tramp: Password handling
4.12 Reusing passwords for several connections
==============================================
To avoid repeated prompts for passwords, consider native caching
mechanisms, such as ‘ssh-agent’ for ‘ssh’-like methods, or ‘pageant’ for
‘plink’-like methods.
TRAMP offers alternatives when native solutions cannot meet the need.
4.12.1 Using an authentication file
-----------------------------------
The package ‘auth-source.el’, originally developed for No Gnus, reads
passwords from different sources, auth-source (auth)Help for
users. The default authentication file is ‘~/.authinfo.gpg’, but this
can be changed via the variable ‘auth-sources’.
A typical entry in the authentication file:
machine melancholia port scp login daniel password geheim
DONTPRINTYET The port can take any TRAMP method (Inline methods, *noteDONTPRINTYET The port can take any TRAMP method (Inline methods,
External methods). Omitting port values matches all TRAMP methods.
Setting ‘auth-source-debug’ to ‘t’ to debug messages.
4.12.2 Caching passwords
------------------------
TRAMP can cache passwords as entered and reuse when needed for the same
user or host name independent of the access method.
‘password-cache-expiry’ sets the duration (in seconds) the passwords
are remembered. Passwords are never saved permanently nor can they
extend beyond the lifetime of the current Emacs session. Set
‘password-cache-expiry’ to ‘nil’ to disable expiration.
Set ‘password-cache’ to ‘nil’ to disable password caching.
*Implementation Note*: password caching depends on
‘password-cache.el’ package. TRAMP activates password caching only if
TRAMP can discover, while Emacs is loading, the package through
‘load-path’.