Categories
Networking Server SysAdmin

Moshing in a field

I’ve been working from a field and don’t have the low latency, reliable connectivity like I do in the city. What’s the best way to continue working across high latency, unreliable connections through a bastion host? Mosh (mobile shell)!

I’ll be demonstrating with macOS as the client and Ubuntu as the server since I use Debian-based systems in the following manner:

  • Hypervisors — Proxmox (which is built on top of Debian) for KVM and LXC.
  • Virtual Machines — Ubuntu (including as a Docker host).
  • Containers — Debian or Ubuntu (and to a lesser degree and for honorable mention, Alpine).

Install Mosh client with Homebrew:

brew install mosh

Install Mosh server with APT:

sudo apt-get install --yes mosh

Configure the server’s UFW to answer to the bastion host for SSH:

sudo ufw \
    allow from <BASTION IP> \
    to any \
    port 22 \
    proto tcp \
    ;

Configure the server’s UFW to answer to the bastion host for Mosh:

sudo ufw \
    allow from <BASTION IP> \
    to any \
    port 60000:61000 \
    proto udp \
    ;

Enabling UFW on a new, remote server:

(You should also consider Fail2Ban — especially if you’re exposing services to the public Internet)

sudo ufw enable

Now, what would normally be an SSH connection changes from:

ssh user@server

To:

mosh user@server

Mosh is not a replacement for Screen, but there’s a pretty creative (and a bit controversial) solution for using CRIU to treat it as such. The takeaway point is that you should use Mosh to reach back to Screen or tmux-based sessions.

Did this article save you time or money? I'd love a coffee!

Did you find this useful?
Please share with those who you believe would find this useful too!

Leave a Reply

Your email address will not be published. Required fields are marked *