Having a .moshrc (equivalent to .ssh/config) file to be able to specify per-host configs

[lemoinem]

Hi,

I think this would go a long way improving the usability of mosh to be able to have a .ssh/config equivalent.

Unfortunately, ssh complains about unknown directives in .ssh/config so we will need a new file (I also think it's good practice to do so anyway).

The format could be simple (.ssh/config sounds a pretty good example: easy to write, easy to parse).

Useful configs to include: hostname, port, mosh-server, eventually ssh and command (in some weird case). Later: enable/disable OOB data (#423) on a per-host basis. Some of the configs such as hostname, agent forwarding, X11 forwarding, etc... could actually be extracted from .ssh/config directly.

I think it's much better than aliases because it's seamless and consistent. Plus the fact that mosh already seamlessly use .ssh/config makes it quite irritating to be able to use aliases only for specifying a couple of argument for a given host. If many hosts requires a custom config multiplication of aliases could also clutter the shell. Plus we always have to remember which hosts works out-of-the-box and which needs an alias. All this disappears with a .mosh/config config file.

Security-wise, since it's already done by ssh (and actually allows a much bigger control on the connection since it could change the Hostname we are connecting to, define a ProxyCommand, etc...), If the file is secure, I don't see a very big security issue here.

[lemoinem]

FTR, IRC discussion:

11:40 < lemoinem> I was wondering if there has already been a discussion regarding a .ssh/config-like file for mosh... 11:41 < grawity> What options would it have? 11:41 < lemoinem> I think it's a kind of small feature code-wise that would go a great way to improve the usability. 11:41 < lemoinem> On the top of my head, port is the one I see the most usefull 11:41 < achin> -p is the only useful option to mosh, right? 11:41 < lemoinem> yeah, but mosh-server could be too 11:41 < achin> true 11:42 < achin> in the past, people have recommended aliases for this, but i can see how a .mosh-config might be useful 11:42 < lemoinem> (plus, with oob data coming with mosh 1.3 (iirc), we could enable/disable it on a per-host basis...) 11:44 < lemoinem> otoh, I understand it might still be a bit of work code-wise, but I guess it would already be nice to have it in the roadmap... If enough people think it's a nice idea someone might even contribute to it... 11:44 < lemoinem> I would myself but I don't have the necessary free time on my hands right now )': 11:46 < lemoinem> (per-host ssh command might happen to be useful too in some weird cases...) 11:50 < lemoinem> Oh, another one, having a way to configure the command mosh-server is running (could be useful to have run tmux/screen instead of a direct login shell), but I have a work-around for that already and it's a different feature. 11:50 < joneskoo> basically the reason why config file has not been implemented are security concerns 11:51 < lemoinem> ? security concerns, how come? 11:51 < joneskoo> the current behaviour is simple

[sekrause]

At least for the port I think a server-side configuration file would be much better. Just like SSH has its ~/.ssh/authorized_keys for the user's key we could have a ~/.mosh/ports which defines the ports mosh is allowed to use.

For example if my sysadmin has opened up the UDP port 63210 so that I can use mosh, I simply type echo 63210 >> ~/.mosh/ports (it could also be a port range) and mosh-server will no longer user the ports 60000-61000, but the one defined in the server's configuration file.

[lemoinem]

I'm not sure about having a config file for a single config avery good idea... I think it will tend to multiply the number of config files rather quickly if we ever want other configurations server-side. However, the idea of configuring the port server-side is actually a very good point (:+1:), and could even be configured in a system-wide configuration file.

However, I think it would still be useful to be able to override this client-side in some special cases (SSH Tunnel to reach a FWed host, multiple FW with port translating between the client and the server, etc.

[jgillman]

I'm a little late to the party here, but +1 for a config file.

To connect to my home server I have to type: mosh -p 12345 --ssh="ssh -p 54321 -i ./.ssh/id_rsa" my.host.name

Yes, I can easily alias that but being able to store those the way I would for ssh would be very useful as my config would become more portable. As far as security concerns, I don't see how it would be any less secure than using a .ssh/config file. Plus, it's optional.

[andersk]

mosh already respects SSH options stored in ~/.ssh/config, so there’s no need to pass a long --ssh option every time:

Host my.host.name
    Port 54321
    IdentityFile ~/.ssh/id_rsa

[jgillman]

@andersk So it does! I don't know why I didn't try that. Thanks for the tip :)

[promolic1]

Bumping this issue.

I already know as @andersk said, mosh uses the ssh config file. But what about a custom UDP port? Any workaround to avoid remembering/writing the desired port per host?

[kiniou]

Hi,

I did a simple python3 scripting that does enable profile for mosh ports and commands. It can be found at https://github.com/kiniou/moshy .

[pjrobertson]

Looks like this is in the pipeline! +1 for this feature.

Currently I have to do

mosh --server=/home/user/bin/mosh-server me@domain.com

It would be nice to not have to specify --server :)

[ekacnet]

I did something that works well in my branch config: https://github.com/ekacnet/mosh/tree/config

I made a pull request but so far it seems that it hasn't been pulled.

[infinity0]

Instead of having a separate .moshrc, it would be easier for users, to just put these extra options in .ssh/config?

Host xxx.com.yyy
HostName xxx.com
User uuu
MoshPort 6nnn
MoshPrediction always

[andersk]

@infinity0, nope, the unrecognized syntax would completely break ssh (and therefore also mosh). I could imagine putting them inside magic comments…but not for two seconds longer than I have to.

[emtiu]

Any consensus on this in sight? I'm also very much interested in server-side custom port(range)s. Don't mind if it's systemwide (as in /etc/moshports) or per-user (as in ~/.moshports).

[Toub]

Also interested to have a client-side or server-side configuration for udp port range.

