Weblog entry #210 for ajt

Mosh
Posted by ajt on Sun 3 Nov 2013 at 16:57
Tags:

Yesterday I spotted a link to Mosh. I think I've seen it before but for some reason I bothered to read the whole article this time. Mosh is a whole new remote shell tool specially designed to work over mobile and intermittent networks. It's in Debian stable so I installed it and gave it ago. At the moment it's not a replacement for SSH, so you will still need SSH but only to bootstrap the tool.

You start a Mosh session by typing:$ mosh user@server

Just like you would on SSH, in fact that's how is starts, you login to the remote server and start a mosh-server in your name (no root code). Back on the client you then connect to the most-server using the mosh-client. The two ends exchange data using UDP not TCP, and the connection is encrypted by AES-128 in OCB mode.

Each end maintains what it thinks the "screen" should look like, so the client mostly does local echo reducing lag - though there is smart stuff in there to decide when not to. As long as the client and server are still running, being UDP they will re-connect after outage and client IP change as if nothing had happened. Should you become disconnected then when you reconnect the two ends resynchronise the current state the state of the server during the outage is irrelevant and thrown away, works even after the client is suspended and wakes up on a different network.

The developers claim that they offer better UTF terminal support than most other tools, and the modular design of the whole tool makes it easier to extend than SSH and should make security auditing easier.

Anyhow it's interesting, have a look if you have time. mosh.mit.edu. It's not yet a complete SSH replacement but for lots of things it's still very useful, faster than SSH and more robust in real world use. I can't comment on how secure it is, and the authors say they are confident but they are open that it's not had the same review that OpenSSH has.