* tramp.texi (all): Harmonize usage of "external method",

[gnu-emacs] / doc / misc / tramp.texi

\input texinfo   @c -*-texinfo-*-
@setfilename ../../info/tramp
@c %**start of header
@settitle TRAMP User Manual
@setchapternewpage odd
@c %**end of header

@c This is *so* much nicer :)
@footnotestyle end

@c In the Tramp CVS, the version number is auto-frobbed from
@c configure.ac, so you should edit that file and run
@c "autoconf && ./configure" to change the version number.

@c Additionally, flags are set with respect to the Emacs flavor; and
@c depending whether Tramp is packaged into (X)Emacs, or standalone.

@include trampver.texi

@c Macro for formatting a filename according to the repective syntax.
@c xxx and yyy are auxiliary macros in order to omit leading and
@c trailing whitespace.  Not very elegant, but I don't know it better.

@macro xxx {one}@c
@set \one\@c
@end macro

@macro yyy {one, two}@c
@xxx{x\one\}@c
@ifclear x@c
\one\@w{}\two\@c
@end ifclear
@clear x\one\@c
@end macro

@macro trampfn {method, user, host, localname}@c
@value{prefix}@yyy{\method\,@value{postfixhop}}@yyy{\user\,@@}\host\@value{postfix}\localname\@c
@end macro

@copying
Copyright @copyright{} 1999, 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007, 2008, 2009 Free Software Foundation, Inc.

@quotation
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
any later version published by the Free Software Foundation; with no
Invariant Sections, with the Front-Cover texts being ``A GNU Manual'',
and with the Back-Cover Texts as in (a) below.  A copy of the license
is included in the section entitled ``GNU Free Documentation License''.

(a) The FSF's Back-Cover Text is: ``You have the freedom to
copy and modify this GNU manual.  Buying copies from the FSF
supports it in developing GNU and promoting software freedom.''
@end quotation
@end copying

@c Entries for @command{install-info} to use
@dircategory @value{emacsname}
@direntry
* TRAMP: (tramp).                Transparent Remote Access, Multiple Protocol
                                 @value{emacsname} remote file access via rsh and rcp.
@end direntry

@tex

@titlepage
@title @value{tramp} version @value{trampver} User Manual

@author by Daniel Pittman
@author based on documentation by Kai Gro@ss{}johann

@page
@insertcopying

@end titlepage
@page

@end tex

@ifnottex
@node Top, Overview, (dir), (dir)
@top @value{tramp} version @value{trampver} User Manual

This file documents @value{tramp} version @value{trampver}, a remote file
editing package for @value{emacsname}.

@value{tramp} stands for `Transparent Remote (file) Access, Multiple
Protocol'.  This package provides remote file editing, similar to
@value{ftppackagename}.

The difference is that @value{ftppackagename} uses FTP to transfer
files between the local and the remote host, whereas @value{tramp} uses a
combination of @command{rsh} and @command{rcp} or other work-alike
programs, such as @command{ssh}/@command{scp}.

You can find the latest version of this document on the web at
@uref{http://www.gnu.org/software/tramp/}.

@c Pointer to the other Emacs flavor is necessary only in case of
@c standalone installation.
@ifset installchapter
The manual has been generated for @value{emacsname}.
@ifinfo
If you want to read the info pages for @value{emacsothername}, you
should read in @ref{Installation} how to create them.
@end ifinfo
@ifhtml
If you're using the other Emacs flavor, you should read the
@uref{@value{emacsotherfilename}, @value{emacsothername}} pages.
@end ifhtml
@end ifset

@ifhtml
@ifset jamanual
This manual is also available as a @uref{@value{japanesemanual},
Japanese translation}.
@end ifset

The latest release of @value{tramp} is available for
@uref{ftp://ftp.gnu.org/gnu/tramp/, download}, or you may see
@ref{Obtaining Tramp} for more details, including the CVS server
details.

@value{tramp} also has a @uref{http://savannah.gnu.org/projects/tramp/,
Savannah Project Page}.
@end ifhtml

There is a mailing list for @value{tramp}, available at
@email{tramp-devel@@gnu.org}, and archived at
@uref{http://lists.gnu.org/archive/html/tramp-devel/, the
@value{tramp} Mail Archive}.
@ifhtml
Older archives are located at
@uref{http://sourceforge.net/mailarchive/forum.php?forum=tramp-devel,
SourceForge Mail Archive} and
@uref{http://www.mail-archive.com/emacs-rcp@@ls6.cs.uni-dortmund.de/,
The Mail Archive}.
@c in HTML output, there's no new paragraph.
@*@*
@end ifhtml

@insertcopying

@end ifnottex

@menu
* Overview::                    What @value{tramp} can and cannot do.

For the end user:

* Obtaining Tramp::             How to obtain @value{tramp}.
* History::                     History of @value{tramp}.
@ifset installchapter
* Installation::                Installing @value{tramp} with your @value{emacsname}.
@end ifset
* Configuration::               Configuring @value{tramp} for use.
* Usage::                       An overview of the operation of @value{tramp}.
* Bug Reports::                 Reporting Bugs and Problems.
* Frequently Asked Questions::  Questions and answers from the mailing list.
* Function Index::              @value{tramp} functions.
* Variable Index::              User options and variables.
* Concept Index::               An item for each concept.

For the developer:

* Version Control::             The inner workings of remote version control.
* Files directories and localnames::  How file names, directories and localnames are mangled and managed.
* Traces and Profiles::         How to Customize Traces.
* Issues::                      Debatable Issues and What Was Decided.

* GNU Free Documentation License:: The license for this documentation.

@detailmenu
 --- The Detailed Node Listing ---
@c
@ifset installchapter
Installing @value{tramp} with your @value{emacsname}

* Installation parameters::     Parameters in order to control installation.
* Load paths::                  How to plug-in @value{tramp} into your environment.
* Japanese manual::             Japanese manual.

@end ifset

Configuring @value{tramp} for use

* Connection types::            Types of connections made to remote machines.
* Inline methods::              Inline methods.
* External methods::            External methods.
@ifset emacsgw
* Gateway methods::             Gateway methods.
@end ifset
* Default Method::              Selecting a default method.
* Default User::                Selecting a default user.
* Default Host::                Selecting a default host.
* Multi-hops::                  Connecting to a remote host using multiple hops.
* Customizing Methods::         Using Non-Standard Methods.
* Customizing Completion::      Selecting config files for user/host name completion.
* Password handling::           Reusing passwords for several connections.
* Connection caching::          Reusing connection related information.
* Remote Programs::             How @value{tramp} finds and uses programs on the remote machine.
* Remote shell setup::          Remote shell setup hints.
* Windows setup hints::         Issues with Cygwin ssh.
* Auto-save and Backup::        Auto-save and Backup.

Using @value{tramp}

* Filename Syntax::             @value{tramp} filename conventions.
* Alternative Syntax::          URL-like filename syntax.
* Filename completion::         Filename completion.
* Remote processes::            Integration with other @value{emacsname} packages.
* Cleanup remote connections::  Cleanup remote connections.

The inner workings of remote version control

* Version Controlled Files::    Determining if a file is under version control.
* Remote Commands::             Executing the version control commands on the remote machine.
* Changed workfiles::           Detecting if the working file has changed.
* Checking out files::          Bringing the workfile out of the repository.
* Miscellaneous Version Control::  Things related to Version Control that don't fit elsewhere.

Things related to Version Control that don't fit elsewhere

* Remote File Ownership::       How VC determines who owns a workfile.
* Back-end Versions::           How VC determines what release your RCS is.

