Hacker News new | past | comments | ask | show | jobs | submit login

It uses ssh as the authentication and authorization channel to set up the socket on the remote machine. I don't want to make too many pronouncements as I haven't used it, but surely that's an example of being conservative with security behavior, not cavalier.

That said, I think the single biggest annoyance for me with ssh is the connection setup latencies (something like ... 9 round trips and a by-default-rdns-lookup I think?). This thing can only be worse in that respect.




Well, it helps in that you need to initiate a connection much less often. Once you have a connected mosh session, it will transparently roam with you, across suspend/resume or changing networks, as long as you like.

But yes, it can't help with the initial connection, which has to be bootstrapped over ssh.


Any time you are moving from one IP address to another, it better have some damn good security or else anyone will be able to hijack your session.


For some definition of "damn good" I guess. All security protocols can have holes. But a trivial session key is hardly rocket surgery. And spoofing attacks (which I assume is what you're talking about) don't require moving between one IP and another anyway.


If you are opening multiple ssh connections to the same host, you can add the following to your .ssh/config file

# Multiplex connections if there is more than one Host * ControlMaster auto ControlPath ~/.ssh/master-%r@%h:%p




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: