[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tramp-auto-auth.el --- TRAMP automatic authentication library
From: |
Bruno Félix Rezende Ribeiro |
Subject: |
Re: tramp-auto-auth.el --- TRAMP automatic authentication library |
Date: |
Wed, 28 Aug 2019 20:50:15 -0300 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Hello Michael and other GNU Emacs developers,
Thanks for your reply.
Michael Albinus <address@hidden> writes:
> Frankly, I'm not enthusiastic adding cleartext passwords into
> Tramp. This has all the security flaws you know, and is good for
> problems. At least in core Tramp it shouldn't be propagated.
Please, find attached the implementation of tramp-auto-auth.el using
exclusively the auth-source library.
I did as you suggested except that I didn’t add a new keyword nor made
any change to auth-source.el.
Quoting from the commentary section:
When a TRAMP prompt is encountered, ‘tramp-auto-auth-mode’ queries
the alist ‘tramp-auto-auth-alist’ for the auth-source spec value
whose regexp key matches the correspondent TRAMP path. This spec
is then used to query the auth-source library for a presumably
phony entry exclusively dedicated to the whole class of TRAMP
paths matching that regexp.
To make use of the automatic authentication feature, on the Lisp
side the variable ‘tramp-auto-auth-alist’ must be customized to
hold the path regexps and their respective auth-source specs, and
then ‘tramp-auto-auth-mode’ must be enabled. For example:
---- ~/.emacs.el -------------------------------------------------
(require 'tramp-auto-auth)
(add-to-list
'tramp-auto-auth-alist
'("root@10\\.0\\." .
(:host "Funny-Machines" :user "root" :port "ssh")))
(tramp-auto-auth-mode)
------------------------------------------------------------------
After this, just put the respective sacred secret in an
authentication source supported by auth-source library. For
instance:
---- ~/.authinfo.gpg ---------------------------------------------
machine Funny-Machines login root password "$r00tP#sWD!" port ssh
------------------------------------------------------------------
In case you are feeling lazy or the secret is not so secret (nor so
sacred) -- or for any reason you need to do it all from Lisp --
it’s enough to:
(auth-source-remember '(:host "Funny-Machines" :user "root" :port "ssh")
'((:secret "$r00tP#sWD!")))
And happy TRAMPing!
Is this feature in this form suitable for inclusion in the TRAMP
standard distribution?
Please, let me know what you think.
tramp-auto-auth.el
Description: application/emacs-lisp
--
88888 FFFFF Bruno Félix Rezende Ribeiro (oitofelix) [0x28D618AF]
8 8 F http://oitofelix.freeshell.org/
88888 FFFF mailto:address@hidden
8 8 F irc://chat.freenode.org/oitofelix
88888 F xmpp://address@hidden