How file names, directories and localnames are mangled and managed

* Localname deconstruction::    Breaking a localname into its components.
@ifset emacs
* External packages::           Integration with external Lisp packages.
@end ifset

@end detailmenu
@end menu

@node Overview
@chapter An overview of @value{tramp}
@cindex overview

After the installation of @value{tramp} into your @value{emacsname}, you
will be able to access files on remote machines as though they were
local.  Access to the remote file system for editing files, version
control, and @code{dired} are transparently enabled.

Your access to the remote machine can be with the @command{rsh},
@command{rlogin}, @command{telnet} programs or with any similar
connection method.  This connection must pass @acronym{ASCII}
successfully to be usable but need not be 8-bit clean.

The package provides support for @command{ssh} connections out of the
box, one of the more common uses of the package.  This allows
relatively secure access to machines, especially if @command{ftp}
access is disabled.

Under Windows, @value{tramp} is integrated with the PuTTY package,
using the @command{plink} program.

The majority of activity carried out by @value{tramp} requires only that
the remote login is possible and is carried out at the terminal.  In
order to access remote files @value{tramp} needs to transfer their content
to the local machine temporarily.

@value{tramp} can transfer files between the machines in a variety of ways.
The details are easy to select, depending on your needs and the
machines in question.

The fastest transfer methods for large files rely on a remote file
transfer package such as @command{rcp}, @command{scp}, @command{rsync}
or (under Windows) @command{pscp}.

If the remote copy methods are not suitable for you, @value{tramp} also
supports the use of encoded transfers directly through the shell.
This requires that the @command{mimencode} or @command{uuencode} tools
are available on the remote machine.  These methods are generally
faster for small files.

@value{tramp} is still under active development and any problems you encounter,
trivial or major, should be reported to the @value{tramp} developers.
@xref{Bug Reports}.


@subsubheading Behind the scenes
@cindex behind the scenes
@cindex details of operation
@cindex how it works

This section tries to explain what goes on behind the scenes when you
access a remote file through @value{tramp}.

Suppose you type @kbd{C-x C-f} and enter part of an @value{tramp} file name,
then hit @kbd{@key{TAB}} for completion.  Suppose further that this is
the first time that @value{tramp} is invoked for the host in question.  Here's
what happens:

@itemize
@item
@value{tramp} discovers that it needs a connection to the host.  So it
invokes @samp{telnet @var{host}} or @samp{rsh @var{host} -l
@var{user}} or a similar tool to connect to the remote host.
Communication with this process happens through an
@value{emacsname} buffer, that is, the output from the remote end
goes into a buffer.

@item
The remote host may prompt for a login name (for @command{telnet}).
The login name is given in the file name, so @value{tramp} sends the
login name and a newline.

@item
The remote host may prompt for a password or pass phrase (for
@command{rsh} or for @command{telnet} after sending the login name).
@value{tramp} displays the prompt in the minibuffer, asking you for the
password or pass phrase.

You enter the password or pass phrase.  @value{tramp} sends it to the remote
host, followed by a newline.

@item
@value{tramp} now waits for the shell prompt or for a message that the login
failed.

If @value{tramp} sees neither of them after a certain period of time
(a minute, say), then it issues an error message saying that it
couldn't find the remote shell prompt and shows you what the remote
host has sent.

If @value{tramp} sees a @samp{login failed} message, it tells you so,
aborts the login attempt and allows you to try again.

@item
Suppose that the login was successful and @value{tramp} sees the shell prompt
from the remote host.  Now @value{tramp} invokes @command{/bin/sh} because
Bourne shells and C shells have different command
syntaxes.@footnote{Invoking @command{/bin/sh} will fail if your login
shell doesn't recognize @samp{exec /bin/sh} as a valid command.
Maybe you use the Scheme shell @command{scsh}@dots{}}

After the Bourne shell has come up, @value{tramp} sends a few commands to
ensure a good working environment.  It turns off echoing, it sets the
shell prompt, and a few other things.

@item
Now the remote shell is up and it good working order.  Remember, what
was supposed to happen is that @value{tramp} tries to find out what files exist
on the remote host so that it can do filename completion.

So, @value{tramp} basically issues @command{cd} and @command{ls} commands and
also sometimes @command{echo} with globbing.  Another command that is
often used is @command{test} to find out whether a file is writable or a
directory or the like.  The output of each command is parsed for the
necessary operation.

@item
Suppose you are finished with filename completion, have entered @kbd{C-x
C-f}, a full file name and hit @kbd{@key{RET}}.  Now comes the time to
transfer the file contents from the remote host to the local host so
that you can edit them.

See above for an explanation of how @value{tramp} transfers the file contents.

For inline transfers, @value{tramp} issues a command like @samp{mimencode -b
/path/to/remote/file}, waits until the output has accumulated in the
buffer that's used for communication, then decodes that output to
produce the file contents.

For external transfers, @value{tramp} issues a command like the
following:
@example
rcp user@@host:/path/to/remote/file /tmp/tramp.4711
@end example
It then reads the local temporary file @file{/tmp/tramp.4711} into a
buffer and deletes the temporary file.

@item
You now edit the buffer contents, blithely unaware of what has happened
behind the scenes.  (Unless you have read this section, that is.)  When
you are finished, you type @kbd{C-x C-s} to save the buffer.

@item
Again, @value{tramp} transfers the file contents to the remote host
either inline or external.  This is the reverse of what happens when
reading the file.
@end itemize

I hope this has provided you with a basic overview of what happens
behind the scenes when you open a file with @value{tramp}.


@c For the end user
@node Obtaining Tramp
@chapter Obtaining Tramp.
@cindex obtaining Tramp

@value{tramp} is freely available on the Internet and the latest
release may be downloaded from
@uref{ftp://ftp.gnu.org/gnu/tramp/}.  This release includes the full
documentation and code for @value{tramp}, suitable for installation.
But GNU Emacs (22 or later) includes @value{tramp} already, and there
is a @value{tramp} package for XEmacs, as well.  So maybe it is easier
to just use those.  But if you want the bleeding edge, read
on@dots{...}

For the especially brave, @value{tramp} is available from CVS.  The CVS
version is the latest version of the code and may contain incomplete
features or new issues.  Use these versions at your own risk.

Instructions for obtaining the latest development version of @value{tramp}
from CVS can be found by going to the Savannah project page at the
following URL and then clicking on the CVS link in the navigation bar
at the top.

@noindent
@uref{http://savannah.gnu.org/projects/tramp/}

@noindent
Or follow the example session below:

@example
] @strong{cd ~/@value{emacsdir}}
] @strong{export CVS_RSH="ssh"}
] @strong{cvs -z3 -d:ext:anoncvs@@savannah.gnu.org:/cvsroot/tramp co tramp}
@end example

@noindent
You should now have a directory @file{~/@value{emacsdir}/tramp}
containing the latest version of @value{tramp}.  You can fetch the latest
updates from the repository by issuing the command:

@example
] @strong{cd ~/@value{emacsdir}/tramp}
] @strong{export CVS_RSH="ssh"}
] @strong{cvs update -d}
@end example

@noindent
Once you've got updated files from the CVS repository, you need to run
@command{autoconf} in order to get an up-to-date @file{configure}
script:

@example
] @strong{cd ~/@value{emacsdir}/tramp}
] @strong{autoconf}
@end example

People who have no direct CVS access (maybe because sitting behind a
blocking firewall), can try the
@uref{http://savannah.gnu.org/cvs-backup/tramp-sources.tar.gz, Nightly
CVS Tree Tarball} instead of.


@node History
@chapter History of @value{tramp}
@cindex history
@cindex development history

Development was started end of November 1998.  The package was called
@file{rssh.el}, back then.  It only provided one method to access a
file, using @command{ssh} to log in to a remote host and using
@command{scp} to transfer the file contents.  After a while, the name
was changed to @file{rcp.el}, and now it's @value{tramp}.  Along the way,
many more methods for getting a remote shell and for transferring the
file contents were added.  Support for VC was added.

The most recent addition of major features were the multi-hop methods
added in April 2000 and the unification of @value{tramp} and Ange-FTP
filenames in July 2002.  In July 2004, multi-hop methods have been
replaced by proxy hosts.  Running commands on remote hosts was
introduced in December 2005.
@ifset emacsgw
Support of gateways exists since April 2007.
@end ifset

In December 2001, @value{tramp} has been added to the XEmacs package
repository.  Being part of the GNU Emacs repository happened in June
2002, the first release including @value{tramp} was GNU Emacs 22.1.

@value{tramp} is also a GNU/Linux Debian package since February 2001.


@c Installation chapter is necessary only in case of standalone
@c installation.  Text taken from trampinst.texi.
@ifset installchapter
@include trampinst.texi
@end ifset

@node Configuration
@chapter Configuring @value{tramp} for use
@cindex configuration

@cindex default configuration
@value{tramp} is (normally) fully functional when it is initially
installed.  It is initially configured to use the @command{scp}
program to connect to the remote host.  So in the easiest case, you
just type @kbd{C-x C-f} and then enter the filename
@file{@trampfn{, user, machine, /path/to.file}}.

On some hosts, there are problems with opening a connection.  These are
related to the behavior of the remote shell.  See @xref{Remote shell
setup}, for details on this.

If you do not wish to use these commands to connect to the remote
host, you should change the default connection and transfer method
that @value{tramp} uses.  There are several different methods that @value{tramp}
can use to connect to remote machines and transfer files
(@pxref{Connection types}).

If you don't know which method is right for you, see @xref{Default
Method}.


@menu
* Connection types::            Types of connections made to remote machines.
* Inline methods::              Inline methods.
* External methods::            External methods.
@ifset emacsgw
* Gateway methods::             Gateway methods.
@end ifset
* Default Method::              Selecting a default method.
                                  Here we also try to help those who
                                  don't have the foggiest which method
                                  is right for them.
* Default User::                Selecting a default user.
* Default Host::                Selecting a default host.
* Multi-hops::                  Connecting to a remote host using multiple hops.
* Customizing Methods::         Using Non-Standard Methods.
* Customizing Completion::      Selecting config files for user/host name completion.
* Password handling::           Reusing passwords for several connections.
* Connection caching::          Reusing connection related information.
* Remote Programs::             How @value{tramp} finds and uses programs on the remote machine.
* Remote shell setup::          Remote shell setup hints.
* Windows setup hints::         Issues with Cygwin ssh.
* Auto-save and Backup::        Auto-save and Backup.
@end menu


@node Connection types
@section Types of connections made to remote machines.
@cindex connection types, overview

There are two basic types of transfer methods, each with its own
advantages and limitations.  Both types of connection make use of a
remote shell access program such as @command{rsh}, @command{ssh} or
@command{telnet} to connect to the remote machine.

This connection is used to perform many of the operations that @value{tramp}
requires to make the remote file system transparently accessible from
the local machine.  It is only when visiting files that the methods
differ.

@cindex inline methods
@cindex external methods
@cindex methods, inline
@cindex methods, external
Loading or saving a remote file requires that the content of the file
be transfered between the two machines.  The content of the file can
be transfered using one of two methods: the @dfn{inline method} over
the same connection used to log in to the remote machine, or the
@dfn{external method} through another connection using a remote copy
program such as @command{rcp}, @command{scp} or @command{rsync}.

The performance of the external methods is generally better than that
of the inline methods, at least for large files.  This is caused by
the need to encode and decode the data when transferring inline.

The one exception to this rule are the @command{scp} based transfer
methods.  While these methods do see better performance when actually
transferring files, the overhead of the cryptographic negotiation at
startup may drown out the improvement in file transfer times.

External methods should be configured such a way that they don't
require a password (with @command{ssh-agent}, or such alike).  Modern
@command{scp} implementations offer options to reuse existing
@command{ssh} connections, see method @command{scpc}.  If it isn't
possible, you should consider @ref{Password handling}, otherwise you
will be prompted for a password every copy action.


@node Inline methods
@section Inline methods
@cindex inline methods
@cindex methods, inline

The inline methods in @value{tramp} are quite powerful and can work in
situations where you cannot use an external transfer program to connect.
Inline methods are the only methods that work when connecting to the
remote machine via telnet.  (There are also strange inline methods which
allow you to transfer files between @emph{user identities} rather than
hosts, see below.)

These methods depend on the existence of a suitable encoding and
decoding command on remote machine.  Locally, @value{tramp} may be able to
use features of @value{emacsname} to decode and encode the files or
it may require access to external commands to perform that task.

@cindex uuencode
@cindex mimencode
@cindex base-64 encoding
@value{tramp} checks the availability and usability of commands like
@command{mimencode} (part of the @command{metamail} package) or
@command{uuencode} on the remote host.  The first reliable command
will be used.  The search path can be customized, see @ref{Remote
Programs}.

If both commands aren't available on the remote host, @value{tramp}
transfers a small piece of Perl code to the remote host, and tries to
apply it for encoding and decoding.


@table @asis
@item @option{rsh}
@cindex method rsh
@cindex rsh method

Connect to the remote host with @command{rsh}.  Due to the unsecure
connection it is recommended for very local host topology only.

On operating systems which provide the command @command{remsh} instead
of @command{rsh}, you can use the method @option{remsh}.  This is true
for HP-UX or Cray UNICOS, for example.


@item @option{ssh}
@cindex method ssh
@cindex ssh method

Connect to the remote host with @command{ssh}.  This is identical to
the previous option except that the @command{ssh} package is used,
making the connection more secure.

There are also two variants, @option{ssh1} and @option{ssh2}, that
call @samp{ssh -1} and @samp{ssh -2}, respectively.  This way, you can
explicitly select whether you want to use the SSH protocol version 1
or 2 to connect to the remote host.  (You can also specify in
@file{~/.ssh/config}, the SSH configuration file, which protocol
should be used, and use the regular @option{ssh} method.)

Two other variants, @option{ssh1_old} and @option{ssh2_old}, use the
@command{ssh1} and @command{ssh2} commands explicitly.  If you don't
know what these are, you do not need these options.

All the methods based on @command{ssh} have an additional kludgy
feature: you can specify a host name which looks like @file{host#42}
(the real host name, then a hash sign, then a port number).  This
means to connect to the given host but to also pass @code{-p 42} as
arguments to the @command{ssh} command.


@item @option{telnet}
@cindex method telnet
@cindex telnet method

Connect to the remote host with @command{telnet}.  This is as unsecure
as the @option{rsh} method.


@item @option{su}
@cindex method su
@cindex su method

This method does not connect to a remote host at all, rather it uses
the @command{su} program to allow you to edit files as another user.
That means, the specified host name in the file name must be either
@samp{localhost} or the host name as returned by the function
@command{(system-name)}.  For an exception of this rule see
@ref{Multi-hops}.


@item @option{sudo}
@cindex method sudo
@cindex sudo method

This is similar to the @option{su} method, but it uses @command{sudo}
rather than @command{su} to become a different user.

