Sam Gleske on 9 Jul 2012 19:55:36 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] MOSH - MIT's Interactive Remote Shell for mobile clients ( ssh replacement )

On Mon, Jul 9, 2012 at 10:48 PM, Lee H. Marzke <> wrote:
The video says that you need one additional port per concurrent
session open.  So for small instances,  you may only need 10 ports.

Yes SSH is used for initial auth only.  I'll also have to try this soon.


Apparently the author is asking for a cryptographic review of the software according to one of the replies (bottom) linked by JP.  I would agree with that commenter that I am not letting mosh anywhere near a server that is of any importance (and that would include blogs about cheese sandwiches) until the software is more thoroughly reviewed.  Also, it opens up several vulnerability vectors which may not have been discovered yet (i.e. you're opening several ports for just SSH rather than a single port).

Sure it might be fun to play with to see what it's like but I'm not putting this on any system I have responsibility for.  Though the author stated in the youtube video that what they're really showing off is their protocol SSP and that mosh is simply a proof of concept of their protocol.  Which is pretty neat.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --