifinfo @lisp @group (connection-local-set-profile-variables 'my-dired-profile '((dired-listing-switches . "-ahl"))) @end group @group (connection-local-set-profiles '(:application tramp :machine "remotehost") 'my-dired-profile) @end group @end lisp @vindex dired-actual-switches In older Emacsen, you can set the @command{dired} options with a hook as follows: @lisp @group (add-hook 'dired-before-readin-hook (lambda () (when (string-equal (file-remote-p default-directory 'host) "remotehost") (setq dired-actual-switches "-ahl")))) @end group @end lisp @item @value{tramp} does not show directories or files although they are readable @vindex tramp-use-file-attributes Internally, @value{tramp} uses commands like @command{ls} or @command{stat} in order to determine file permissions. When @acronym{NFS4_ACL} is enabled on the remote host, more fine-grained information is used which cannot be reflected by the permission string returned from those commands. Set the user option @code{tramp-use-file-attributes} to @code{nil} in such a case. This can also be set host-wise, like in: @lisp @group (connection-local-set-profile-variables 'my-file-attributes-profile '((tramp-use-file-attributes . nil))) @end group @group (connection-local-set-profiles '(:application tramp :machine "remotehost") 'my-file-attributes-profile) @end group @end lisp @item Where are remote files trashed to? @vindex remote-file-name-inhibit-delete-by-moving-to-trash Emacs can trash files instead of deleting @ifinfo them, @pxref{Misc File Ops, Trashing , , emacs}. @end ifinfo @ifnotinfo them. @end ifnotinfo Remote files are always trashed to the local trash, except the user option @code{remote-file-name-inhibit-delete-by-moving-to-trash} is non-@code{nil}, or it is a remote encrypted file (@pxref{Keeping files encrypted}), which are deleted anyway. @c Since Emacs 30. @vindex trash-directory If you want to trash a remote file into a remote trash directory, you can configure the user option @code{trash-directory} to a connection-local value. @ifinfo @xref{Connection Variables, , , emacs}. @end ifinfo @lisp @group (connection-local-set-profile-variables 'remote-trash-directory '((trash-directory . "/sudo::~/.local/share/Trash"))) @end group @group (connection-local-set-profiles `(:application tramp :protocol "sudo" :machine ,system-name) 'remote-trash-directory) @end group @end lisp If Emacs is configured to use the XDG conventions for the trash directory, remote files cannot be restored with the respective tools, because those conventions don't specify remote paths. Such files must be restored by moving them manually from @file{$@{XDG_DATA_HOME@}/Trash/files/}, if needed. @item How to shorten long file names when typing in @value{tramp}? Adapt several of these approaches to reduce typing. If the full name is @file{@trampfn{ssh,news@@news.my.domain,/opt/news/etc}}, then: @enumerate @item Use simplified syntax: If you always apply the default method (@pxref{Default Method}), you can use the simplified @value{tramp} syntax (@pxref{Change file name syntax}): @lisp @group (customize-set-variable 'tramp-default-method "ssh") (tramp-change-syntax 'simplified) @end group @end lisp The reduced typing: @kbd{C-x C-f @code{@value{prefix}news@@news.my.domain@value{postfix}/opt/news/etc} @key{RET}}. @item Use default values for method name and user name: You can define default methods and user names for hosts, (@pxref{Default Method}, @pxref{Default User}): @lisp @group (custom-set-variables '(tramp-default-method "ssh") '(tramp-default-user "news")) @end group @end lisp The reduced typing: @kbd{C-x C-f @trampfn{-,news.my.domain,/opt/news/etc} @key{RET}}. @strong{Note} that there are some useful shortcuts already. Accessing your local host as @samp{root} user, is possible just by @kbd{C-x C-f @trampfn{su,,} @key{RET}}. @item Use configuration options of the access method: Programs used for access methods already offer powerful configurations (@pxref{Customizing Completion}). For @option{ssh}, configure the file @file{~/.ssh/config}: @example @group Host xy HostName news.my.domain User news @end group @end example The reduced typing: @kbd{C-x C-f @trampfn{ssh,xy,/opt/news/etc} @key{RET}}. Depending on the number of files in the directories, host names completion can further reduce key strokes: @kbd{C-x C-f @value{prefix}ssh@value{postfixhop}x @key{TAB}}. @item Use environment variables to expand long strings: For long file names, set up environment variables that are expanded in the minibuffer. Environment variables are set either outside Emacs or inside Emacs with Lisp: @lisp (setenv "xy" "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}") @end lisp The reduced typing: @kbd{C-x C-f $xy @key{RET}}. @strong{Note} that file name cannot be edited here because the environment variables are not expanded during editing in the minibuffer. @item Define own keys: Redefine another key sequence in Emacs for @kbd{C-x C-f}: @lisp @group (global-set-key [(control x) (control y)] (lambda () (interactive) (find-file (read-file-name "Find @value{tramp} file: " "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}")))) @end group @end lisp Simply typing @kbd{C-x C-y} would prepare minibuffer editing of file name. See @uref{https://www.emacswiki.org/emacs/TrampMode, the Emacs Wiki} for a more comprehensive example. @item Define own abbreviation (1): Abbreviation list expansion can be used to reduce typing long file names: @lisp @group (add-to-list 'directory-abbrev-alist '("^/xy" . "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}")) @end group @end lisp The reduced typing: @kbd{C-x C-f /xy @key{RET}}. @strong{Note} that file name cannot be edited here because the abbreviations are not expanded during editing in the minibuffer. Furthermore, the abbreviation is not expanded during @key{TAB} completion. @item Define own abbreviation (2): The @code{abbrev-mode} gives additional flexibility for editing in the minibuffer: @lisp @group (define-abbrev-table 'my-tramp-abbrev-table '(("xy" "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}"))) @end group @group (add-hook 'minibuffer-setup-hook (lambda () (abbrev-mode 1) (setq local-abbrev-table my-tramp-abbrev-table))) @end group @group (advice-add 'minibuffer-complete :before 'expand-abbrev) @end group @end lisp The reduced typing: @kbd{C-x C-f xy @key{TAB}}. The minibuffer expands for further editing. @item Use bookmarks: Use bookmarks to save @value{tramp} file names. @ifinfo @pxref{Bookmarks, , , emacs}. @end ifinfo Upon visiting a location with @value{tramp}, save it as a bookmark with @kbd{@key{menu-bar} @key{edit} @key{bookmarks} @key{set}}. To revisit that bookmark: @kbd{@key{menu-bar} @key{edit} @key{bookmarks} @key{jump}}. @item Use recent files: @file{recentf} remembers visited places. @ifinfo @pxref{File Conveniences, , , emacs}. @end ifinfo Keep remote file names in the recent list without have to check for their accessibility through remote access: @lisp (recentf-mode 1) @end lisp Reaching recently opened files: @kbd{@key{menu-bar} @key{file} @key{Open Recent}}. @item Use filecache: Since @file{filecache} remembers visited places, add the remote directory to the cache: @lisp @group (with-eval-after-load 'filecache (file-cache-add-directory "@trampfn{ssh,news@@news.my.domain,/opt/news/etc/}")) @end group @end lisp Then use directory completion in the minibuffer with @kbd{C-x C-f C-@key{TAB}}. @item Use bbdb: @file{bbdb} has a built-in feature for Ange FTP files, which also works for @value{tramp} file names. @ifinfo @pxref{bbdb-ftp, Storing FTP sites in the BBDB, , bbdb}. @end ifinfo Load @file{bbdb} in Emacs: @lisp @group (require 'bbdb) (bbdb-initialize) @end group @end lisp Create a BBDB entry with @kbd{M-x bbdb-create-ftp-site @key{RET}}. Then specify a method and user name where needed. Examples: @example @group @kbd{M-x bbdb-create-ftp-site @key{RET}} @b{Ftp Site:} news.my.domain @key{RET} @b{Ftp Directory:} /opt/news/etc/ @key{RET} @b{Ftp Username:} ssh@value{postfixhop}news @key{RET} @b{Company:} @key{RET} @b{Additional Comments:} @key{RET} @end group @end example In BBDB buffer, access an entry by pressing the key @kbd{F}. @end enumerate Thanks to @value{tramp} users for contributing to these recipes. @item Why saved multi-hop file names do not work in a new Emacs session? When saving ad-hoc multi-hop @value{tramp} file names (@pxref{Ad-hoc multi-hops}) via bookmarks, recent files, filecache, bbdb, or another package, use the full ad-hoc file name including all hops, like @file{@trampfn{ssh,bird@@bastion|ssh@value{postfixhop}@c news.my.domain,/opt/news/etc}}. Alternatively, when saving abbreviated multi-hop file names @file{@trampfn{ssh,news@@news.my.domain,/opt/news/etc}}, the user option @code{tramp-save-ad-hoc-proxies} must be set non-@code{nil} value. @item How to connect to a remote Emacs session using @value{tramp}? Configure Emacs Client @ifinfo (@pxref{Emacs Server, , , emacs}). @end ifinfo Then on the remote host, start the Emacs Server: @lisp @group (require 'server) (setq server-host (system-name) server-use-tcp t) (server-start) @end group @end lisp If @code{(system-name)} of the remote host cannot be resolved on the local host, use IP address instead. Copy from the remote host the resulting file @file{~/.emacs.d/server/server} to the local host, to the same location. Then start Emacs Client from the command line: @example $ emacsclient @trampfn{ssh,user@@host,/file/to/edit} @end example @code{user} and @code{host} refer to the local host. To make Emacs Client an editor for other programs, use a wrapper script @file{emacsclient.sh}: @example @group #!/bin/sh emacsclient @trampfn{ssh,$(whoami)@@$(hostname --fqdn),$1} @end group @end example @vindex EDITOR@r{, environment variable} Then change the environment variable @env{EDITOR} to point to the wrapper script: @example $ export EDITOR=/path/to/emacsclient.sh @end example @item How to determine whether a buffer is remote? The buffer-local variable @code{default-directory} tells this. If the form @code{(file-remote-p default-directory)} returns non-@code{nil}, the buffer is remote. See the optional arguments of @code{file-remote-p} for determining details of the remote connection. @item How to save files when a remote host isn't reachable anymore? If the local machine Emacs is running on changes its network integration, remote hosts could become unreachable. This happens, for example, if the local machine is moved between your office and your home without restarting Emacs. In such cases, the command @code{tramp-rename-files} can be used to alter remote buffers’ method, host, and/or directory names. This permits saving their contents in the same location via another network path, or somewhere else entirely (including locally). @pxref{Renaming remote files}. @item How to prevent @value{tramp} from clearing the @code{recentf-list}? When @value{tramp} cleans a connection, it removes the respective remote file name(s) from @code{recentf-list}. This is needed, because an unresponsive remote host could trigger @code{recentf} to connect that host again and again. If you find the cleanup disturbing, because the file names in @code{recentf-list} are precious to you, you can add the following two forms in your @file{~/.emacs} (after loading the @code{tramp} and @code{recentf} packages): @vindex tramp-cleanup-connection-hook @vindex tramp-cleanup-all-connections-hook @lisp @group (remove-hook 'tramp-cleanup-connection-hook #'tramp-recentf-cleanup) @end group @group (remove-hook 'tramp-cleanup-all-connections-hook #'tramp-recentf-cleanup-all) @end group @end lisp @item I get a warning @samp{Tramp has been compiled with Emacs a.b, this is Emacs c.d} @item I get an error @samp{tramp-file-name-handler: Invalid function: tramp-compat-with-mutex} @value{tramp} comes with compatibility code for different Emacs versions. When you see such a message (the text might differ), you don't use the Emacs built-in version of @value{tramp}, and you must recompile it. In case you have installed @value{tramp} from GNU ELPA, @ifset installchapter @xref{ELPA Installation}. Otherwise, @xref{Recompilation}. @end ifset @ifclear installchapter see @uref{@value{trampurl}#ELPA-Installation}. Otherwise, see @uref{@value{trampurl}#Recompilation}. @end ifclear @item I get an error @samp{Remote file error: Forbidden reentrant call of Tramp} @vindex remote-file-error @vindex debug-ignored-errors Timers, process filters and sentinels, and other event based functions can run at any time, when