Next: FUSE setup hints, Previous: Remote shell setup hints, Up: Configuring TRAMP [Contents][Index]
4.19 Ssh setup hintsThe most common TRAMP connection family is based on either ssh or scp of OpenSSH, or plink or pscp of PuTTY on MS Windows. In the following, some configuration recommendations are given.
OpenSSH configuration files can use an Include option for further configuration files. Default TRAMP host name completion ignores this option. However, you can configure this yourself.
Given, your ~/.ssh/config file contains the following option:
The following code snippet in your .emacs uses all files in that directory for host name completion:
(tramp-set-completion-function
"ssh" (append (tramp-get-completion-function "ssh")
(mapcar (lambda (file) `(tramp-parse-sconfig ,file))
(directory-files
"~/.ssh/conf.d/"
'full directory-files-no-dot-files-regexp))))
This code snippet does it for the ssh method. If you replace "ssh" by "scp", it does it also for that method (or any other method you like).
ssh sessions on the local host hang when the network is down. TRAMP cannot safely detect such hangs. OpenSSH can be configured to kill such hangs with the following settings in ~/.ssh/config:
Host *
ServerAliveInterval 5
ServerAliveCountMax 2
The corresponding PuTTY configuration is in the Connection entry, Seconds between keepalives option. Set this to 5. PuTTY does not have a configuration option equivalent to OpenSSH’s ServerAliveCountMax.
4.19.3 Using ssh connection sharingTRAMP uses the ControlMaster=auto OpenSSH option by default, if possible. However, it overwrites ControlPath settings when initiating ssh sessions. TRAMP does this to fend off a stall if a master session opened outside the Emacs session is no longer open. That is why TRAMP prompts for the password again even if there is an ssh already open.
Some OpenSSH versions support a ControlPersist option, which allows you to set the ControlPath provided the variable tramp-ssh-controlmaster-options is customized as follows:
(customize-set-variable 'tramp-ssh-controlmaster-options (concat "-o ControlPath=/tmp/ssh-ControlPath-%%r@%%h:%%p " "-o ControlMaster=auto -o ControlPersist=yes"))
Note how ‘%r’, ‘%h’ and ‘%p’ must be encoded as ‘%%r’, ‘%%h’ and ‘%%p’.
Using a predefined string in tramp-ssh-controlmaster-options, or puzzling an own string, happens only when user option tramp-use-connection-share is set to t. If the ~/.ssh/config file is configured appropriately for the above behavior, then any changes to ssh can be suppressed with this nil setting:
(customize-set-variable 'tramp-use-connection-share nil)
Sometimes, it is not possible to use OpenSSH’s ControlMaster option for remote processes. This could result in concurrent access to the OpenSSH socket when reading data by different processes, which could block Emacs. In this case, setting tramp-use-connection-share to suppress disables shared access. It is not needed to set this user option permanently to suppress, binding the user option prior calling make-process is sufficient. TRAMP does this for esxample for compilation processes on its own.
tramp-use-connection-share should also be set to nil or suppress if you use the ProxyCommand or ProxyJump options in your ssh configuration.
In order to use the ControlMaster option, TRAMP must check whether the ssh client supports this option. This is only possible on the local host, for the first hop. TRAMP does not use this option on proxy hosts, therefore.
If you want to use this option also for the other hops, you must configure ~/.ssh/config on the proxy host:
Host *
ControlMaster auto
ControlPath tramp.%C
ControlPersist no
Check the ‘ssh_config(5)’ man page whether these options are supported on your proxy host.
On MS Windows, tramp-use-connection-share is set to nil by default, because the MS Windows and MSYS2 implementations of OpenSSH do not support this option properly.
In PuTTY, you can achieve connection sharing in the Connection/SSH entry, enabling the Share SSH connections if possible option. tramp-use-connection-share must be set to nil. If tramp-use-connection-share is set to t or suppress, plink is called with the option -share or -noshare, respectively.
TRAMP uses a temporary local copy when copying two files between different remote hosts via external methods. This behavior is due to authentication problems TRAMP cannot handle sufficiently. However, for scp connections this can be changed. When a file shall be copied between two different remote hosts ‘source’ and ‘target’, and
tramp-use-scp-direct-remote-copying is non-nil,scp running on host ‘source’ can authenticate to host ‘target’ without requiring a password,TRAMP applies direct remote copying between hosts ‘source’ and ‘target’ like
scp -p -T -R -q -r source:/path/to/file target:/path/to/another/file
This protects also your local temporary directory from overrun when copying large files.
If these conditions do not apply, and tramp-use-scp-direct-remote-copying is non-nil, the option ‘-3’ is used instead of ‘-R’.
When TRAMP uses direct remote copying, password caches are not consulted.
4.19.5 Issues with Cygwin and MS Windows sshThis section is incomplete. Please share your solutions.
MS Windows’ ssh does not open a remote TTY. Use the method sshx or scpx instead. Furthermore, it cannot read a passphrase for ssh private keys. Use the MS ssh-agent.
Cygwin’s ssh works only with a Cygwin version of Emacs. To check for compatibility: type M-x eshell RET, and start ssh test.host RET. Incompatibilities trigger this message:
Pseudo-terminal will not be allocated because stdin is not a terminal.
Some older versions of Cygwin’s ssh work with the sshx access method. Consult Cygwin’s FAQ at https://cygwin.com/faq/ for details.
On the Emacs Wiki it is explained how to use the helper program fakecygpty to fix this problem.
When using the scpx access method, Emacs may call scp with MS Windows file naming, such as c:/foo. But the version of scp that is installed with Cygwin does not know about MS Windows file naming, which causes it to incorrectly look for a host named ‘c’.
A workaround: write a wrapper script for scp to convert Windows file names to Cygwin file names.
When using the cygwin ssh-agent on MS Windows for password-less interaction, ssh methods depend on the environment variable SSH_AUTH_SOCK. But this variable is not set when Emacs is started from a Desktop shortcut and authentication fails.
One workaround is to use an MS Windows based SSH Agent, such as the native MS ssh-agent or Pageant. The latter is part of the PuTTY Suite of tools.
The fallback is to start Emacs from a shell.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4