I’ve been working from a field and don’t have the low latency, reliable connectivity like I do in the city. What’s the best way to continue working across high latency, unreliable connections through a bastion host? Mosh (mobile shell)!
I’ll be demonstrating with macOS as the client and Ubuntu as the server since I use Debian-based systems in the following manner:
- Hypervisors — Proxmox (which is built on top of Debian) for KVM and LXC.
- Virtual Machines — Ubuntu (including as a Docker host).
- Containers — Debian or Ubuntu (and to a lesser degree and for honorable mention, Alpine).
Install Mosh client with Homebrew:
brew install mosh
Install Mosh server with APT:
sudo apt-get install --yes mosh
Configure the server’s UFW to answer to the bastion host for SSH:
sudo ufw \
allow from <BASTION IP> \
to any \
port 22 \
proto tcp \
;
Configure the server’s UFW to answer to the bastion host for Mosh:
sudo ufw \
allow from <BASTION IP> \
to any \
port 60000:61000 \
proto udp \
;
Enabling UFW on a new, remote server:
(You should also consider Fail2Ban — especially if you’re exposing services to the public Internet)
sudo ufw enable
Now, what would normally be an SSH connection changes from:
ssh user@server
To:
mosh user@server
Mosh is not a replacement for Screen, but there’s a pretty creative (and a bit controversial) solution for using CRIU to treat it as such. The takeaway point is that you should use Mosh to reach back to Screen or tmux-based sessions.
Did this article save you time or money? I'd love a coffee!
Did you find this useful?
Please share with those who you believe would find this useful too!