[rgruesbeck]

+1 for this

[Myke]

Another vote for server-side config; with multiple servers behind NAT, ssh-config nicely solves the port changes, but there's no elegant way to teach mosh that it's only getting specific ports forwarded to it.

[yookoala]

+1

There is no way to config custom mosh-server udp port range now. Would be really handy if a config file is available.

[tjanson]

Please refrain from "+1-ing" issues, here or elsewhere. I’m sure you mean well, but it dilutes the discussion and essentially spams subscribers of the issue.

[ghost]

Great idea, but please avoid polluting home directory, refer to XDG base directory spec.

[dpsenner]

Is there a plan when this feature might be released?

[nepthar]

I know this is an old ticket, but I've noticed that it's still open. Could you provide some guidance as to whether this is still in the works? I have several machines running mosh behind NAT and it would be fantastic if I could configure them server side to use a specified port range.

[cyqsimon]

Bump. Since the server is already responsible for selecting a port, it makes a lot of sense for there to be a config option to pin this port choice.

I have several servers behind a common gateway, and currently I have to remember each of their UDP port mapping which is a pain in the arse. Hopefully this feature gets released soon.

[ioogithub]

Can we just have mosh parse the ports from ~/.ssh/config? I already have all my hosts setup with the ports the require but mosh seems to ignore this and simple tries to connect to the default ports. Is this a bug or a design limitation?

I can't see mosh being very useful if I need to remember and type in long string with UPD ports for every server.

[yookoala]

Can we just have mosh parse the ports from ~/.ssh/config? I already have all my hosts setup with the ports the require but mosh seems to ignore this and simple tries to connect to the default ports. Is this a bug or a design limitation?

I can't see mosh being very useful if I need to remember and type in long string with UPD ports for every server.

mosh uses ssh to initiate it's own service. In this phase, mosh uses your Port setting in ~/.ssh/config to establish ssh connection. But mosh and ssh are different services, they cannot use the same set of ports or else they would conflict with each other.

[cyqsimon]

Can we just have mosh parse the ports from ~/.ssh/config? I already have all my hosts setup with the ports the require but mosh seems to ignore this and simple tries to connect to the default ports. Is this a bug or a design limitation?

I can't see mosh being very useful if I need to remember and type in long string with UPD ports for every server.

Mosh does respect .ssh/config. If you've defined custom hosts in there, you can mosh into them using their aliases just as you would using SSH.

The difference is, mosh only uses the SSH profile during initial establishment of contact. Then mosh set up its own UDP server listening on another port (completely unrelated to SSH, and this is the port we want a config for), and tells the client to contact it over there. Kind of like how ATC handles switchovers in the aviation industry. It is obvious then why settings for this mosh UDP server should belong in its own config file. Hopefully this lets you understand how mosh works a little bit better.

[ryneches]

I just wish mosh would use a more of the directives within the aliases in .ssh/config, particularly LocalForward. That would be awesome.

[frederickjh]

@cyqsimon The work around that I use to set the mosh ports is to use a wrapper script to set the ports based on the hostname. I use the fish shell and I use a fish shell function for this. You could also make a bash wrapper script but name it something different like, 'start-mosh'. Here is a sanitized version of the fish function:

# Defined in /home/username/.config/fish/functions/mosh.fish @ line 1
function mosh --description 'mosh wrapper to setup special command line option for hosts that we do not want to type or remember each time.'
    set sshhostname $argv[1]
    set -e argv[1]
    switch $sshhostname
        case example.com
            set runoptions -p 60077 --port 60077:60086
        case example.org
            set runoptions -p 60088 --port 60088:60096
        case '*'
     end
     set_color yellow
    echo -n "Now running: "
    set_color blue
    echo /usr/bin/mosh $runoptions $argv $sshhostname
    set_color normal
    echo ""
    /usr/bin/mosh $runoptions $argv $sshhostname
end

I hope that someone finds this workaround helpful.

[burakozhan]

tl;dr

Need to enter port manually each time? -> RTFM ;)

Long version:

I do have multiple servers worldwide at different operators. One of them does an external Firewalling outside of the usual linux VM firewall. So with a proper ssh config file, while for other servers I simply tpye mosh d to connect to delta-server in delaware USA, for the German server I painfully had to remember typing in mosh g -p 64829 every time, because the golf-server needs a punch in the udp port. And on the firewall config I can not give a port-range, I have to manually set each port one-by-one on a pretty slow web-site that takes the configuration. Entering 1000 ports is not feasible (and I don't even know if possible) Yes, I rent the cheapest crappy vps I can find and yes, I name my servers alpha, bravo, charlie, etc. In my ssh config thety are listed as Host a, Host b, Host c, ...

From former info I have had from the command line output which reads: (By default, mosh uses a UDP port between 60000 and 61000. The -p option selects a specific UDP port number.) I was assuming mosh uses a random port between 60000 and 61000. But that is not the case. I uses a sequential port. It always starts with 60001 for the first session. Only if there is a parallel session it needs 60002.

The FAQ already states that: Mosh will use the first available UDP port, starting at 60001 and stopping at 60999. If you are only going to have a small handful of concurrent sessions on a server, then you can forward a smaller range of ports (e.g., 60000 to 60010).

So the authors of mosh are a bit foggy around the edges there. Does it start at 60000 or 60001 and does it end with 61000 or 60999? (between 60000 and 61000 == starting at 60001 and stopping at 60999)

So for all that have still problems with this: Open 60001 - 60005 or so (for the occasional hanging session) on your firewall for UDP and all will be fine. (60000 is not used, it starts with 60001) Also; since the port does not listen, as long as you don't try to connect to the server, there is no permanent security hole on port 60001.

Still, having the port range configurable on the server side would be nice, just to match the firewall of the server for unknowing users, but I could solve my problem in another way.