Michael Albinus <[email protected]> writes: Hi Michael,
sorry - it took a while to get my emacs config working with TRAMP from git (savannah) in order to apply the patch [1]. >>>> I see. It is not a problem of multi-hop per se, but a general problem of >>>> su(do) password prompts in Tramp. Will see what I could do. >>> >>> Ok, yes - but it's only a problem of the `sudo` method. For `su` the >>> current behaviour is correct. >> >> And perhaps 'doas' on *BSD? Don't know. > > Finally, I believe we must support Tramp methods 'sudo', 'sudoedit' and > 'doas'. I've prepared a patch (appended), could you pls check? The main > idea is, that for these methods the password of the previous hop is > reused. In case there is no "previous" hop, Tramp assumes a virtual one, > in order not to mix with the root password. > > The patch is not polished yet, but I'd like to know whether it works in > general outside my laptop. The patch improves things. I've tried two different scenarios (both using public key authentication for the SSH connection): 1. /ssh:[email protected]|sudo::/etc/passwd This triggers: a) an auth-source lookup for hostname="host.example.com", user="remoteuser", port="ssh" b) in case a) fails, a password prompt: `Password for /ssh:[email protected]: ` => This looks pretty good. The auth-source lookup has the proper information to find a matching password. And if auth-source finds a matching entry, b) (password prompt) gets skipped. Just a minor issue: the `port="ssh"` is a bit misleading. The previous `port="sudo"` seemed clearer. 2. /ssh:host.example.com|sudo::/etc/passwd Which uses a host entry in ~/.ssh/config: Host host.example.com User remoteuser This triggers: a) an auth-source lookup for hostname="host.example.com", user="", port="ssh" b) a prompt for the user name: `ssh user name for host.example.com (default kai): ` (the default seems to be the local (emacs session) username. So I changed that to `remoteuser`) c) a password prompt: `Password for /ssh:host.example.com: ` => This one still has some issues. The auth-source lookup happens before b) (the prompt for the user name) and it is not repeated after obtaining the correct user name in b). So the lookup will typically fail. The password prompt in c) doesn't show the user name entered in b). Is it possible to do b) (ask for the username) before a) (auth-source lookup)? An option to configure a connection specific sudo (default) user would be nice (or, even better, extract the user name from the ssh config). Thanks & Best Regards, Kai. [1] First I had to figure out how to convince straight.el to load the external version of TRAMP (from git@svannah). And then, I got errors from emacs 28.0.91: Method ‘ssh’ is not supported for multi-hops. which went away after switching to a fresh build of emacs 29.0.50 (aka master).
