Saturday, August 29, 2015

Use Mosh instead of SSH

Mosh is a replacement for SSH. It's more robust and responsive, especially over Wi-Fi WiFi, cellular, and long-distance links.

# yum -y update

# yum install epel-release

# yum install mosh

# firewall-cmd --permanent --zone=public --add-port=60000-60020/udp

Note: If you are using any other program to manage your firewall, then you will need to manually ensure to open the UDP ports from 60000 to 61000. However, if you only expect to have a small number of concurrent connections, then a smaller range of ports can be opened provided it begins at port 60000 (e.g 60000:60020).

Note: If you are using Amazon EC2, you will need to open the ports in Amazon's security group (firewall).

# firewall-cmd --reload

# firewall-cmd --list-all

public (default)
  services: dhcpv6-client ssh
  ports: 80/tcp 60000-60020/udp
  masquerade: no
  rich rules:

In most use cases, Mosh is a drop-in replacement for SSH, meaning many SSH commands need only a simple alteration. For example:

client # mosh

However, if you use any other arguments with SSH (such as -p), then a slightly different syntax is needed:

client # mosh --ssh="ssh -i myserver.pem -p 22" centos@

Note: if you see the "It is required that your private key files are NOT accessible by others." error message, run chmod 400 myserver.pem.

Note: you do not need to start mosh-server manually, mosh-server will start automatically once it's connected.

Use nc command to test the udp connection:

client # nc -u 60000-60020

Note: to install nc, run yum install nmap-ncat.

server # ps auxww|grep -i mosh

centos   21000  1.0  0.0 171784  5748 ?        S    05:15   0:00 mosh-server new -s -c 256 -l LANG=en_US.UTF-8 -l LANGUAGE=en_US.UTF-8 -l LC_ALL=en_US.UTF-8

server # ss -lnu | grep :6000

tcp    UNCONN     0      0                  *:*


No comments: