I want to open a file inside Emacs which is located on a remote server, with sudo powers on the server. I can open local files with sudo via Tramp like this:
C-x C-f /sudo::/home/user/file
But I want to use sudo on the server:
C-x C-f /sudo::user#server/home/user/file
But this gives me sudo powers on my local machine, it asks for my sudo password on the local machine. Is there a way to use sudo on the server?
BTW: Emacs is not installed on the server
As of Emacs 24.3, an analog of the old multi: syntax has been layered on top of the modern tramp-default-proxies-alist approach, meaning that you can once again perform multi-hops without any prior configuration. For details, see:
C-hig (tramp)Ad-hoc multi-hops RET
With the new syntax, each 'hop' is separated by |. The example in the manual is:
C-xC-f /ssh:bird#bastion|ssh:you#remotehost:/path RET
Which connects firstly as bird#bastion, and from there to you#remotehost:/path
/su: or /sudo: on remote hosts
You can also use this syntax to sudo/su to root (or of course any other user) on a remote host:
C-xC-f /ssh:you#remotehost|sudo:remotehost:/path/to/file RET
Important: be sure to specify the hostname explicitly: sudo:remotehost: rather than sudo:: (see below).
As this still uses the proxy mechanism underneath, tramp-default-proxies-alist should now include the value ("remotehost" "root" "/ssh:you#remotehost:")
Meaning that the proxy /ssh:you#remotehost: is going to be used whenever you request a file as root#remotehost.
root is the default user for these methods, but you can of course also change to a non-root user with:
C-xC-f /ssh:you#remotehost|sudo:them#remotehost:/path/to/file RET
Always specify the remote hostname explicitly
You are probably used to using sudo:: or su:: and omitting the hostname. If you are staying on the localhost then this is still fine, but if you are hopping to a remote server then you must specify the hostname for every hop -- even if it is the same as for the previous hop. Always use sudo:hostname: or su:hostname: with remote hosts.
The trap here is that sudo:: does actually appear to work -- however when you do that the HOST for the dynamic proxy entry will be the hostname you originated from rather than the host you connected to. This will not only look confusing (as the wrong host will be displayed in the file paths), but it will also mean that any subsequent attempt to use sudo:: on your localhost will instead be proxied to the remote server! (and the proxy would also presumably be clobbered if you did the same thing on a second server, causing further issues).
In short, don't use :: when you multi-hop!
Emacs 27+
Starting from Emacs 27.1 (or Tramp 2.4.2, if using the GNU ELPA package) the :: case works intuitively, such that /ssh:you#remotehost|sudo:: will re-use remotehost rather than your own local host, and so you won't end up with a bad proxy entry.
In addition, the likes of /ssh:you#remotehost|sudo:localhost: are detected and flagged as user errors.
If you are liable to use a mixture of Emacs versions including versions earlier than 27 (or you are advising someone else who may be using an older version), then it would be safest to continue to treat :: as unsafe when multi-hopping, to avoid potential mishap. (I.e. specifying the correct remote host explicitly will remain the safest approach if the Tramp version is unknown.)
Update: Although this answer solved the original problem, it was written for emacs 20 or 21. For emacs 24, I recommend you use phils's answer because it offers more explanation and is up to date.
I think multi-hop filenames in tramp is what you're looking for.
The first hop would be ssh and the second would be sudo.
Update: Recent versions of emacs support multiple hops using proxies:
(add-to-list 'tramp-default-proxies-alist ("my-sudo-alias" nil "/ssh:user#ssh-host"))
Then invoke by opening:
/sudo:my-sudo-alias:file-on-ssh-host
I had some troubles with the selected answer. However, it worked when I added this line to .emacs:
(add-to-list 'tramp-default-proxies-alist '(".*" "\\`root\\'" "/ssh:%h:"))
And then executed the following:
/sudo:ssh-host:file-on-ssh-host
It was slightly confusing because at one point I was prompted for the "root" password, but entering my user's password granted me access. It also universally works on all hosts on the network. Also, I can still do this to not be root:
/ssh:ssh-host:file-on-ssh-host
From the tramp multi-hops configuration webpage
(add-to-list 'tramp-default-proxies-alist
'(nil "\\`root\\'" "/ssh:%h:"))
(add-to-list 'tramp-default-proxies-alist
'((regexp-quote (system-name)) nil nil))
Then any
C-x C-f /sudo:remote-host:/file
will open file using sudo after logged with the same username of the user running emacs but on the remote machine.
