0

I use ssh-key based authentication, with the keys being held on a smartcard. I am migrating to a new machine, where in my previous machine I had Emacs+Tramp set up nicely with the workflow.

However, now I am having issues. I found a solution, however I am wondering if there is a better way.

The setup

If I have an .ssh/config with the following entry:

Host remote
     HostName 1.2.3.4
     User root

remote has my SSH keys authorised, and if I run ssh remote in a normal shell, I am prompted for my smartcard pin, and can SSH with no issues.

However, in Emacs using tramp, I would normally ssh entering the filepath to ssh:remote:. However, in my fresh installation it instead prompts me for a username, and then a password.

First attempts

Following the suggestion of this answer, I increased the log level of tramp.

It showed me that tramp was running the following command: exec ssh -o ControlMaster=auto -o ControlPath='tramp.%C' -o ControlPersist=no -e none remote. Running this in a normal shell worked as expected.

I found that running ssh remote in eshell had the same problem.

I thought that maybe Emacs didn't have access to my ~/.bashrc config, where I configure my smartcard details:

export GPG_TTY="$(tty)"
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
gpgconf --launch gpg-agent

The solution (is there a better one?)

This answer suggested launching Emacs with bash -c emacs.

This ended up solving the problem, however I wonder if there is a more robust solution, i.e. one encoded in my config.el file, or similar.

Prunus Persica
  • 1,173
  • 9
  • 27

1 Answers1

0

As you can see, the problem is caused by inconsistencies between the Emacs and shell environment variables. You can use exec-path-from-shell, especially if you are using macOS. Or you can just setenv manually. Finally, Spacemacs and Doom have their own way of handling it, I see you mention config.el, not sure if you are using Doom, you can refer to them as well.

Tianshu Wang
  • 630
  • 2
  • 9