this post was submitted on 22 Jun 2023
1 points (100.0% liked)

Linux

2062 readers
1 users here now

founded 2 years ago
MODERATORS
 

How do people here feel about mosh to the wide internet? We provide SSH, and use both normal secure passwords and duo for all logins. We've had a few more inquiries about using mosh recently, and looking at it, the big concerns I'd have are potentially the firewall rules (is it outgoing or incoming high port?) and the long lasting authentication across IPs and network connections. On unmanaged collaborator or partner devices this seems like a kind of hole if the device is compromised or stolen, where the session can live for "a long time".

However, I tend to believe them that their AES session keys make it pretty unlikely to be hijacked just over the net. Is there any consensus?

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here