You have to ssh into the server first, then you have to run emacs locally.
Or you can use NFS with no_root_squash, or you can try with emacs server/client, although I have no idea of what may happen (do not use emacs myself)
Related
I found a related thread that describes how to login to a remote server using sshpass:
sshpass -p '<password>' <ssh/scp command>
How can logging in with password be accomplished in Emacs / Tramp?
I presently use the following and then enter the password manually:
C-x C-f /ssh:user#server:/home/user/public_html/
I have the following function, that I access from my right-click context pop-up menu:
(defun lawlist-remote-server-login ()
(interactive)
(find-file "/ssh:user#server:/home/user/public_html/"))
If you're simply trying to avoid typing your password, but you don't want to use SSH keys, you can use an authentication file.
From the TRAMP user manual:
4.12.1 Using an authentication file
The package auth-source.el, originally developed in No Gnus, offers
the possibility to read passwords from a file, like FTP does it from
~/.netrc. The default authentication file is ~/.authinfo.gpg, this can
be changed via the variable auth-sources.
A typical entry in the authentication file would be
machine melancholia port scp login daniel password geheim
The port can be any tramp method (see Inline methods, see External
methods), to match only this method. When you omit the port, you match
all tramp methods.
In case of problems, setting auth-source-debug to t gives useful debug
messages.
Edit:
The specific code that worked for the OP without requiring GnuPG is reproduced below.
Emacs configuration:
(setq auth-sources '("/Users/HOME/.0.data/.0.emacs/.authinfo"))
And in the .authinfo file identified above:
machine 12.34.56.789 login lawlist password 12345678 port ssh
I am running graphical Emacs 24.3.1 (this problem exists when using the console version as well) on Arch Linux. I am trying to use TRAMP to open files on a remote Fedora system by SSH with a private key which requires a password. Authentication works fine, and so does the listing of files. When I do try to open a file, my Emacs session hangs with "Tramp: Inserting `/{filename I'm trying to open}' ...done". It is not possible to abort with ESC ESC ESC or C-g. Does anyone have a solution to this?
Emacs 24 normally works very well with Tramp. What you might need is ControlMasterAuto in your .ssh/config file. This will ensure that the ssh connection information passes seamlessly to Emacs. This will also ensure that you only need to login once in a terminal and use multiple emacs frames in tramp mode. I have detailed the following steps
(1) Go to your .ssh/config file and add the following options
Host <hostname>
ControlMaster auto
ControlPath ~/.ssh/%r#%h:%p
ServerAliveCountMax=30
ServerAliveInterval=5
(2) Now login to the remote host through terminal.
(3) Open emacs frame and try opening the remote files through tramp (/ssh:). You must be able to connect to the remote host.
The above steps should work even for a two level authentication (using a rsa key +password).
This thread is old - however, a very similar problem on my FC22 laptop (tramp hanging when trying to type a colon following /su in the minibuffer) appears to be fixed by commenting the ::1 line in /etc/hosts.
I think this is very basic question in using tramp, but it doesn't work for me.
I have my ~/.ssh/config file that points to my amazon ec2 machine
Host amazon
Hostname xxxx.amazonaws.com
Port yyy
User me
IdentityFile ~/.ssh/ubuntu
ForwardAgent yes
I can easily do ssh amazon from my terminal and I go to amazon ec2 (so my config is right), but in emacs
I do:
C-x C-f /ssh1:amazon:
I always get this error
In Aquamacs:
Process *tramp/ssh1 amz* exited abnormally with code 255
In Emacs:
tramp: Opening connection at amz using ssh1...
tramp: Waiting for prompts from remote shell
tramp: Waiting 60s for prompt from remote shell
tramp-process-actions: Login failed
I also have other ssh configurations that they ssh to my virtual boxes on my local machine and they have the same problem.
I really appreciate any help.
One thing that's worth trying is using the sshx connection method. That makes tramp try to avoid any non-standard shell configuration on the remote host.
