Re: tramp-auto-auth.el --- TRAMP automatic authentication library

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tramp-auto-auth.el --- TRAMP automatic authentication library

From:	Bruno Félix Rezende Ribeiro
Subject:	Re: tramp-auto-auth.el --- TRAMP automatic authentication library
Date:	Wed, 28 Aug 2019 20:50:15 -0300
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

Hello Michael and other GNU Emacs developers,

Thanks for your reply.

Michael Albinus <address@hidden> writes:

> Frankly, I'm not enthusiastic adding cleartext passwords into
> Tramp. This has all the security flaws you know, and is good for
> problems. At least in core Tramp it shouldn't be propagated.

Please, find attached the implementation of tramp-auto-auth.el using
exclusively the auth-source library.

I did as you suggested except that I didn’t add a new keyword nor made
any change to auth-source.el.

Quoting from the commentary section:

   When a TRAMP prompt is encountered, ‘tramp-auto-auth-mode’ queries
   the alist ‘tramp-auto-auth-alist’ for the auth-source spec value
   whose regexp key matches the correspondent TRAMP path.  This spec
   is then used to query the auth-source library for a presumably
   phony entry exclusively dedicated to the whole class of TRAMP
   paths matching that regexp.

   To make use of the automatic authentication feature, on the Lisp
   side the variable ‘tramp-auto-auth-alist’ must be customized to
   hold the path regexps and their respective auth-source specs, and
   then ‘tramp-auto-auth-mode’ must be enabled.  For example:

   ---- ~/.emacs.el -------------------------------------------------
   (require 'tramp-auto-auth)

   (add-to-list
    'tramp-auto-auth-alist
    '("root@10\\.0\\." .
      (:host "Funny-Machines" :user "root" :port "ssh")))

   (tramp-auto-auth-mode)
   ------------------------------------------------------------------

   After this, just put the respective sacred secret in an
   authentication source supported by auth-source library.  For
   instance:

   ---- ~/.authinfo.gpg ---------------------------------------------
   machine Funny-Machines login root password "$r00tP#sWD!" port ssh
   ------------------------------------------------------------------

   In case you are feeling lazy or the secret is not so secret (nor so
   sacred) -- or for any reason you need to do it all from Lisp --
   it’s enough to:

   (auth-source-remember '(:host "Funny-Machines" :user "root" :port "ssh")
                         '((:secret "$r00tP#sWD!")))

   And happy TRAMPing!

Is this feature in this form suitable for inclusion in the TRAMP
standard distribution?

Please, let me know what you think.

tramp-auto-auth.el
Description: application/emacs-lisp


-- 
 88888  FFFFF Bruno Félix Rezende Ribeiro (oitofelix) [0x28D618AF]
 8   8  F     http://oitofelix.freeshell.org/
 88888  FFFF  mailto:address@hidden
 8   8  F     irc://chat.freenode.org/oitofelix
 88888  F     xmpp://address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

tramp-auto-auth.el --- TRAMP automatic authentication library, Bruno Félix Rezende Ribeiro, 2019/08/22
- Re: tramp-auto-auth.el --- TRAMP automatic authentication library, Michael Albinus, 2019/08/27
  - Re: tramp-auto-auth.el --- TRAMP automatic authentication library, Bruno Félix Rezende Ribeiro <=
    - Re: tramp-auto-auth.el --- TRAMP automatic authentication library, Michael Albinus, 2019/08/29
    - Re: tramp-auto-auth.el --- TRAMP automatic authentication library, Bruno Félix Rezende Ribeiro, 2019/08/31

Prev by Date: Emacs 26.3 released
Next by Date: elpa-deploy.el --- ELPA deployment library
Previous by thread: Re: tramp-auto-auth.el --- TRAMP automatic authentication library
Next by thread: Re: tramp-auto-auth.el --- TRAMP automatic authentication library
Index(es):
- Date
- Thread