The sys admin's daily grind: Mosh
Shell on the Beach
Dangling your legs in the sea while enjoying the Mediterranean sunshine can affect the prospect of a good Internet connection; fortunately, Charly knows what to do.
I am writing this column on the Costa Brava and currently dangling my feet in the Med. This stretch of coast is aptly named; "brava" can be translated as "wild, inhospitable." Unfortunately, this description also applies to Internet coverage beyond the tourist beaches – although WiFi is ubiquitous in hotels, campsites, and bars. At the moment, I'm using a network operated by the "Xiringuito" beach bar near the picturesque ruins of the ancient Greek trading exclave of Empúries, and the connection is pretty brava.
This situation is not going to spoil the sunny afternoon for me, however, because I still have Mosh  stashed away as an ace in my beach bag. The SSH replacement consists of a client component and a server component along with a wrapper script. Initially, Mosh connects the client and server via SSH on port 22 in the normal way. Then, the server hands the client a key, with which it identifies itself henceforth, and Mosh drops the TCP connection.
At this point, the client and server talk only on UDP, using a port in the range between 60000 and 61000 by default. I can use the
--port=<Portnumber> parameter to force Mosh to prefer a specific port. UDP connections are very robust; they even survive client suspend phases.
What's even better is that, because the client uses the key initially received from the server to identify itself, it can even switch IP addresses. So, if the beach cafe network collapses and I swap to smartphone tethering, my Mosh session continues unfazed, and my seaside reverie is undisturbed.
Token of Appreciation
If the only available connection is unstable, this can lead to the known issue that SSH does not show you what you typed at the terminal until the TCP connection recovers. Although Mosh can't work miracles in this case, it is clever enough to guess what the terminal should be displaying, and it sends the characters for output just in case. Synchronization via UDP continues to run in the background. Thanks to Mosh's predictive mechanism, working at the command line is a much smoother experience for me than using SSH.
Mosh also doesn't leave you in the dark about what has actually been transferred and what bytes are just predicted: The characters that the Mobile Shell predicts are underlined (Figure 1). So, if I only want to see the whole truth, I can disable the prediction function by issuing
--predict=never. Equally, I can force prediction using
--predict=always. The default behavior is a compromise: Mosh measures the latency of UDP connection in the background and switches on the predictive function if the connection quality deteriorates.
Mosh has become indispensable for me on the road. It cannot completely replace SSH, because it currently does not support X11 or port forwarding and only speaks IPv4. However, the developers are working on IPv6 as well as on an app for Android mobile phones, which is due for release on some other sunny day.
- Mosh: http://mosh.mit.edu
Buy this article as PDF
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.