Sam Gleske on 9 Jul 2012 19:55:36 -0700
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] MOSH - MIT's Interactive Remote Shell for mobile clients ( ssh replacement )
- From: Sam Gleske <email@example.com>
- To: "Philadelphia Linux User's Group Discussion List" <firstname.lastname@example.org>
- Subject: Re: [PLUG] MOSH - MIT's Interactive Remote Shell for mobile clients ( ssh replacement )
- Date: Mon, 9 Jul 2012 22:55:11 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=glUQ60f/bfJwRTqxskJAbgU8WVOVzOXyw9Vjc13lFog=; b=W6AmjVXSH7bPNRPEERzes+pJW5WilN6AQB2B60NZglM0o2I5IIaaUkw1GTciBU4v7J GNx2bDOxSaMHoZZgzTfd8FnWzqjZJwfcHtSGG2d59LV3RuuyYHWokd1EBebv+svQBLzg ViorAYITqqLy4m95anpQn9B0wrs/J0CRnFfHNw0r8QJbJH/dkJehuEeR1C489Exqk2q1 BjstpwP4t1sL6CoauRmFqqhgGM6aCU6dMoSvffygaXlncIQy9/y4c1BkLJw7l0boq3nb 8HjHTGXJ8ouHipqjdTRVDJ7iD3DwGSKePqA01zyz5G1fxp/qX22DwDsZLpJ6s4/cqu9+ tCRw==
- Reply-to: Philadelphia Linux User's Group Discussion List <email@example.com>
- Sender: firstname.lastname@example.org
On Mon, Jul 9, 2012 at 10:48 PM, Lee H. Marzke <email@example.com>
The video says that you need one additional port per concurrent
session open. So for small instances, you may only need 10 ports.
Yes SSH is used for initial auth only. I'll also have to try this soon.
Apparently the author is asking for a cryptographic review of the software according to one of the replies
(bottom) linked by JP. I would agree with that commenter that I am not letting mosh anywhere near a server that is of any importance (and that would include blogs about cheese sandwiches) until the software is more thoroughly reviewed. Also, it opens up several vulnerability vectors which may not have been discovered yet (i.e. you're opening several ports for just SSH rather than a single port).
Sure it might be fun to play with to see what it's like but I'm not putting this on any system I have responsibility for. Though the author stated in the youtube video that what they're really showing off is their protocol SSP and that mosh is simply a proof of concept of their protocol. Which is pretty neat.
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug