Mosh is a pretty good tool, almost indispensable when working in places with crappy internet. While it is designed to help with situations like “LTE on the beach,” it actually works very well in places where internet connectivity is genuinely bad: 1500msec RT, latency, 30% packet loss, and frequent drops in connectivity that last seconds to hours, otherwise known as most of the world. On a good day I lose an SSH connection randomly about every 3-6 hours but I’ve only ever lost a Mosh session when my system went down.
It does a lot of things, but two are key for my use: it syncs user input in the background while local echoing what you type so you can finish your command (and correct a typo) without waiting 1500msec for the remote echo to update; and it creates persistent connections that survive drop off of almost any type except killing the terminal application on one end or the other (anything between can die and when it recovers, you catch up). This means compiles finish and you actually get the output warnings…
…some of them. Because Mosh’s one giant, glaring, painful, almost debilitating weakness is that it doesn’t support scrollback. So compared to tmux or something else that you can reconnect to after your SSH session drops, you really lose screen content, which is a PITA when ls-ing a directory. I mean, it isn’t that much of an efficiency gain to have to type “ls | less” instead of just “ls” every time you want to see a directory.
I found a solution that works for me. I also use Tmux with Mosh because Tmux will survive a dead client and working with Windows client reboots are a fact of life (I know, sad, but there are some tools I still need on windows, hopefully not for much longer).
Tmux has a facility for creating a local log file, which I then “tail -f” using a separate SSH window. If the SSH client disconnects, no loss, I can pick up the log anytime. It is just mirroring everything that the mosh terminal is doing and the scroll bar scroll back works fine. And it is a raw text file, so you can pipe the output through grep to limit what’s displayed to something of interest and review the log asynchronously as, say, a build is progressing.
Although there are some nice advantages to this, when/if Mosh supports scrollback, it’ll be far more convenient having it in the same window, but for now this is the easiest solution I could come up with.
# portmaster sysutils/tmux # portmaster net/mosh # ee ~/.tmux.conf -> bind-key H pipe-pane -o "exec cat >>$HOME/'#W-tmux.log'" \; display-message 'Logging enabled to $HOME/#W-tmux.log' -> set -g history-limit 30000 Start a Mosh session (for example with Mobaxterm on windows) # tmux # [CTRL]-b H start SSH session (Mobaxterm or Putty on windows) # tail -f csh-tmux.log ("csh" will be the name of the mosh window - so really "(MoshWindowName)-tmux.log"
You can tmux the ssh session too and still have scrollback and then just reconnect into the same tail command, which preserves the whole scrollback. If you’re on a connection like I’m on, your scrollback logfile will drop off a couple of times a day, but you won’t lose your Mosh session, and it’ll be waiting for you when you’re reminded that you need to see those security warnings from the compile that just scrolled off the Mosh screen forever.
Client cert authentication is oddly elusive given the practical value. I found a neat bug:
I get a request for identification in firefox, no problem. If I choose the right certificate to respond with I get an instant child pid 61501 exit signal Bus error (10). Every click on the “OK” button gets another seg fault. Yay. Magic.
Updating my server’s install of OpenSSL on FreeBSD 8.1 to 1.0.0_4 (openssl-1.0.0c) I ran into a problem where some of the patch files had been updated but the distinfo file in /usr/ports/security/openssl hasn’t (hadn’t?) been updated to match.
The symptoms are that the update of OpenSSL fails with two errors:
- tls-extractor.patch line count is 1235, distinfo says 1234,
- dtls-sctp-20.patch SHA256 hash is wrong,
- (the tls-extractor.patch hash is wrong too, but the line count hits first).
- SHA256 (openssl-1.0.0c/tls-extractor.patch) = bb1aa486327fd96f9d6b870f0a1ad2c83dd4c06a96284eb64dde3f833ba5e0d0
- SIZE (openssl-1.0.0c/tls-extractor.patch) = 1234
- SHA256 (openssl-1.0.0c/dtls-sctp-20.patch) = 3b451618b64d7dbc917942759c26cbc717be3077e9d73cb3c5bd12a82a132268
+ SHA256 (openssl-1.0.0c/tls-extractor.patch) = b7dfb15b6ab7d62348eaa191fc8ba06565c92ecdd5d08bb5e9eb01a2e7433bb2
+ SIZE (openssl-1.0.0c/tls-extractor.patch) = 1235
+ SHA256 (openssl-1.0.0c/dtls-sctp-20.patch) = f002b13fead7c08270a9cfaf556be49c62be5b46f492ad59db29af4d3e9a4e67