SSH and Mosh on Debian


I run Debian Squeeze with OpenSSH, sitting behind Shorewall. I access my systems using OS X’s SSH client. I also use MacPorts.

This simple guide will show you how to quickly get up and running with Mosh.


Mosh sits between your usual SSH session, setting up a session across UDP. Obviously, we’ll need to set up both the server and the client. Note we don’t actually need to run as a privileged user (though piercing holes through Shorewall, to get it to actually work, is another matter).


If you’re using OS X, things are easy. With MacPorts: sudo port install mosh.

Alternatively, head on over to downloads to grab a binary (OS X 10.5 or later). Once it’s installed, you’re good to go, unless you’re setting up the server-side as well, below.

NOTE The MacPorts version of mosh seems to have a funny quirk, where it complains that IO::Pty can’t be found. Using the OS X (rather than MacPorts) version of Perl is recommended — change #!/opt/local/bin/perl5.12 to #!/usr/bin/perl in /opt/local/bin/mosh and the problem is solved.


apt-gpt install libboost-dev libncurses5-dev libprotobuf-dev libutempter-dev protobuf-compiler

This’ll install libboost1.42 development libraries and libicu44, which is a set of libraries to support unicode. As we also need ncurses headers, we’ve added that as well. Finally, apt should correct dependencies so as to also add libprotobuf-lite6 and libprotobuf6 to the list.

If you also wish to allow dpkg to manage your packages (which is what I do), consider also doing the following:

apt-get install dpkg-dev checkinstall

Once that’s done, download and untar, then make sure you’re a normal user (not root), cd into the directory, and do the usual:

tar -zxvf mosh-1.2.3.tar.gz
cd mosh-1.2.3

Good stuff. Now:

checkinstall make install

I tend to carry out the checkinstall as a normal user, just so I can review everything before:

dpkg -i mosh_1.2.3-1_amd64.deb

Done! Now, you should be ready to go, unless you’re also using Shorewall, which we’ll have a look at in a second. To SSH using Mosh:


Shorewall config

NOTE 24-Mar-2013 This section has been updated thanks to the help of Zack. Cheers, Zack! :)

Macros are already defined under /usr/share/shorewall, but new macros should be created in /etc/shorewall so they are not overwritten upon update.

Copy /usr/share/shorewall/macro.template to /etc/shorewall/macro.Mosh and add the following:

PARAM  -       -       udp     60000:61000

Update /etc/shorewall/rules (obviously your configuration might be different…)

Mosh(ACCEPT)    net     $FW

Restart, and you’re done. Happy days.