[mosh-devel] Mosh re-connections

Keith Winstein keithw at MIT.EDU
Fri Sep 28 04:05:15 EDT 2012

Hello Stephen,

Thanks for your email. Mosh doesn't have a notion of "reconnection"
per se. The client sends datagrams at least every three seconds to the
server, with increasing sequence number. The server sends datagrams to
the client's "last known address." As far as the server is concerned,
the client's "last known address" is whatever source address was on
the highest-numbered authentic datagram it has received from the
client. That's the whole algorithm.

The main protection against eavesdropping or hijacking is the use of
authenticated encryption to protect the confidentiality and integrity
of each datagram end-to-end between the client and server. That same
protection applies whether there has been a long interruption in
connectivity (or a change of IP addresses) or not.

Hope this is helpful. Thanks again for your email.

Best regards,

On Fri, Sep 28, 2012 at 2:39 AM, Stephen Villano
<stephen.p.villano at gmail.com> wrote:
> From what I'm seeing, Mosh appears to utilize SSH for initial connection, though the precise method is a bit vague. That is OK, mostly, as SSH rather secure in initial authentication. One has to go to some lengths to make it insecure.
> How is the reconnect accomplished to avoid potential man in the middle attack or passive gathering to later potentially hijack the session?
> From the presentation on the website, protocol and session were mixed in the discussion, where to each, each is exclusive. The session level seems to have been discussed far more than anything about securely connecting and what is done to prevent exposure of the connection on reconnection.
> _______________________________________________
> mosh-devel mailing list
> mosh-devel at mit.edu
> http://mailman.mit.edu/mailman/listinfo/mosh-devel

More information about the mosh-devel mailing list