[mosh-devel] Connect-UDP

Alex Chernyakhovsky achernya at mit.edu
Mon Nov 25 14:54:34 EST 2024 

Hi Wes,

Thanks for reaching out. I’m one of the mosh maintainrrs, and one of the
contributors to that RFC.

To start out with, you should probably reference the latest version of that
document,
https://datatracker.ietf.org/doc/html/rfc9298.

>From there, things get a little complicated. The Github issue you reference
started out as a ProxyCommand issue with ssh. This is not something that
can be resolved in the mosh codebase alone, as mosh uses UDP and (to my
knowledge) there’s no way to create a UDP tunnel over ssh.

Leveraging CONNECT-UDP could be done with an outside codebase, such as
quic-go (https://quic-go.net/docs/connect-udp/) and having your own proxy
tunnel client.

Another way to do this would be to modify mosh to natively have a
CONNECT-UDP-aware client, rather than using the socket(7) APIs directly.
However, this is challenging, as the highest-quality C++ QUIC
implementation, Google QUICHE (
https://github.com/google/quiche) is going to be tough to get packaged with
popular linux distributions like Debian due to its pervasive use of Bazel.

In general, I have aspirations to make mosh move over to QUIC or H3
entirely, but that’s a far-away project. In an ideal world, this would be
merged with SSH-over-H3 efforts, such as
https://github.com/francoismichel/ssh3

What aspects of CONNECT-UDP are you interested in supporting, here? I see
from your email that you’re affiliated with Pomerium — is it fair to assume
you’re hoping to support a zero-trust proxy for mosh?

Sincerely,
-Alex

On Sun, Nov 24, 2024 at 7:18 PM Wes Medford <wmedford at pomerium.com> wrote:

> Hi Keith,
>
> My name is Wes, and I came across some old issues in Mosh, specifically
> this one
>
> https://github.com/mobile-shell/mosh/issues/285
>
> It seems like newer proxies might be able to support this now as long as
> connections are initialized using CONNECT-UDP (
> https://www.ietf.org/archive/id/draft-schinazi-masque-connect-udp-00.html).
> I'd love to get this set up, but I'm not sure the best place to start
> in Mosh's codebase. Any shot you could point me in the right direction?
>
> Thank you,
>
>
> Wes Medford
> _______________________________________________
> mosh-devel mailing list
> mosh-devel at mit.edu
> https://mailman.mit.edu/mailman/listinfo/mosh-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.mit.edu/pipermail/mosh-devel/attachments/20241125/8079e9ca/attachment.htm>

More information about the mosh-devel mailing list