a remote file operation is still running. This can cause @value{tramp} to block. When such a situation is detected, this error is triggered. It should be fixed in the respective function (sending an error report will help), but for the time being you can suppress this error by the following code in your @file{~/.emacs}: @lisp @group (setq debug-ignored-errors (cons 'remote-file-error debug-ignored-errors)) @end group @end lisp @item I get an error @samp{Remote file error: Not a valid Tramp file name function `tramp-FOO-file-name-p'} @value{tramp} has changed the signature of an internal function. External packages implementing an own @value{tramp} backend must follow this change. Please report this problem to the author of that package. For the running session, @value{tramp} disables the external package, and you can continue to work. If you don't want to see this error while activating @value{tramp}, you can suppress it by the same code as above in your @file{~/.emacs}: @lisp @group (setq debug-ignored-errors (cons 'remote-file-error debug-ignored-errors)) @end group @end lisp @item How to ignore errors when changing file attributes? @vindex tramp-inhibit-errors-if-setting-file-attributes-fail Sometimes, for example while saving remote files, errors appear when changing file attributes like permissions, time stamps, or ownership. If these errors can be ignored, set user option @code{tramp-inhibit-errors-if-setting-file-attributes-fail} to a non-@code{nil} value. This transforms the error into a warning. @item How to ignore errors when changing file attributes? @vindex tramp-inhibit-errors-if-setting-file-attributes-fail Sometimes, for example while saving remote files, errors appear when changing file attributes like permissions, time stamps, or ownership. If these errors can be ignored, set user option @code{tramp-inhibit-errors-if-setting-file-attributes-fail} to a non-@code{nil} value. This transforms the error into a warning. @item How to disable other packages from calling @value{tramp}? There are packages that call @value{tramp} without the user ever entering a remote file name. Even without applying a remote file syntax, some packages enable @value{tramp} on their own. How can users disable such features. @itemize @minus @item @file{ido.el} Disable @value{tramp} file name completion: @lisp (customize-set-variable 'ido-enable-tramp-completion nil) @end lisp @c Obsolete since Emacs 29.1. @item @file{rlogin.el} Disable remote directory tracking mode: @lisp (rlogin-directory-tracking-mode -1) @end lisp @end itemize @item How to disable @value{tramp}? @itemize @minus @item To keep Ange FTP as default the remote files access package, set this in @file{.emacs}: @lisp (customize-set-variable 'tramp-default-method "ftp") @end lisp If you want to enable Ange FTP's syntax, add the following form: @lisp (tramp-change-syntax 'simplified) @end lisp @vindex tramp-ignored-file-name-regexp @item To deactivate @value{tramp} for some look-alike remote file names, set @code{tramp-ignored-file-name-regexp} to a proper regexp in @file{.emacs}. @strong{Note}, that we don't use @code{customize-set-variable}, in order to avoid loading @value{tramp}. @lisp (setq tramp-ignored-file-name-regexp "\\`/ssh:example\\.com:") @end lisp This is needed, if you mount for example a virtual file system on your local host's root directory as @file{/ssh:example.com:}. @findex inhibit-remote-files @item To disable both @value{tramp} (and Ange FTP), type @kbd{M-x inhibit-remote-files @key{RET}}. You can also add this to your @file{.emacs}. @lisp (inhibit-remote-files) @end lisp @findex without-remote-files @item If you write code, which is intended to run only for local files, you can use the @code{without-remote-files} macro. @lisp (without-remote-files @dots{}) @end lisp This improves performance, because many primitive file name operations don't check any longer for @value{tramp} file name regexps then. @findex tramp-unload-tramp @item To unload @value{tramp}, type @kbd{M-x tramp-unload-tramp @key{RET}}. Unloading @value{tramp} resets Ange FTP plugins also. @end itemize @item What is the difference between Ange FTP and @value{tramp}? The difference is that Ange FTP uses @command{ftp} to transfer files between the local and the remote host, whereas @value{tramp} uses a combination of @command{ssh} and @command{scp} or other work-alike programs. @end itemize @c For the developer. @node Files directories and localnames @chapter How file names, directories and localnames are mangled and managed @menu * Temporary directory:: Where temporary files are kept. * Localname deconstruction:: Splitting a localname into its component parts. * External packages:: Integrating with external Lisp packages. @end menu @node Temporary directory @section Where temporary files are kept @vindex temporary-file-directory Internally, @value{tramp} uses @t{"~/.cache/emacs"} as local temporary directory if it exists. Otherwise, the value of @code{temporary-file-directory} is used, which is often @t{"/tmp"}. @vindex tramp-compat-temporary-file-directory @vindex This local temporary directory is kept in the constant @code{tramp-compat-temporary-file-directory}. In this manual, we use @t{""} for its value. The temporary directory on a remote host is @t{"/data/local/tmp"} for the @option{adb} method, @t{"/C$/Temp"} for the @option{smb} method, and @t{"/tmp"} otherwise. For some methods, this can be customized. @vindex tramp-temp-name-prefix Temporary files have the file name prefix @t{"tramp."}. If you want to change this prefix, for example because you want to identify temporary files produced by @code{file-local-copy} in your package, you can bind the variable @code{tramp-temp-name-prefix} temporarily: @example @group (let ((tramp-temp-name-prefix "my-prefix.")) (file-local-copy "@trampfn{ssh,,.emacs}")) @result{} "/tmp/my-prefix.HDfgDZ" @end group @end example @node Localname deconstruction @section Splitting a localname into its component parts @value{tramp} package redefines lisp functions @code{file-name-directory} and @code{file-name-nondirectory} to accommodate the unique file naming syntax that @value{tramp} requires. The replacements dissect the file name, use the original handler for the localname, take that result, and then re-build the @value{tramp} file name. By relying on the original handlers for localnames, @value{tramp} benefits from platform specific hacks to the original handlers. @node External packages @section Integrating with external Lisp packages In general, it is not recommended to use @value{tramp} functions and variables not described in this manual. They might change their signature and/or semantics without any announcement. @subsection File name completion @vindex non-essential Sometimes, it is not convenient to open a new connection to a remote host, including entering the password and alike. For example, this is nasty for packages providing file name completion. Such a package could signal to @value{tramp}, that they don't want it to establish a new connection. Use the variable @code{non-essential} temporarily and bind it to non-@code{nil} value. @lisp @group (let ((non-essential t)) @dots{}) @end group @end lisp @subsection File attributes cache @vindex process-file-side-effects Keeping a local cache of remote file attributes in sync with the remote host is a time-consuming operation. Flushing and re-querying these attributes can tax @value{tramp} to a grinding halt on busy remote hosts. To get around these types of slow-downs in @value{tramp}'s responsiveness, set the @code{process-file-side-effects} to @code{nil} to stop @value{tramp} from flushing the cache. This is helpful in situations where callers to @code{process-file} know there are no file attribute changes. The let-bind form to accomplish this: @lisp @group (let (process-file-side-effects) @dots{}) @end group @end lisp For asynchronous processes, @value{tramp} uses a process sentinel to flush file attributes cache. When callers to @code{start-file-process} know beforehand no file attribute changes are expected, then the process sentinel should be set to the default state. In cases where the caller defines its own process sentinel, @value{tramp}'s process sentinel is overwritten. The caller can still flush the file attributes cache in its process sentinel with this code: @lisp @group (unless (memq (process-status proc) '(run open)) (dired-uncache remote-directory)) @end group @end lisp Since @value{tramp} traverses subdirectories starting with the root directory, it is most likely sufficient to make the @code{default-directory} of the process buffer as the root directory. @subsection Timers @vindex remote-file-error Timers run asynchronously at any time when Emacs is waiting for sending a string to a process, or waiting for process output. They can run any remote file operation, which would conflict with the already running remote file operation, if the same connection is affected. @value{tramp} detects this situation, and raises the @code{remote-file-error} error. A timer function should avoid this situation. As a minimum, it should protect itself against this error, by wrapping the timer function body as follows: @lisp @group (ignore-error 'remote-file-error @dots{}) @end group @end lisp @node Traces and Profiles @chapter How to Customize Traces @vindex tramp-verbose @vindex tramp-debug-to-file @vindex tramp-debug-command-messages @value{tramp} messages are raised with verbosity levels ranging from 0 to 10. @value{tramp} does not display all messages; only those with a verbosity level less than or equal to @code{tramp-verbose}. @noindent The verbosity levels are @itemize @w{} @item @w{ 0} Silent (no @value{tramp} messages at all) @item @w{ 1} Errors @item @w{ 2} Warnings @item @w{ 3} Connection to remote hosts (default verbosity) @item @w{ 4} Activities @item @w{ 5} Internal @item @w{ 6} Sent and received strings @item @w{ 7} Connection properties @item @w{ 8} File caching @item @w{ 9} Test commands @item @w{10} Traces (huge) @item @w{11} Call traces (maintainer only) @end itemize With @code{tramp-verbose} greater than or equal to 4, messages are also written to the @value{tramp} debug buffer @file{*debug tramp/foo*}. Such debug buffers are essential to bug and problem analyzes. For @value{tramp} bug reports, set the @code{tramp-verbose} level to 6 (@pxref{Bug Reports}). The debug buffer is in @ifinfo @ref{Outline Mode, , , emacs}. @end ifinfo @ifnotinfo Outline Mode. @end ifnotinfo In this buffer, messages can be filtered by their level. To see messages up to verbosity level 5, enter @kbd{C-u 6 C-c C-q}. @ifinfo Other navigation keys are described in @ref{Outline Visibility, , , emacs}. @end ifinfo @value{tramp} handles errors internally. Hence, to get a Lisp backtrace, the following settings are required: @lisp @group (setq debug-on-error t debug-on-signal t) @end group @end lisp If @code{tramp-verbose} is greater than or equal to 10, Lisp backtraces are also added to the @value{tramp} debug buffer in case of errors. In very rare cases it could happen, that @value{tramp} blocks Emacs. Killing Emacs does not allow inspecting the debug buffer. In that case, you can instruct @value{tramp} to mirror the debug buffer to a file: @lisp (customize-set-variable 'tramp-debug-to-file t) @end lisp The debug buffer is written as a file in your @ref{Temporary directory}. Use this option with care, because it could decrease the performance of @value{tramp} actions. If @code{tramp-verbose} is greater than or equal to 11, @value{tramp} function call traces are written to the buffer @file{*trace tramp/foo*}. When @code{tramp-debug-command-messages} is non-@code{nil}, the debug buffer contains all messages with verbosity level 6 (sent and received strings), and the entry and exit messages for the function @code{tramp-file-name-handler}. This is intended for @value{tramp} maintainers, analyzing the remote commands for performance analysis. @node GNU Free Documentation License @appendix GNU Free Documentation License @include doclicense.texi @node Function Index @unnumbered Function Index @printindex fn @node Variable Index @unnumbered Variable Index @printindex vr @node Concept Index @unnumbered Concept Index @printindex cp @bye @c TODO @c @c * Say something about the .login and .profile files of the remote @c shells. @c @c * Explain how tramp.el works in principle: open a shell on a remote @c host and then send commands to it. @c @c * Consistent small or capitalized words especially in menus.