Note that @command{sudo} must be configured to allow you to start a
shell as the user.  It would be nice if it was sufficient if
@command{ls} and @command{mimencode} were allowed, but that is not
easy to implement, so I haven't got around to it, yet.


@item @option{sshx}
@cindex method sshx
@cindex sshx method

As you would expect, this is similar to @option{ssh}, only a little
different.  Whereas @option{ssh} opens a normal interactive shell on
the remote host, this option uses @samp{ssh -t -t @var{host} -l
@var{user} /bin/sh} to open a connection.  This is useful for users
where the normal login shell is set up to ask them a number of
questions when logging in.  This procedure avoids these questions, and
just gives @value{tramp} a more-or-less `standard' login shell to work
with.

Note that this procedure does not eliminate questions asked by
@command{ssh} itself.  For example, @command{ssh} might ask ``Are you
sure you want to continue connecting?'' if the host key of the remote
host is not known.  @value{tramp} does not know how to deal with such a
question (yet), therefore you will need to make sure that you can log
in without such questions.

This is also useful for Windows users where @command{ssh}, when
invoked from an @value{emacsname} buffer, tells them that it is not
allocating a pseudo tty.  When this happens, the login shell is wont
to not print any shell prompt, which confuses @value{tramp} mightily.
For reasons unknown, some Windows ports for @command{ssh} require the
doubled @samp{-t} option.

This supports the @samp{-p} kludge.


@item @option{krlogin}
@cindex method krlogin
@cindex krlogin method
@cindex Kerberos (with krlogin method)

This method is also similar to @option{ssh}.  It only uses the
@command{krlogin -x} command to log in to the remote host.


@item @option{plink}
@cindex method plink
@cindex plink method

This method is mostly interesting for Windows users using the PuTTY
implementation of SSH.  It uses @samp{plink -ssh} to log in to the
remote host.

This supports the @samp{-P} kludge.

Additionally, the methods @option{plink1} and @option{plink2} are
provided, which call @samp{plink -1 -ssh} or @samp{plink -2 -ssh} in
order to use SSH protocol version 1 or 2 explicitly.

CCC: Do we have to connect to the remote host once from the command
line to accept the SSH key?  Maybe this can be made automatic?

CCC: Say something about the first shell command failing.  This might
be due to a wrong setting of @code{tramp-rsh-end-of-line}.


@item @option{plinkx}
@cindex method plinkx
@cindex plinkx method

Another method using PuTTY on Windows.  Instead of host names, it
expects PuTTY session names, calling @samp{plink -load @var{session}
-t"}.  User names are relevant only in case the corresponding session
hasn't defined a user name.  Different port numbers must be defined in
the session.


@item @option{fish}
@cindex method fish
@cindex fish method

This is an experimental implementation of the fish protocol, known from
the GNU Midnight Commander or the KDE Konqueror.  @value{tramp} expects
the fish server implementation from the KDE kioslave.  That means, the
file @file{~/.fishsrv.pl} is expected to reside on the remote host.

The implementation lacks good performance.  The code is offered anyway,
maybe somebody can improve the performance.

@end table


@node External methods
@section External methods
@cindex methods, external
@cindex external methods

The external methods operate through multiple channels, using the
remote shell connection for many actions while delegating file
transfers to an external transfer utility.

This saves the overhead of encoding and decoding that multiplexing the
transfer through the one connection has with the inline methods.

Since external methods need their own overhead opening a new channel,
all files which are smaller than @var{tramp-copy-size-limit} are still
transferred with the corresponding inline method.  It should provide a
fair trade-off between both approaches.

@table @asis
@item @option{rcp}  ---  @command{rsh} and @command{rcp}
@cindex method rcp
@cindex rcp method
@cindex rcp (with rcp method)
@cindex rsh (with rcp method)

This method uses the @command{rsh} and @command{rcp} commands to connect
to the remote machine and transfer files.  This is probably the fastest
connection method available.

The alternative method @option{remcp} uses the @command{remsh} and
@command{rcp} commands.  It should be applied on machines where
@command{remsh} is used instead of @command{rsh}.


@item @option{scp}  ---  @command{ssh} and @command{scp}
@cindex method scp
@cindex scp method
@cindex scp (with scp method)
@cindex ssh (with scp method)

Using @command{ssh} to connect to the remote host and @command{scp} to
transfer files between the machines is the best method for securely
connecting to a remote machine and accessing files.

The performance of this option is also quite good.  It may be slower than
the inline methods when you often open and close small files however.
The cost of the cryptographic handshake at the start of an @command{scp}
session can begin to absorb the advantage that the lack of encoding and
decoding presents.

There are also two variants, @option{scp1} and @option{scp2}, that
call @samp{ssh -1} and @samp{ssh -2}, respectively.  This way, you can
explicitly select whether you want to use the SSH protocol version 1
or 2 to connect to the remote host.  (You can also specify in
@file{~/.ssh/config}, the SSH configuration file, which protocol
should be used, and use the regular @option{scp} method.)

Two other variants, @option{scp1_old} and @option{scp2_old}, use the
@command{ssh1} and @command{ssh2} commands explicitly.  If you don't
know what these are, you do not need these options.

All the @command{ssh} based methods support the kludgy @samp{-p}
feature where you can specify a port number to connect to in the host
name.  For example, the host name @file{host#42} tells @value{tramp} to
specify @samp{-p 42} in the argument list for @command{ssh}, and to
specify @samp{-P 42} in the argument list for @command{scp}.


@item @option{sftp}  ---  @command{ssh} and @command{sftp}
@cindex method sftp
@cindex sftp method
@cindex sftp (with sftp method)
@cindex ssh (with sftp method)

That is mostly the same method as @option{scp}, but using
@command{sftp} as transfer command.  So the same remarks are valid.

This command does not work like @value{ftppackagename}, where
@command{ftp} is called interactively, and all commands are send from
within this session.  Instead of, @command{ssh} is used for login.

This method supports the @samp{-p} hack.


@item @option{rsync}  ---  @command{ssh} and @command{rsync}
@cindex method rsync
@cindex rsync method
@cindex rsync (with rsync method)
@cindex ssh (with rsync method)

Using the @command{ssh} command to connect securely to the remote
machine and the @command{rsync} command to transfer files is almost
identical to the @option{scp} method.

While @command{rsync} performs much better than @command{scp} when
transferring files that exist on both hosts, this advantage is lost if
the file exists only on one side of the connection.

The @command{rsync} based method may be considerably faster than the
@command{rcp} based methods when writing to the remote system.  Reading
files to the local machine is no faster than with a direct copy.

This method supports the @samp{-p} hack.


@item @option{scpx} --- @command{ssh} and @command{scp}
@cindex method scpx
@cindex scpx method
@cindex scp (with scpx method)
@cindex ssh (with scpx method)

As you would expect, this is similar to @option{scp}, only a little
different.  Whereas @option{scp} opens a normal interactive shell on
the remote host, this option uses @samp{ssh -t -t @var{host} -l
@var{user} /bin/sh} to open a connection.  This is useful for users
where the normal login shell is set up to ask them a number of
questions when logging in.  This procedure avoids these questions, and
just gives @value{tramp} a more-or-less `standard' login shell to work
with.

This is also useful for Windows users where @command{ssh}, when
invoked from an @value{emacsname} buffer, tells them that it is not
allocating a pseudo tty.  When this happens, the login shell is wont
to not print any shell prompt, which confuses @value{tramp} mightily.

This method supports the @samp{-p} hack.


