Mosh (software): Difference between revisions

`Mosh`
	Mosh, showing warning about intermittent network connection and local echoing feature.
Original author(s)	Keith Winstein
Initial release	March 12, 2012; 12 years ago
Stable release	1.2.4 / March 27, 2013
Repository	github.com/mobile-shell/mosh ;
Operating system	Unix-like systems
Type	Utility software
License	GNU GPLv3 with OpenSSL and iOS exceptions
Website	http://mosh.mit.edu

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 14:05, 18 December 2013

In computing, Mosh (mobile shell) is a tool used to connect from a client computer to a server over the Internet, to run a remote terminal.^[1] Mosh is similar^[2] to SSH, with additional features meant to improve usability for mobile users. The major features are:

Mosh keeps its connection when a user "roams" to different IP addresses, for example by moving to a different Wi-Fi network or when changing from Wi-Fi to 3G.^[3]

Mosh keeps the connection open when a user loses their Internet connection or puts their client to "sleep." SSH can lose its connection in such cases because TCP times out.^[4]

Mosh tries to show a user the keys they have typed, and deletions they have made to text, immediately, without waiting for network lag. It uses an adaptive system that predicts whether the application running on the server will decide to echo the user's keystrokes or deletions.^[5]^[6]

Design

Mosh works at a different layer from SSH. Whereas SSH transmits a stream of bytes in each direction (from server to client or client to server) using TCP, Mosh runs a terminal emulator at the server to figure out what should be on the screen.^[1] The server then transmits this screen to the client at a varying frame rate, depending on the speed of the network.^[7] This allows Mosh to save on network traffic on slow or intermittent connections.

Supported platforms

Mosh is available for most Linux distributions, Mac OS X, FreeBSD, NetBSD, and OpenBSD, Android, Solaris, and Cygwin.^[1] The iOS program iSSH includes an independent implementation of the Mosh protocol as an optional add-on.^[8]

Performance

Roaming

Mosh is built on the State-Synchronization Protocol (SSP) ^[9], which supports single-packet roaming.^[10] After the client has switched to a new IP address, a single packet that successfully reaches the server is enough to "roam" the connection. The client does not need to know it has roamed. (The client may be using a NAT and the NAT roamed instead.)^[7]

Packet loss

In the Mosh research paper,^[7] the creators tested SSP on a link with 29% packet loss, and found that SSP reduced the average response time by a factor of 50 (from 16.8 seconds to 0.33 seconds) compared with SSH, which uses TCP. However, another study by students at Stanford University found that SSP reduced the average response time by a factor of 30 (from 5.9 seconds to 0.19 seconds).^[11]

Local echo

According to mosh's developers, the program was found to be able to predict and immediately display 70% of user keystrokes,^[1]^[7] reducing the median response time to a keystroke to less than 5 milliseconds (masking the latency of the network). A different study by students at Stanford University found that Mosh was able to quickly echo 55% of user keystrokes^[12]

Backdraws and todo

The project is published in GIT this is the top of the users request list. ^[13]

A port per connection

Standard the server tries to alocate the first free UDP port in the range 60000-61000, per connection. This dynamic port allocation is considered an extra burden and risk for firewall maintenance. ^[14]: A significant part of the firewall-filtering happens through connection tracking, so called statefull filtering, this is based on the SYN/ACK flags in TCP segments, UDP packets don't have such flags.
Mitigation:

The UDP port on the server can be set per mosh connection, so that only a limited number of ports need to be opened ^[15]
Deep packet inspection firewalls and Application_firewalls can handle this better by looking at content of the packet and associate it to the initial connection.

IPV6 support

Mosh does currently not support IPV6, anyone interested is invited to contribute. ^[16]

Terminal scrollback and output drops

There is no such thing as scrollback with mosh, even if your terminal window has a scrollbar, it disappears when using mosh,^{[citation needed]} this is trade-off for garbage cleaning: binary output is wiped away for what should make sense: no session lockups because you accidentally did a cat of a binary. You will miss output like this. The best way to mitigate this is currently by using mosh in combination with screen (or byobu) ^[17]

ssh-agent forwarding

ssh-agent forwarding would be a welcome add-on. ^[18]

X11 forwarding.

X11 Forwarding not yet supported.^[19]

References

^ ^a ^b ^c ^d "Mosh: the mobile shell". Retrieved on 28 March 2013.
^ Brockmeier, Joe. "Into the Mosh Pit: A Mobile Shell Replacement for SSH", linux.com, 10 April 2012. Retrieved on 28 March 2013.
^ Delony, David. "Mosh: Secure Shell Without the Pain", Technopedia, 19 October 2012. Retrieved on 28 March 2013.
^ Cox, John. "MIT researchers chart a new approach for mobile Internet protocols", Network World, 6 July 2012. Retrieved on 28 March 2013.
^ Beckert, Axel. "Mosh and AutoSSH: Remote shell tools that make your life easier on a slow or constantly morphing network", Linux Magazine, November 2012.
^ Leyden, John. "MIT's mind-reading Mosh pits itself against SSH daemons", The Register, 13 April 2012. Retrieved on 28 March 2013.
^ ^a ^b ^c ^d Winstein, Keith. "Mosh: An Interactive Remote Shell for Mobile Clients", USENIX Annual Technical Conference 2012, Boston, Mass., 14 June 2012.
^ "iSSH Features", Zingersoft. Retrieved on 28 March 2013.
^ "MIT unveils a new Internet protocol for mobile clients"
^ Winstein, Keith and Balakrishnan, Hari. "Mosh: An Interactive Remote Shell for Mobile Clients (more detailed draft)". Retrieved on 28 March 2013.
^ Nagaraj, Kanthi and McMilin, Emily. "Mosh", Reproducing Network Research, 14 March 2013. Retrieved on 28 March 2013.
^ Aljunied, Ahmed. "Evaluation of Mosh 'Mobile Shell' Performance Results", Reproducing Network Research, 13 March 2013. Retrieved on 28 March 2013.
^ "Mosh GIT repository"
^ "Dangers of opening up a wide range of ports? (mosh)", IT Security (Stack Exchange), 13 April 2012. Retrieved on 28 March 2013.
^ "use -p to define remote UDP port"
^ "Missing IPv6-support"
^ "Scrollback and alternate screen (was: Use alternate screen on smcup/rmcup)"
^ "SSH Agent Forwarding"
^ "Support X forwarding"

