<div dir="ltr">HI folks,<div><br></div><div>2FA is usually (always?) used for authentication requests. Since mosh leverages ssh, it automatically inherits ssh's 2FA configuration, if one exists. I don't think it makes sense for mosh to add its own 2FA at some sort of regular interval, as that would be easily bypassed by a user patching this feature out and running a custom mosh. (mosh doesn't have a privileged server-side component, it's just a normal user process).</div><div><br></div><div>If re-authentication is a concern, then you should limit the time of a session being open server-side. An ssh session could hypothetically last days/weeks too.</div><div><br></div><div>Sincerely,</div><div>-Alex</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Feb 5, 2024 at 8:44 AM Dave Taht <<a href="mailto:dave.taht@gmail.com">dave.taht@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">mosh leverages ssh to initiate the connection, which can be 2FA.<br>
<br>
However the advantage to mosh is its persistence, so adding 2FA to it<br>
periodically would make sense.<br>
<br>
On Mon, Feb 5, 2024 at 8:15 AM Rafael Ribeiro dos Santos<br>
<<a href="mailto:Rafael.Santos@uib.no" target="_blank">Rafael.Santos@uib.no</a>> wrote:<br>
><br>
> Hello,<br>
><br>
> My name is Rafael and I currently work for University of Bergen in Norway, supporting users of our HPC systems.<br>
><br>
> An user recently created a ticket asking to have Mosh available as his connection is not very reliable and I escalated to our internal team, which asked me if Mosh would work with the 2FA we are implementing on the servers.<br>
><br>
> Since it is not fully implemented yet, I couldn't test it but just look for more information online on the GitHub repos and discussions. However, I just found very old messages from 2017.<br>
><br>
> My question is: does Mosh support 2FA? Are there any issues or details we should observe when installing Mosh and using with the 2FA?<br>
><br>
> Thank you!<br>
><br>
> Best Regards,<br>
> Rafael<br>
> _______________________________________________<br>
> mosh-devel mailing list<br>
> <a href="mailto:mosh-devel@mit.edu" target="_blank">mosh-devel@mit.edu</a><br>
> <a href="https://mailman.mit.edu/mailman/listinfo/mosh-devel" rel="noreferrer" target="_blank">https://mailman.mit.edu/mailman/listinfo/mosh-devel</a><br>
<br>
<br>
<br>
-- <br>
40 years of net history, a couple songs:<br>
<a href="https://www.youtube.com/watch?v=D9RGX6QFm5E" rel="noreferrer" target="_blank">https://www.youtube.com/watch?v=D9RGX6QFm5E</a><br>
Dave Täht CSO, LibreQos<br>
<br>
_______________________________________________<br>
mosh-devel mailing list<br>
<a href="mailto:mosh-devel@mit.edu" target="_blank">mosh-devel@mit.edu</a><br>
<a href="https://mailman.mit.edu/mailman/listinfo/mosh-devel" rel="noreferrer" target="_blank">https://mailman.mit.edu/mailman/listinfo/mosh-devel</a><br>
</blockquote></div>