Cyber Security

How to achieve persistent SSH connections with the open source MOSH

MOSH makes it possible for SSH connection to persist, even as you roam from one network to another. Jack Wallen shows you how to install and use this handy tool.

Image: Funtap/Shutterstock

If you work with multiple wireless (or wired) connections within your company, and you find yourself having to move around the campus to take care of your admin duties, there might be times when you have an SSH connection going and you shift from one network to another. When that happens, your secure shell connection will drop. Or, maybe your single network connection isn’t always the most reliable? That’s all fine if whatever admin task you’re doing isn’t critical. What happens when you’re working on something important and that connection is broken? 

You don’t want that, which is why you should employ a tool like MOSH. MOSH stands for Mobile Shell and makes it possible for you to keep a persistent SSH connection—even if you change networks or your connection momentarily drops. Even better, MOSH usage is almost identical to SSH, at least from the user’s point of view. Under the hood, MOSH logs the user in via SSH and then starts a connection on a UDP port between 60000 and 61000, to keep the connection persistent.

Let’s get MOSH installed and see how it is used.

SEE: Checklist: Server inventory (TechRepublic Premium)

What you’ll need

MOSH is available for Linux, macOS, Windows, Android and iOS. You must install the MOSH package on both the server and the client. I’ll be demonstrating both ends with a Ubuntu-based Linux distribution. For those working with MacOS, make sure to download the binary installer from the MOSH download page. For those working with Windows, there is no native package, so you’ll have to use MOSH for Chrome.

How to install MOSH

MOSH is found in my distribution standard repositories. To install MOSH on Ubuntu-based distributions, the command would be:

sudo apt-get install mosh -y

If you’re on a Red Hat-based Linux distribution, the command would be:

sudo dnf install mosh -y

Make sure you install MOSH on both your client and your server.

How to use MOSH

Of course, this assumes you can already SSH from the client to the server. That being the case, you can use MOSH to make that connection like so:

mosh [email protected]

Where USER is the remote username and SERVER is either the IP address or domain of the server.

If, for some reason, you need to use a different UDP port, the command would be:

mosh -p PORT [email protected]

Where PORT is the port number, USER is the remote username, and SERVER is the IP address or domain of the server.

If you have configured SSH to use a non-standard port on your server, you’ll have to define it within the MOSH command like this:

mosh --ssh="ssh -p PORT" [email protected]

Where PORT is the non-standard SSH port on the server, USER is the remote username, and SERVER is the IP address of the server. You can combine the change in UDP and SSH ports like so:

mosh -p UDP --ssh="ssh -p SSH" [email protected]

Where UDP is the UDP port, SSH is the SSH port, USER is the remote username and SERVER is the IP address or domain of the server.

MOSH can also use SSH identities in the same way they are used in SSH, like this:

mosh -i IDENTITY

Where IDENTITY is the name of the identity you’ve configured in ~/.ssh/config.

How to configure the firewall

The one problem you could run into is if the firewall on your server refuses connections to the necessary ports MOSH will use. This is simple to get around. On a server using Uncomplicated Firewall (such as Ubuntu Server), the command to open those ports would be:

sudo ufw allow 60000:61000/udp

If your server uses iptables, the command would be:

sudo iptables -I INPUT 1 -p udp --dport 60000:61000 -j ACCEPT

Once you’ve allowed port access, MOSH should work just fine.

And that’s all there is to gaining a more reliable SSH connection between your client and server, with the help of MOSH. Give this tool a try and see if you find your SSH connections staying connected, even as you roam from one network to another.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.

Also see

 Source link

Back to top button
SoundCloud To Mp3