[homepage-1] "Mosh: the mobile shell". Retrieved on 28 March 2013.

[linuxcom-2] Brockmeier, Joe. "Into the Mosh Pit: A Mobile Shell Replacement for SSH", linux.com, 10 April 2012. Retrieved on 28 March 2013.

[3] Delony, David. "Mosh: Secure Shell Without the Pain", Technopedia, 19 October 2012. Retrieved on 28 March 2013.

[networkworld-4] Cox, John. "MIT researchers chart a new approach for mobile Internet protocols", Network World, 6 July 2012. Retrieved on 28 March 2013.

[linuxmag-5] Beckert, Axel. "Mosh and AutoSSH: Remote shell tools that make your life easier on a slow or constantly morphing network", Linux Magazine, November 2012.

[register-6] Leyden, John. "MIT's mind-reading Mosh pits itself against SSH daemons", The Register, 13 April 2012. Retrieved on 28 March 2013.

[paper-7] Winstein, Keith. "Mosh: An Interactive Remote Shell for Mobile Clients", USENIX Annual Technical Conference 2012, Boston, Mass., 14 June 2012.

[8] "iSSH Features", Zingersoft. Retrieved on 28 March 2013.

[9] "MIT unveils a new Internet protocol for mobile clients"

[paperdraft-10] Winstein, Keith and Balakrishnan, Hari. "Mosh: An Interactive Remote Shell for Mobile Clients (more detailed draft)". Retrieved on 28 March 2013.

[stanford-11] Nagaraj, Kanthi and McMilin, Emily. "Mosh", Reproducing Network Research, 14 March 2013. Retrieved on 28 March 2013.

[stanford2-12] Aljunied, Ahmed. "Evaluation of Mosh 'Mobile Shell' Performance Results", Reproducing Network Research, 13 March 2013. Retrieved on 28 March 2013.

[13] "Mosh GIT repository"

[14] "Dangers of opening up a wide range of ports? (mosh)", IT Security (Stack Exchange), 13 April 2012. Retrieved on 28 March 2013.

[15] "use -p to define remote UDP port"

[16] "Missing IPv6-support"

[17] "Scrollback and alternate screen (was: Use alternate screen on smcup/rmcup)"

[18] "SSH Agent Forwarding"

[19] "Support X forwarding"

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

@@ Line 45: / Line 45: @@
 ===A port per connection===
-Standard the server tries to alocate the first free UDP port in the range 60000-61000, per connection.
+Standard the server tries to alocate the first free [[User_Datagram_Protocol|UDP]] port in the range 60000-61000, per connection.
-This dynamic port allocation is considered an extra burden and risk for firewall maintenance. <ref>[http://security.stackexchange.com/questions/13714/dangers-of-opening-up-a-wide-range-of-ports-mosh "Dangers of opening up a wide range of ports? (mosh)"], ''IT Security (Stack Exchange)'', 13 April 2012. Retrieved on 28 March 2013.</ref>: A significant part of the firewall-filtering happens through connection tracking, so called [[Stateful_firewall|statefull filtering]], this is based on the SYN/ACK flags in TCP packets, UDP packets don't have such flags.
+This dynamic port allocation is considered an extra burden and risk for firewall maintenance. <ref>[http://security.stackexchange.com/questions/13714/dangers-of-opening-up-a-wide-range-of-ports-mosh "Dangers of opening up a wide range of ports? (mosh)"], ''IT Security (Stack Exchange)'', 13 April 2012. Retrieved on 28 March 2013.</ref>: A significant part of the firewall-filtering happens through connection tracking, so called [[Stateful_firewall|statefull filtering]], this is based on the SYN/ACK flags in [[Transmission_Control_Protocol|TCP]] segments, UDP packets don't have such flags.
 <br />Mitigation:
 # The UDP port on the server can be set per mosh connection, so that only a limited number of ports need to be opened  <ref>[http://mosh.mit.edu/#usage "use -p to define remote UDP port"] </ref>

v t e Unix command-line interface programs and shell builtins
File system	cat chattr chmod chown chgrp cksum cmp cp dd du df file fuser ln ls mkdir mv pax pwd rm rmdir split tee touch type umask
Processes	at bg crontab fg kill nice ps time
User environment	env exit logname mesg talk tput uname who write
Text processing	awk basename comm csplit cut diff dirname ed ex fold head iconv join m4 more nl paste patch printf read sed sort strings tail tr troff uniq vi wc xargs
Shell builtins	alias cd echo test unset wait
Searching	find grep
Documentation	man
Software development	ar ctags lex make nm strip yacc
Miscellaneous	bc cal expr lp od sleep true and false
Categories Standard Unix programs Unix SUS2008 utilities List