I’ve been working from a field and don’t have the low latency, reliable connectivity like I do in the city. What’s the best way to continue working across high latency, unreliable connections through a bastion host? Mosh (mobile shell)!
I’ll be demonstrating with macOS as the client and Ubuntu as the server since I use Debian-based systems in the following manner:
- Hypervisors — Proxmox (which is built on top of Debian) for KVM and LXC.
- Virtual Machines — Ubuntu (including as a Docker host).
- Containers — Debian or Ubuntu (and to a lesser degree and for honorable mention, Alpine).
Install Mosh client with Homebrew:
brew install mosh |
Install Mosh server with APT:
sudo apt-get install -- yes mosh |
Configure the server’s UFW to answer to the bastion host for SSH:
1 2 3 4 5 6 | sudo ufw \ allow from <BASTION IP> \ to any \ port 22 \ proto tcp \ ; |
Configure the server’s UFW to answer to the bastion host for Mosh:
1 2 3 4 5 6 | sudo ufw \ allow from <BASTION IP> \ to any \ port 60000:61000 \ proto udp \ ; |
Enabling UFW on a new, remote server:
(You should also consider Fail2Ban — especially if you’re exposing services to the public Internet)
sudo ufw enable |
Now, what would normally be an SSH connection changes from:
ssh user@server |
To:
mosh user@server |
Mosh is not a replacement for Screen, but there’s a pretty creative (and a bit controversial) solution for using CRIU to treat it as such. The takeaway point is that you should use Mosh to reach back to Screen or tmux-based sessions.
Did this article save you time or money? I'd love a coffee!
Did you find this useful?
Please share with those who you believe would find this useful too!