[mosh-devel] Presenting Blink Mobile Shell (iOS)
Carlos Cabanero
carlosecabanero at gmail.com
Thu Feb 11 11:03:45 EST 2016
Hi! We are a small team who have been working for the last few months on a project that I want to introduce to you. Blink is a new mobile shell for iOS built around Mosh. We created the terminal we wanted to have and use all day, fully configurable (fonts! keyboard...) and with a great UI, can't say much more than that right now ;)
I wanted to reach out to you for two reasons, first to let you know the work we have done, and second to discuss how some of our changes could be pushed back to Mosh.
We have been able to compile Mosh for iOS successfully with a few changes. For bootstraping, we rewrote the process to use our app configuration and calls through an SSH lib. Then we transformed the client into a library itself, that instead of using stdio is able to receive other descriptors for input and output. We compiled it by adapting the current makefiles and parts of the code that were not compatible with current iOS policies. Everything is currently running very well.
We will obviously commit to the GPL and open source our work too. Some of the things mentioned before make sense to be in the main branch. But I wanted to focus the conversation on stopping and reopening Mosh sessions (https://github.com/mobile-shell/mosh/issues/394)
I read about the security implications of making the nonce available. In our case this is essential because the app might be killed by the OS at anytime, and we would like to restart everything to its state when the user reloads the app. We could consider iOS as a “secure” environment for storage, and were thinking about always performing a “bootstrap” through SSH to validate the server fingerprint before sharing it. We think this last part could help avoid a Man in the Middle attack and be a viable option worth considering in the main Mosh trunk too. I would love to have your input on this because I’m sure you might have other ideas worth exploring, or aware of other security issues. We would love to put the resources to see it done.
Thanks in advance!
PS: I discussed briefly with Keith and he suggested serializing the full STMClient object. This would be easier too than what we though initially, making the nonce and other required data available, and then provide another "reboot from data" function in the client.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mosh-devel/attachments/20160211/e8603a81/attachment.html
More information about the mosh-devel
mailing list