

Chat over SSH - dsr12
https://github.com/shazow/ssh-chat

======
blfr
See also "Why aren’t we using SSH for everything?" by the same author
[https://news.ycombinator.com/item?id=8828543](https://news.ycombinator.com/item?id=8828543)

------
aroch
This was a ShowHN a few weeks ago:
[https://news.ycombinator.com/item?id=8743374](https://news.ycombinator.com/item?id=8743374)

------
nine_k
Supposedly this is a chat server to run as a login shell for users ssh-ing to
a particular box.

Apparently, unlike a e.g. Jabber server, your whole interaction, including the
typing of your messages, happens in the remote terminal session. Probably this
is perfectly fine for chatting inside your LAN, but probably not best if your
connectivity is limited or just has a high latency (imagine a ping from
Iceland to New Zealand).

It seems that long-term history is not supported yet.

Still this thing must be easier to set up than IRC over TLS.

~~~
hrjet
I wonder if latency can be improved by building upon Mosh[1], rather than SSH.

    
    
      [1]: https://mosh.mit.edu/

~~~
aroch
Mosh doesn't really impact real latency, just perceived latency by buffering
the screen (and ironically, is slower on good connections than regular ssh).

------
falcolas
The only change request I'd suggest is using IRC as the backend for that chat
(i.e. make the ssh chat daemon act as an IRC client to a local IRC instance
instead of using the Server.Broadcast mechanism) - it would give a big boost
in functionality with not a lot of additional effort.

~~~
Gurkenmaster
Most irc channels are public. It's not that useful unless the channel or maybe
the entire server is ssh and invite only.

~~~
irremediable
Wasn't the suggestion to run an IRC server _on the server you 're SSHing
into_? In which case, surely it'd only be accessible from that machine...

~~~
falcolas
Yup, this. The first obvious benefit is a well tested & implemented chat
engine with rooms, and the ability to add existing chat bots.

------
publicfig
This exposes your public key through /whois <username>. In order to protect
that along with hiding your system's default username, join with "ssh -o
PubkeyAuthentication=no <username>@chat.shazow.net"

~~~
sloppiiiii
Why does that matter if it is a public key?

~~~
falcolas
Theoretically, for DSA and RSA keys under 1024 bytes, they can be brute
forced. If you have one of these keys, you won't want to expose them.

It's security through obscurity, but obscurity in addition to real security
offers no real harm.

------
joosters
This makes me nostalgic for the days when I used commandline programs like
ytalk to chat with friends...

------
cryowaffle
Nice, although everyone is just trying it out willy nilly and exposing the
usernames on their computer

~~~
jamiesonbecker
True, and information leakage (ie pubkey) is always something, but usernames
are not cryptographically secure anyway.

------
robinduckett
Fun but laggy

------
ominous
woah this is really neat!

Lags a bit as you type, is that to be expected?

~~~
blfr
Depends how far away from the server you are. Anything over 100ms will lag a
little (or a lot). So yes for most of the world.

