Mosh – SSH Replacement

I had not been aware of Mosh (mobile shell), though clearly its own level of awesome is not a reason for that. Basically it replaces SSH, but still uses it for authentication and the like.

Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes. Mosh is a replacement for SSH. It's more robust and responsive, especially over Wi-Fi, cellular, and long-distance links. Mosh is free software, available for GNU/Linux, BSD, macOS, Solaris, Android, and Chrome. An iOS version is in testing.

https://www.youtube.com/watch?v=XsIxNYl0oyU

Install and Configure Mosh

Steps to install Mosh, create services file for firewalld, reload and make permanent.

sudo yum install mosh
sudo nano /etc/firewalld/services/mosh.xml

Add the following to mosh.xml

<?xml version="1.0" encoding="utf-8"?>                                               
<service>
  <short>MOSH</short>
<description>Mosh extends ssh for intermittent connect</description>                         
  <port protocol="udp" port="60001"/>
  <port protocol="udp" port="60002"/>
  <port protocol="udp" port="60003"/>
  <port protocol="udp" port="60004"/>
  <port protocol="udp" port="60005"/>
  <port protocol="udp" port="60006"/>
  <port protocol="udp" port="60007"/>
  <port protocol="udp" port="60008"/>
  <port protocol="udp" port="60009"/>
</service>

reload and restart firewalld

sudo firewall-cmd --reload
sudo firewall-cmd --add-service=mosh --permanent
sudo systemctl restart firewalld

MOSH Syntax

mosh --ssh="ssh -v -i /full/path/to/privkey" user@server

This essentially replaces the SSH command

 ssh -v -i /full/path/to/privkey user@server

SSH Config

SSH has a config file located at ~/.ssh/config which can help speed up connections with directives, such as:

Host HOST
RSAAuthentication yes
IdentityFile ~/.ssh/HOSTNAME
User USER@HOST
IdentitiesOnly yes

Identity file directives are usually needed on the command line in many cases, but the IdentitiesOnly yes helps restrict the public keys attempted in the authentication process.

Error Messages

If you get You have a detached Mosh session on this server, try:

kill $(ps --no-headers --sort=start_time -C mosh-server -o pid | head -n -1)

or better

pkill mosh

That will kill all but the latest session (hopefully yours, which you can then exit out of and re-enter).

See Also