@item @option{scpc} --- @command{ssh} and @command{scp}
@cindex method scpx
@cindex scpx method
@cindex scp (with scpx method)
@cindex ssh (with scpx method)

Newer versions of @option{ssh} (for example OpenSSH 4) offer an option
@option{ControlMaster}.  This allows @option{scp} to reuse an existing
@option{ssh} channel, which increases performance.

Before you use this method, you shall check whether your @option{ssh}
implementation does support this option.  Try from the command line

@example
ssh localhost -o ControlMaster=yes
@end example

This method supports the @samp{-p} hack.


@item @option{pscp} --- @command{plink} and @command{pscp}
@cindex method pscp
@cindex pscp method
@cindex pscp (with pscp method)
@cindex plink (with pscp method)
@cindex PuTTY (with pscp method)

This method is similar to @option{scp}, but it uses the
@command{plink} command to connect to the remote host, and it uses
@command{pscp} for transferring the files.  These programs are part
of PuTTY, an SSH implementation for Windows.

This method supports the @samp{-P} hack.


@item @option{psftp} --- @command{plink} and @command{psftp}
@cindex method psftp
@cindex psftp method
@cindex psftp (with psftp method)
@cindex plink (with psftp method)
@cindex PuTTY (with psftp method)

As you would expect, this method is similar to @option{sftp}, but it
uses the @command{plink} command to connect to the remote host, and it
uses @command{psftp} for transferring the files.  These programs are
part of PuTTY, an SSH implementation for Windows.

This method supports the @samp{-P} hack.


@item @option{fcp} --- @command{fsh} and @command{fcp}
@cindex method fcp
@cindex fcp method
@cindex fsh (with fcp method)
@cindex fcp (with fcp method)

This method is similar to @option{scp}, but it uses the @command{fsh}
command to connect to the remote host, and it uses @command{fcp} for
transferring the files.  @command{fsh/fcp} are a front-end for
@command{ssh} which allow for reusing the same @command{ssh} session
for submitting several commands.  This avoids the startup overhead of
@command{scp} (which has to establish a secure connection whenever it
is called).  Note, however, that you can also use one of the inline
methods to achieve a similar effect.

This method uses the command @samp{fsh @var{host} -l @var{user}
/bin/sh -i} to establish the connection, it does not work to just say
@command{fsh @var{host} -l @var{user}}.

@cindex method fsh
@cindex fsh method

There is no inline method using @command{fsh} as the multiplexing
provided by the program is not very useful in our context.  @value{tramp}
opens just one connection to the remote host and then keeps it open,
anyway.


@item @option{ftp}
@cindex method ftp
@cindex ftp method

This is not a native @value{tramp} method.  Instead of, it forwards all
requests to @value{ftppackagename}.
@ifset xemacs
This works only for unified filenames, see @ref{Issues}.
@end ifset


@item @option{smb} --- @command{smbclient}
@cindex method smb
@cindex smb method

This is another not natural @value{tramp} method.  It uses the
@command{smbclient} command on different Unices in order to connect to
an SMB server.  An SMB server might be a Samba (or CIFS) server on
another UNIX host or, more interesting, a host running MS Windows.  So
far, it is tested towards MS Windows NT, MS Windows 2000, and MS
Windows XP.

The first directory in the localname must be a share name on the remote
host.  Remember, that the @code{$} character in which default shares
usually end, must be written @code{$$} due to environment variable
substitution in file names.  If no share name is given (i.e. remote
directory @code{/}), all available shares are listed.

Since authorization is done on share level, you will be prompted
always for a password if you access another share on the same host.
This can be suppressed by @ref{Password handling}.

MS Windows uses for authorization both a user name and a domain name.
Because of this, the @value{tramp} syntax has been extended: you can
specify a user name which looks like @code{user%domain} (the real user
name, then a percent sign, then the domain name).  So, to connect to
the machine @code{melancholia} as user @code{daniel} of the domain
@code{BIZARRE}, and edit @file{.emacs} in the home directory (share
@code{daniel$}) I would specify the filename @file{@trampfn{smb,
daniel%BIZARRE, melancholia, /daniel$$/.emacs}}.

Depending on the Windows domain configuration, a Windows user might be
considered as domain user per default.  In order to connect as local
user, the WINS name of that machine must be given as domain name.
Usually, it is the machine name in capital letters.  In the example
above, the local user @code{daniel} would be specified as
@file{@trampfn{smb, daniel%MELANCHOLIA, melancholia, /daniel$$/.emacs}}.

The domain name as well as the user name are optional.  If no user
name is specified at all, the anonymous user (without password
prompting) is assumed.  This is different from all other @value{tramp}
methods, where in such a case the local user name is taken.

The @option{smb} method supports the @samp{-p} hack.

@strong{Please note:} If @value{emacsname} runs locally under MS
Windows, this method isn't available.  Instead of, you can use UNC
file names like @file{//melancholia/daniel$$/.emacs}.  The only
disadvantage is that there's no possibility to specify another user
name.

@end table


@ifset emacsgw
@node Gateway methods
@section Gateway methods
@cindex methods, gateway
@cindex gateway methods

Gateway methods are not methods to access a remote host directly.
These methods are intended to pass firewalls or proxy servers.
Therefore, they can be used for proxy host declarations
(@pxref{Multi-hops}) only.

A gateway method must come always along with a method who supports
port setting (referred to as @samp{-p} kludge).  This is because
@value{tramp} targets the accompanied method to
@file{localhost#random_port}, from where the firewall or proxy server
is accessed to.

Gateway methods support user name and password declarations.  These
are used to authenticate towards the corresponding firewall or proxy
server.  They can be passed only if your friendly administrator has
granted your access.

@table @asis
@item @option{tunnel}
@cindex method tunnel
@cindex tunnel method

This method implements an HTTP tunnel via the @command{CONNECT}
command (see RFC 2616, 2817).  Any HTTP 1.1 compliant (proxy) server
shall support this command.

As authentication method, only @option{Basic Authentication} (see RFC
2617) is implemented so far.  If no port number is given in the
declaration, port @option{8080} is used for the proxy server.


@item @option{socks}
@cindex method socks
@cindex socks method

The @command{socks} method provides access to SOCKSv5 servers (see
RFC 1928).  @option{Username/Password Authentication} according to RFC
1929 is supported.

The default port number of the socks server is @option{1080}, if not
specified otherwise.

@end table
@end ifset


@node Default Method
@section Selecting a default method
@cindex default method

@vindex tramp-default-method
When you select an appropriate transfer method for your typical usage
you should set the variable @code{tramp-default-method} to reflect that
choice.  This variable controls which method will be used when a method
is not specified in the @value{tramp} file name.  For example:

@lisp
(setq tramp-default-method "ssh")
@end lisp

@vindex tramp-default-method-alist
You can also specify different methods for certain user/host
combinations, via the variable @code{tramp-default-method-alist}.  For
example, the following two lines specify to use the @option{ssh}
method for all user names matching @samp{john} and the @option{rsync}
method for all host names matching @samp{lily}.  The third line
specifies to use the @option{su} method for the user @samp{root} on
the machine @samp{localhost}.

@lisp
(add-to-list 'tramp-default-method-alist '("" "john" "ssh"))
(add-to-list 'tramp-default-method-alist '("lily" "" "rsync"))
(add-to-list 'tramp-default-method-alist
             '("\\`localhost\\'" "\\`root\\'" "su"))
@end lisp

@noindent
See the documentation for the variable
@code{tramp-default-method-alist} for more details.

