How do people here feel about mosh to the wide internet? We provide SSH, and use both normal secure passwords and duo for all logins. We’ve had a few more inquiries about using mosh recently, and looking at it, the big concerns I’d have are potentially the firewall rules (is it outgoing or incoming high port?) and the long lasting authentication across IPs and network connections. On unmanaged collaborator or partner devices this seems like a kind of hole if the device is compromised or stolen, where the session can live for “a long time”.
However, I tend to believe them that their AES session keys make it pretty unlikely to be hijacked just over the net. Is there any consensus?
You must log in or # to comment.