Mosh – a robust, responsive replacement for SSH

[+] akent|11 years ago|reply

Previous discussions:

https://news.ycombinator.com/item?id=8252093

https://news.ycombinator.com/item?id=5016745

https://news.ycombinator.com/item?id=3819382

[+] mholt|11 years ago|reply

Did anyone else see this file about how a guy used mosh to escape from an elevator? http://gopher.floodgap.com/gopher/gw.lite?gopher://sdf.org:7...

[+] Maakuth|11 years ago|reply

I wouldn't call it a replacement, as it uses ssh for authentication and strives to not reinvent the wheel there. That is actually what makes mosh so nice - if you have your hosts in .ssh/config and your public key installed to your hosts, you can use mosh instead of ssh in interactive sessions and It Just Works. You still have ssh for file transfer, TCP and X11 forwarding, etc.

For telecommuting, it's really nice to have mosh handle handovers between wifi and 3g/4g networks so gracefully. And for high latency links, it makes the user experience a bit less annoying.

edit: missing word added

[+] zobzu|11 years ago|reply

Is this auto submitted every 6mo? Because that's what it's looking like.

There is no changes from the past 3 submissions...

[+] tobz|11 years ago|reply

If I had to guess, I'd say this got posted because of the relevance next to the other posts about multiplexing SSH/HTTP over a single connection.

[+] kefka|11 years ago|reply

Doesn't support the following:

    Forwarding of X11, SSH agent, etc.
    IPv6, with roaming between v4 and v6
    Android client

The x-forwarding is what kills me. Still waiting for it though.

[+] aroch|11 years ago|reply

JuiceSSH (probably the most popular Android SSH client) supports mosh fully.

[+] razzmataz|11 years ago|reply

Does it support any sort of port forwarding, not just X11?

[+] PindakaasMan|11 years ago|reply

I've being using Mosh for some time now. I really like it that apps like JuicySSH also support is so when my server goes down I can fix it on the go.

[+] lepht|11 years ago|reply

Unfortunately the one iOS app that supports mosh (iSSH) was removed from the app store late last year. I've heard that the mosh license isn't compatible with the App Store(?)

[+] blueskin_|11 years ago|reply

Mosh is nice, but I always feel wary about opening a big port range for it. Had it on my todo list for ages to work out a way of temporarily opening the port range for an IP that makes a successful SSH login.

[+] falcolas|11 years ago|reply

FWIW, it works well with a fairly typical "allow all out, deny all in" firewall configuration. That is what I have set up on my server, and it works fine.

If you go the deny all out, yeah, you'll probably have to set up more specific outgoing exceptions for Mosh.

[+] jamies888888|11 years ago|reply

You can open a single UDP port and specify the port number using the -p option when connecting.

[+] ryanlol|11 years ago|reply

If you're worried about opening ports, you're doing security wrong.

[+] unknown|11 years ago|reply

[deleted]

[+] smhenderson|11 years ago|reply

This looks cool on the surface but I'm not sure how to feel about it; do I really want to add another layer on top of SSH without worrying about security leaks?

While I'm sure it can be done right I will probably reserve judgment until I have time to thouroughly check this out. The pros aren't many but I do like the thought of roaming connections. That and the local edit, echo, delete looks like it would help with editing (vim/gvim) over some lagging connections I sometimes get.

Definitely something to keep an eye on though, nice write up too.

[+] the_duck|11 years ago|reply

What amazes me about mosh is how it handles transitions in and out of the private wifi network at my school. When I want to ssh to school machines from off campus, I generally need to use a VPN. Without the VPN the machines are unreachable: if I ping them, no packets are returned; ssh attempts fail. Using mosh, though, I've found that I can start a session at school and resume it off campus, no VPN necessary. This seems like magic to me. Can anyone explain how mosh does this?

[+] bisho|11 years ago|reply

Uses udp and probably udp is not filtered in the firewall

[+] eatonphil|11 years ago|reply

"Mosh is a replacement for SSH". "The mosh client logs in to the server via SSH..." Huh? I'm confused. So is it a replacement or is it an abstraction?

[+] blueskin_|11 years ago|reply

Abstraction. It's its own transport, but needs SSH to establish the session.

[+] frankzander|11 years ago|reply

Luckily Mosh isn't a real replacement. The first what comes in my mind wars "All the crypto rewritten?" and then I read "Uses SSH for Auth" ... SSH is robust and wide used ... I want no replacement for ssh because it seems like solid crypto. But mosh seems interesting.

[+] khanan|11 years ago|reply

Biggest drawback is that none of the commercial clients will implement support for it, that's what killed it for me (SecureCRT developer VanDyk told my company NOPE!) due to license issues :(

[+] jeffcox|11 years ago|reply

Yeah, what's the point of creating a great, mobile focused alternative (or enhancement, however you'd like to describe it) to SSH if no one will implement it on iOS because it's GPLv3?

[+] belorn|11 years ago|reply

If a company want to create a proprietary client, they can always do that. They simply has to pay programmers to do the work, rather then freeload on the work of a research university.

Alternative they could collaborate with the research community, adding to the common knowledge in computer science and security on a deal where everyone share in access. For security and encryption software, I find this deal to be quite necessary for everyone involved and are thus glad with projects license choice.

[+] mkesper|11 years ago|reply

Using proprietary software for security is a no-go.

[+] visarga|11 years ago|reply

I like mosh but you can't scroll back in it. That's not nice.

[+] navaati|11 years ago|reply

Use tmux.

[+] jamies888888|11 years ago|reply

Just been using this for the last week or so. It's great, especially for trains (intermittent connections) and geographically far-away servers (high-latency connections).

[+] jkot|11 years ago|reply

Screen (terminal program) already offers most of those features.

[+] warnhardcode|11 years ago|reply

Mosh and screen/tmux serve different roles. Mosh keeps your connection and reconnects across all sorts of events that would break your ssh connection. (laptop sleeps, different networks). Then screen/tmux manages the sessions on the other side of that connection.

Maybe I don't understand everything screen can do, which is very possible.

[+] bergie|11 years ago|reply

It does offer persistent sessions. However, the other nice part of Mosh is how it handles low-quality connections. I can use vim over SSH pretty nicely over 3G or crappy conference WiFi thanks to it.

[+] dalanmiller|11 years ago|reply

Anyone know when Mosh will support IPv6?

[+] sliken|11 years ago|reply

looks like it does. Check out the github mosh issues on ipv6.

45 comments