External methods are normally preferable to inline methods, giving
better performance.

@xref{Inline methods}.
@xref{External methods}.

Another consideration with the selection of transfer methods is the
environment you will use them in and, especially when used over the
Internet, the security implications of your preferred method.

The @option{rsh} and @option{telnet} methods send your password as
plain text as you log in to the remote machine, as well as
transferring the files in such a way that the content can easily be
read from other machines.

If you need to connect to remote systems that are accessible from the
Internet, you should give serious thought to using @option{ssh} based
methods to connect.  These provide a much higher level of security,
making it a non-trivial exercise for someone to obtain your password
or read the content of the files you are editing.


@subsection Which method is the right one for me?
@cindex choosing the right method

Given all of the above, you are probably thinking that this is all fine
and good, but it's not helping you to choose a method!  Right you are.
As a developer, we don't want to boss our users around but give them
maximum freedom instead.  However, the reality is that some users would
like to have some guidance, so here I'll try to give you this guidance
without bossing you around.  You tell me whether it works @dots{}

My suggestion is to use an inline method.  For large files, external
methods might be more efficient, but I guess that most people will
want to edit mostly small files.

I guess that these days, most people can access a remote machine by
using @command{ssh}.  So I suggest that you use the @option{ssh}
method.  So, type @kbd{C-x C-f @trampfn{ssh, root, otherhost,
/etc/motd} @key{RET}} to edit the @file{/etc/motd} file on the other
host.

If you can't use @option{ssh} to log in to the remote host, then
select a method that uses a program that works.  For instance, Windows
users might like the @option{plink} method which uses the PuTTY
implementation of @command{ssh}.  Or you use Kerberos and thus like
@option{krlogin}.

For the special case of editing files on the local host as another
user, see the @option{su} or @option{sudo} methods.  They offer
shortened syntax for the @samp{root} account, like
@file{@trampfn{su, , , /etc/motd}}.

People who edit large files may want to consider @option{scpc} instead
of @option{ssh}, or @option{pscp} instead of @option{plink}.  These
external methods are faster than inline methods for large files.
Note, however, that external methods suffer from some limitations.
Please try first whether you really get a noticeable speed advantage
from using an external method!  Maybe even for large files, inline
methods are fast enough.


@node Default User
@section Selecting a default user
@cindex default user

The user part of a @value{tramp} file name can be omitted.  Usually,
it is replaced by the user name you are logged in.  Often, this is not
what you want.  A typical use of @value{tramp} might be to edit some
files with root permissions on the local host.  This case, you should
set the variable @code{tramp-default-user} to reflect that choice.
For example:

@lisp
(setq tramp-default-user "root")
@end lisp

@code{tramp-default-user} is regarded as obsolete, and will be removed
soon.

@vindex tramp-default-user-alist
You can also specify different users for certain method/host
combinations, via the variable @code{tramp-default-user-alist}.  For
example, if you always have to use the user @samp{john} in the domain
@samp{somewhere.else}, you can specify the following:

@lisp
(add-to-list 'tramp-default-user-alist
             '("ssh" ".*\\.somewhere\\.else\\'" "john"))
@end lisp

@noindent
See the documentation for the variable
@code{tramp-default-user-alist} for more details.

One trap to fall in must be known.  If @value{tramp} finds a default
user, this user will be passed always to the connection command as
parameter (for example @samp{ssh here.somewhere.else -l john}.  If you
have specified another user for your command in its configuration
files, @value{tramp} cannot know it, and the remote access will fail.
If you have specified in the given example in @file{~/.ssh/config} the
lines

@example
Host here.somewhere.else
     User lily
@end example

@noindent
than you must discard selecting a default user by @value{tramp}.  This
will be done by setting it to @code{nil} (or @samp{lily}, likewise):

@lisp
(add-to-list 'tramp-default-user-alist
             '("ssh" "\\`here\\.somewhere\\.else\\'" nil))
@end lisp

The last entry in @code{tramp-default-user-alist} could be your
default user you'll apply predominantly.  You shall @emph{append} it
to that list at the end:

@lisp
(add-to-list 'tramp-default-user-alist '(nil nil "jonas") t)
@end lisp


@node Default Host
@section Selecting a default host
@cindex default host

@vindex tramp-default-host
Finally, it is even possible to omit the host name part of a
@value{tramp} file name.  This case, the value of the variable
@code{tramp-default-host} is used.  Per default, it is initialized
with the host name your local @value{emacsname} is running.

If you, for example, use @value{tramp} mainly to contact the host
@samp{target} as user @samp{john}, you can specify:

@lisp
(setq tramp-default-user "john"
      tramp-default-host "target")
@end lisp

Then the simple file name @samp{@trampfn{ssh, , ,}} will connect you
to John's home directory on target.
@ifset emacs
Note, however, that the most simplification @samp{/::} won't work,
because @samp{/:} is the prefix for quoted file names.
@end ifset


@node Multi-hops
@section Connecting to a remote host using multiple hops
@cindex multi-hop
@cindex proxy hosts

Sometimes, the methods described before are not sufficient.  Sometimes,
it is not possible to connect to a remote host using a simple command.
For example, if you are in a secured network, you might have to log in
to a `bastion host' first before you can connect to the outside world.
Of course, the target host may also require a bastion host.

@vindex tramp-default-proxies-alist
In order to specify such multiple hops, it is possible to define a proxy
host to pass through, via the variable
@code{tramp-default-proxies-alist}.  This variable keeps a list of
triples (@var{host} @var{user} @var{proxy}).

 The first matching item specifies the proxy host to be passed for a
file name located on a remote target matching @var{user}@@@var{host}.
@var{host} and @var{user} are regular expressions or @code{nil}, which
is interpreted as a regular expression which always matches.

@var{proxy} must be a Tramp filename which localname part is ignored.
Method and user name on @var{proxy} are optional, which is interpreted
with the default values.
@ifset emacsgw
The method must be an inline or gateway method (@pxref{Inline
methods}, @pxref{Gateway methods}).
@end ifset
@ifclear emacsgw
The method must be an inline method (@pxref{Inline methods}).
@end ifclear
If @var{proxy} is @code{nil}, no additional hop is required reaching
@var{user}@@@var{host}.

If you, for example, must pass the host @samp{bastion.your.domain} as
user @samp{bird} for any remote host which is not located in your local
domain, you can set

@lisp
(add-to-list 'tramp-default-proxies-alist
             '("\\." nil "@trampfn{ssh, bird, bastion.your.domain,}"))
(add-to-list 'tramp-default-proxies-alist
             '("\\.your\\.domain\\'" nil nil))
@end lisp

Please note the order of the code.  @code{add-to-list} adds elements at the
beginning of a list.  Therefore, most relevant rules must be added last.

Proxy hosts can be cascaded.  If there is another host called
@samp{jump.your.domain}, which is the only one in your local domain who
is allowed connecting @samp{bastion.your.domain}, you can add another
rule:

@lisp
(add-to-list 'tramp-default-proxies-alist
             '("\\`bastion\\.your\\.domain\\'"
               "\\`bird\\'"
               "@trampfn{ssh, , jump.your.domain,}"))
@end lisp

@var{proxy} can contain the patterns @code{%h} or @code{%u}.  These
patterns are replaced by the strings matching @var{host} or
@var{user}, respectively.

