[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: auth-source source password lookup for ssh + sudo

From: Kai Tetzlaff
Subject: Re: auth-source source password lookup for ssh + sudo
Date: Fri, 18 Feb 2022 13:51:02 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.91 (gnu/linux)

Michael Albinus <> writes:

> Kai Tetzlaff <> writes:
> Hi Kai,
>>>> with auth-source enabled when SSHing to a server with sudo as 2nd hop
>>>> like `|sudo:/etc/passwd` TRAMP apparently tries
>>>> to look up the sudo password using `user=root,,
>>>> port=sudo` (at least that is what auth-source-pass tells me with
>>>> debugging enabled [1]). Now, why does the lookup use `user=root` instead of
>>>> `user=notroot`. Is there a way to change that?
>>> Could you please be more precise? 
>>> `|sudo:/etc/passwd`
>>> does not look like a valid remote file name.
>> Sorry, you're right. I meant:
>>   /|sudo::/etc/passwd
> The default password for the "sudo" method is "root", and that's what
> Tramp uses. If you want to have another user, apply
>   /|sudo:user@:/etc/passwd
> Btw, in your example I don't understand why you want to access the
> remote host as user "notroot", and afterwards to change the user on that
> host to "notroot", again.

That's not what I want. The `sudo::` part *should* obtain `root`
privileges. However, the *password* which is required by sudo is the one
for the user of the first hop: `notroot`. So the password lookup should
be done for `notroot` instead of `root`.

Its not just the password lookup in auth-source, the password prompt
shown by TRAMP (if the password lookup faile) is misleading, too:

  Password for / 

This looks like a request for the password of the root user. However,
the password to be entered is that of `notroot` (the user of the first

> Best regards, Michael.

BR, Kai

reply via email to

[Prev in Thread] Current Thread [Next in Thread]