[mosh-devel] Mosh re-connections

Stephen Villano stephen.p.villano at gmail.com
Fri Sep 28 02:39:55 EDT 2012


From what I'm seeing, Mosh appears to utilize SSH for initial connection, though the precise method is a bit vague. That is OK, mostly, as SSH rather secure in initial authentication. One has to go to some lengths to make it insecure.
How is the reconnect accomplished to avoid potential man in the middle attack or passive gathering to later potentially hijack the session?
From the presentation on the website, protocol and session were mixed in the discussion, where to each, each is exclusive. The session level seems to have been discussed far more than anything about securely connecting and what is done to prevent exposure of the connection on reconnection.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.mit.edu/pipermail/mosh-devel/attachments/20120928/1093552d/attachment.bin


More information about the mosh-devel mailing list