If you, for example, wants to work as @samp{root} on hosts in the
domain @samp{your.domain}, but login as @samp{root} is disabled for
non-local access, you might add the following rule:

@lisp
(add-to-list 'tramp-default-proxies-alist
             '("\\.your\\.domain\\'" "\\`root\\'" "@trampfn{ssh, , %h,}"))
@end lisp

Opening @file{@trampfn{sudo, , randomhost.your.domain,}} would connect
first @samp{randomhost.your.domain} via @code{ssh} under your account
name, and perform @code{sudo -u root} on that host afterwards.  It is
important to know that the given method is applied on the host which
has been reached so far.  @code{sudo -u root}, applied on your local
host, wouldn't be useful here.

This is the recommended configuration to work as @samp{root} on remote
Ubuntu hosts.

@ifset emacsgw
Finally, @code{tramp-default-proxies-alist} can be used to pass
firewalls or proxy servers.  Imagine your local network has a host
@samp{proxy.your.domain} which is used on port 3128 as HTTP proxy to
the outer world.  Your friendly administrator has granted you access
under your user name to @samp{host.other.domain} on that proxy
server.@footnote{HTTP tunnels are intended for secure SSL/TLS
communication.  Therefore, many proxy server restrict the tunnels to
related target ports.  You might need to run your ssh server on your
target host @samp{host.other.domain} on such a port, like 443 (https).
See @uref{http://savannah.gnu.org/maintenance/CvsFromBehindFirewall}
for discussion of ethical issues.}  You would need to add the
following rule:

@lisp
(add-to-list 'tramp-default-proxies-alist
             '("\\`host\\.other\\.domain\\'" nil
               "@trampfn{tunnel, , proxy.your.domain#3128,}"))
@end lisp

Gateway methods can be declared as first hop only in a multiple hop
chain.
@end ifset


@node Customizing Methods
@section Using Non-Standard Methods
@cindex customizing methods
@cindex using non-standard methods
@cindex create your own methods

There is a variable @code{tramp-methods} which you can change if the
predefined methods don't seem right.

For the time being, I'll refer you to the Lisp documentation of that
variable, accessible with @kbd{C-h v tramp-methods @key{RET}}.


@node Customizing Completion
@section Selecting config files for user/host name completion
@cindex customizing completion
@cindex selecting config files
@vindex tramp-completion-function-alist

The variable @code{tramp-completion-function-alist} is intended to
customize which files are taken into account for user and host name
completion (@pxref{Filename completion}).  For every method, it keeps
a set of configuration files, accompanied by a Lisp function able to
parse that file.  Entries in @code{tramp-completion-function-alist}
have the form (@var{method} @var{pair1} @var{pair2} ...).

Each @var{pair} is composed of (@var{function} @var{file}).
@var{function} is responsible to extract user names and host names
from @var{file} for completion.  There are two functions which access
this variable:

@defun tramp-get-completion-function method
This function returns the list of completion functions for @var{method}.

Example:
@example
(tramp-get-completion-function "rsh")

     @result{} ((tramp-parse-rhosts "/etc/hosts.equiv")
         (tramp-parse-rhosts "~/.rhosts"))
@end example
@end defun

@defun tramp-set-completion-function method function-list
This function sets @var{function-list} as list of completion functions
for @var{method}.

Example:
@example
(tramp-set-completion-function "ssh"
 '((tramp-parse-sconfig "/etc/ssh_config")
   (tramp-parse-sconfig "~/.ssh/config")))

     @result{} ((tramp-parse-sconfig "/etc/ssh_config")
         (tramp-parse-sconfig "~/.ssh/config"))
@end example
@end defun

The following predefined functions parsing configuration files exist:

@table @asis
@item @code{tramp-parse-rhosts}
@findex tramp-parse-rhosts

This function parses files which are syntactical equivalent to
@file{~/.rhosts}.  It returns both host names and user names, if
specified.

@item @code{tramp-parse-shosts}
@findex tramp-parse-shosts

This function parses files which are syntactical equivalent to
@file{~/.ssh/known_hosts}.  Since there are no user names specified
in such files, it can return host names only.

@item @code{tramp-parse-sconfig}
@findex tramp-parse-shosts

This function returns the host nicknames defined by @code{Host} entries
in @file{~/.ssh/config} style files.

@item @code{tramp-parse-shostkeys}
@findex tramp-parse-shostkeys

SSH2 parsing of directories @file{/etc/ssh2/hostkeys/*} and
@file{~/ssh2/hostkeys/*}.  Hosts are coded in file names
@file{hostkey_@var{portnumber}_@var{host-name}.pub}.  User names
are always @code{nil}.

@item @code{tramp-parse-sknownhosts}
@findex tramp-parse-shostkeys

Another SSH2 style parsing of directories like
@file{/etc/ssh2/knownhosts/*} and @file{~/ssh2/knownhosts/*}.  This
case, hosts names are coded in file names
@file{@var{host-name}.@var{algorithm}.pub}.  User names are always @code{nil}.

@item @code{tramp-parse-hosts}
@findex tramp-parse-hosts

A function dedicated to @file{/etc/hosts} style files.  It returns
host names only.

@item @code{tramp-parse-passwd}
@findex tramp-parse-passwd

A function which parses @file{/etc/passwd} like files.  Obviously, it
can return user names only.

@item @code{tramp-parse-netrc}
@findex tramp-parse-netrc

Finally, a function which parses @file{~/.netrc} like files.
@end table

If you want to keep your own data in a file, with your own structure,
you might provide such a function as well.  This function must meet
the following conventions:

@defun my-tramp-parse file
@var{file} must be either a file name on your host, or @code{nil}.
The function must return a list of (@var{user} @var{host}), which are
taken as candidates for user and host name completion.

Example:
@example
(my-tramp-parse "~/.my-tramp-hosts")

     @result{} ((nil "toto") ("daniel" "melancholia"))
@end example
@end defun


@node Password handling
@section Reusing passwords for several connections.
@cindex passwords

Sometimes it is necessary to connect to the same remote host several
times.  Reentering passwords again and again would be annoying, when
the chosen method does not support access without password prompt
through own configuration.

The best recommendation is to use the method's own mechanism for
password handling. Consider @command{ssh-agent} for @option{ssh}-like
methods, or @command{pageant} for @option{plink}-like methods.

However, if you cannot apply such native password handling,
@value{tramp} offers altenatives.


@anchor{auth-sources}
@subsection Using an authentication file

@vindex auth-sources
The package @file{auth-source.el}, originally developed in No Gnus,
offers the possibility to read passwords from a file, like FTP does it
from @file{~/.netrc}.  The default authentication file is
@file{~/.authinfo.gpg}, this can be changed via the variable
@code{auth-sources}.

@noindent
A typical entry in the authentication file would be

@example
machine melancholia port scp login daniel password geheim
@end example

The port can be any @value{tramp} method (@pxref{Inline methods},
@pxref{External methods}), to match only this method.  When you omit
the port, you match all @value{tramp} methods.


@anchor{password-cache}
@subsection Caching passwords

If there is no authentication file, @value{tramp} caches the passwords
entered by you.  They will be reused next time if a connection needs
them for the same user name and host name, independently of the
connection method.

@vindex password-cache-expiry
Passwords are not saved permanently, that means the password caching
is limited to the lifetime of your @value{emacsname} session.  You
can influence the lifetime of password caching by customizing the
variable @code{password-cache-expiry}.  The value is the number of
seconds how long passwords are cached.  Setting it to @code{nil}
disables the expiration.

@vindex password-cache
If you don't like this feature for security reasons, password caching
can be disabled totally by customizing the variable
@code{password-cache} (setting it to @code{nil}).