Like this:
C-x C-f /sshx:amazon:
The tramp method ssh1 forces ssh to be run in ssh v1 protocol mode with the parameter -1. ssh v1 has known weaknesses and is insecure. Hence a lot of sites disable the ssh v1 protocol.
You can verify this from the shell with ssh -1 me#xxxx.amazonaws.com.
Try other tramp connection methods like ssh, sftp or scpx. You can see all pre-configured connection methods with C-h v tramp-methods.
If Moritz Bunkus's answer doesn't solve the issue, then you can configure the verbosity of tramp's output with
M-x customize-variable RET tramp-verbose RET
In particular, level 6 is "sent and received strings" which might help you to determine whether the "Waiting for prompts from remote shell" is because it isn't receiving a prompt pattern that it recognises, or because of some more critical failure.
If it's simply receiving a prompt it doesn't recognise, then you might look at customizing the tramp-login-prompt-regexp or tramp-shell-prompt-pattern variables.
(Of course if your ssh agent is working correctly, then login prompts shouldn't be relevant.)
If you're running Emacs in Windows, then also see these Q&As:
Emacs: Tramp doesn't work
Using tramp with EmacsW32 and cygwin, possible?
I'm looking to set up an emacs server such that the files specified by emacsclients
are relative to the emacsclients' filesystem and not the server's filesystem. For instance, if I set up an
emacs server on a machine "darkstar" and I connect to this server through an emacsclient
on "brightstar" with the command
emacsclient -nw '~/fantastic'
The emacs server will attempt to edit the file ~/fantastic on darkstar and not on
brightstar. Id like the reverse of this. I'm open to all sorts of zany suggestions.
*Background note:
I want an emacs process that tracks all the buffers I open on various
machines, keeps track of my color settings, bindings, etc. I want all of this
available and replicated on any arbitrary machine with emacs. The emacs server
seems to do just this but without the ability to edit client's local files!
You should be able to set to set up a shell function which uses tramp, like
edit-local() {
emacsclient -e "(find-file (expand-file-name \"$1\" \"/ssh:$USER#$(hostname):$PWD\"))"
}
Of course you may have to change the tramp protocol to whatever you have setup.
Does the remote machine (the one running Emacs) have mounted the filesystem of the local machine? If so, you could issue something like:
emacsclient --eval ´(my-open-file "~/fantastic" "my-local-machine")´
You could then write the function my-open-file that could, for example, open the file //mounts/my-local-machine/home/YOUR-ACCOUNT/fantastic (assuming this is the mount point).
It will require some elisp-hacking and some script hacking (using, for example, Ruby) to build up the emacsclient command-line.
I would like to be able to use Matlab-mode (matlab.el) to run a matlab shell. The only problem is, Matlab is located on a remote host. Is this even possible? If so, please explain. I'm currently playing around with tramp but to no avail.
Thanks.
I just tried using the emacs matlab mode through ssh, no problem
had to make a script which loads matlab, couldn't just specify the command in matlab.el
so:
/home/second/remoteMatlab:
#!/bin/bash
ssh orac matlab -nodisplay
where orac is the host which has matlab. you can pass commands to ssh here. i use ssh config and key authentication so only need the hostname here
in matlab.el, find
(defcustom matlab-shell-command
and set to eg
(defcustom matlab-shell-command "/home/second/remoteMatlab"
I am not 100% sure what you are doing, but this seems possible. If
you use Tramp (or sshfs, my personal choice) to edit a script on a
remote machine, you will be able to run it on that remote machine. If
you have a *shell* buffer open, it can easily be ssh'd to that remote
machine. If you are doing something REPL-like where emacs sends input
to this buffer that's connected to a process over ssh, it should still
work. If it is communicating with a remote process over a socket, you
can use ssh forwarding to make the socket appear local.
Anyway, there is not much gap between local and remote, so this should
all work out.
Finally, to toe the (GNU) party line... have you tried Octave running locally?
#Yotham : I can't comment yet on earlier answers, but your problem (Script working, malab-shell command in emacs not) may be due to the fact that you didn't delete/rename your matlab.elc file?
This way emacs never gets to know of the change since it prefers .elc over .el files for speed.
Resolved the same issue for me.
cheers
tnt