Implementation Note: password caching is based on the package
@file{password-cache.el}.  For the time being, it is activated only
when this package is seen in the @code{load-path} while loading
@value{tramp}.
@ifset installchapter
If you don't use No Gnus, you can take @file{password.el} from the
@value{tramp} @file{contrib} directory, see @ref{Installation
parameters}.
@end ifset


@node Connection caching
@section Reusing connection related information.
@cindex caching

@vindex tramp-persistency-file-name
In order to reduce initial connection time, @value{tramp} stores
connection related information persistently.  The variable
@code{tramp-persistency-file-name} keeps the file name where these
information are written.  Its default value is
@ifset emacs
@file{~/.emacs.d/tramp}.
@end ifset
@ifset xemacs
@file{~/.xemacs/tramp}.
@end ifset
It is recommended to choose a local file name.

@value{tramp} reads this file during startup, and writes it when
exiting @value{emacsname}.  You can simply remove this file if
@value{tramp} shall be urged to recompute these information next
@value{emacsname} startup time.

Using such persistent information can be disabled by setting
@code{tramp-persistency-file-name} to @code{nil}.

Once consequence of reusing connection related information is that
@var{tramp} needs to distinguish hosts.  If you, for example, run a
local @code{sshd} on port 3001, which tunnels @command{ssh} to another
host, you could access both @file{@trampfn{ssh, , localhost,}} and
@file{@trampfn{ssh, , localhost#3001,}}.  @var{tramp} would use the
same host related information (like paths, Perl variants, etc) for
both connections, although the information is valid only for one of
them.

In order to avoid trouble, you must use another host name for one of
the connections, like introducing a @option{Host} section in
@file{~/.ssh/config} (@pxref{Frequently Asked Questions}) or applying
multiple hops (@pxref{Multi-hops}).

When @value{tramp} detects a changed operating system version on a
remote host (via the command @command{uname -sr}), it flushes all
connection related information for this host, and opens the
connection, again.


@node Remote Programs
@section How @value{tramp} finds and uses programs on the remote machine.

@value{tramp} depends on a number of programs on the remote host in order to
function, including @command{ls}, @command{test}, @command{find} and
@command{cat}.

In addition to these required tools, there are various tools that may be
required based on the connection method.  See @ref{Inline methods} and
@ref{External methods} for details on these.

Certain other tools, such as @command{perl} (or @command{perl5}) and
@command{grep} will be used if they can be found.  When they are
available, they are used to improve the performance and accuracy of
remote file access.

@vindex tramp-remote-path
When @value{tramp} connects to the remote machine, it searches for the
programs that it can use.  The variable @code{tramp-remote-path}
controls the directories searched on the remote machine.

By default, this is set to a reasonable set of defaults for most
machines.  The symbol @code{tramp-default-remote-path} is a place
holder, it is replaced by the list of directories received via the
command @command{getconf PATH} on your remote machine.  For example,
on GNU Debian this is @file{/bin:/usr/bin}, whereas on Solaris this is
@file{/usr/xpg4/bin:/usr/ccs/bin:/usr/bin:/opt/SUNWspro/bin}.  It is
recommended to apply this symbol on top of @code{tramp-remote-path}.

It is possible, however, that your local (or remote ;) system
administrator has put the tools you want in some obscure local
directory.

In this case, you can still use them with @value{tramp}.  You simply
need to add code to your @file{.emacs} to add the directory to the
remote path.  This will then be searched by @value{tramp} when you
connect and the software found.

To add a directory to the remote search path, you could use code such
as:

@lisp
@i{;; We load @value{tramp} to define the variable.}
(require 'tramp)
@i{;; We have @command{perl} in "/usr/local/perl/bin"}
(add-to-list 'tramp-remote-path "/usr/local/perl/bin")
@end lisp

@value{tramp} caches several information, like the Perl binary
location.  The changed remote search path wouldn't affect these
settings.  In order to force @value{tramp} to recompute these values,
you must exit @value{emacsname}, remove your persistency file
(@pxref{Connection caching}), and restart @value{emacsname}.


@node Remote shell setup
@section Remote shell setup hints
@cindex remote shell setup
@cindex @file{.profile} file
@cindex @file{.login} file
@cindex shell init files

As explained in the @ref{Overview} section, @value{tramp} connects to the
remote host and talks to the shell it finds there.  Of course, when you
log in, the shell executes its init files.  Suppose your init file
requires you to enter the birth date of your mother; clearly @value{tramp}
does not know this and hence fails to log you in to that host.

There are different possible strategies for pursuing this problem.  One
strategy is to enable @value{tramp} to deal with all possible situations.
This is a losing battle, since it is not possible to deal with
@emph{all} situations.  The other strategy is to require you to set up
the remote host such that it behaves like @value{tramp} expects.  This might
be inconvenient because you have to invest a lot of effort into shell
setup before you can begin to use @value{tramp}.

The package, therefore, pursues a combined approach.  It tries to
figure out some of the more common setups, and only requires you to
avoid really exotic stuff.  For example, it looks through a list of
directories to find some programs on the remote host.  And also, it
knows that it is not obvious how to check whether a file exists, and
therefore it tries different possibilities.  (On some hosts and
shells, the command @command{test -e} does the trick, on some hosts
the shell builtin doesn't work but the program @command{/usr/bin/test
-e} or @command{/bin/test -e} works.  And on still other hosts,
@command{ls -d} is the right way to do this.)

Below you find a discussion of a few things that @value{tramp} does not deal
with, and that you therefore have to set up correctly.

@table @asis
@item @var{shell-prompt-pattern}
@vindex shell-prompt-pattern

After logging in to the remote host, @value{tramp} has to wait for the remote
shell startup to finish before it can send commands to the remote
shell.  The strategy here is to wait for the shell prompt.  In order to
recognize the shell prompt, the variable @code{shell-prompt-pattern} has
to be set correctly to recognize the shell prompt on the remote host.

Note that @value{tramp} requires the match for @code{shell-prompt-pattern}
to be at the end of the buffer.  Many people have something like the
following as the value for the variable: @code{"^[^>$][>$] *"}.  Now
suppose your shell prompt is @code{a <b> c $ }.  In this case,
@value{tramp} recognizes the @code{>} character as the end of the prompt,
but it is not at the end of the buffer.

@item @var{tramp-shell-prompt-pattern}
@vindex tramp-shell-prompt-pattern

This regular expression is used by @value{tramp} in the same way as
@code{shell-prompt-pattern}, to match prompts from the remote shell.
This second variable exists because the prompt from the remote shell
might be different from the prompt from a local shell --- after all,
the whole point of @value{tramp} is to log in to remote hosts as a
different user.  The default value of
@code{tramp-shell-prompt-pattern} is the same as the default value of
@code{shell-prompt-pattern}, which is reported to work well in many
circumstances.

@item @var{tramp-password-prompt-regexp}
@vindex tramp-password-prompt-regexp
@vindex tramp-wrong-passwd-regexp

During login, @value{tramp} might be forced to enter a password or a
passphrase.  The difference between both is that a password is
requested from the shell on the remote host, while a passphrase is
needed for accessing local authentication information, like your ssh
key.

@var{tramp-password-prompt-regexp} handles the detection of such
requests for English environments.  When you use another localization
of your (local or remote) host, you might need to adapt this. Example:

@lisp
(setq
  tramp-password-prompt-regexp
    (concat
      "^.*"
      (regexp-opt
        '("passphrase" "Passphrase"
          ;; English
          "password" "Password"
          ;; Deutsch
          "passwort" "Passwort"
          ;; Fran@,{c}ais
          "mot de passe" "Mot de passe") t)
      ".*: