A Bit Sad about Mosh and Agent Forwarding
Monday, October 25th, 2021I did a little digging over the past few days to see what's new in the latest release of Blink (v14.0.2) - the terminal/shell for iOS and iPadOS. It's a nice tool - has even more features than I initially thought. It's really a nice subset of a Unix shell without needing to connect to any other hosts. But that's not really the point of this dig... I was hoping that they had implemented SSH Agent Forwarding in mosh connections so that I'd be able to use git on the remote machines. If you don't forward the SSH key, then you have to have them on the remote hosts, and ssh-add them there. That's not ideal for me, as it opens up the location of the key to a somewhat untrusted host.
I read the release notes and it seems they have re-written the SSH Agent component, and yet they didn't get very specific about the Mosh improvements, so I did a little more digging on the mosh-client code itself, and it seems that there's a bit of a disagreement about including Agent Forwarding in mosh due to security reasons. The conveneince of using git and SSH keys for git operations means that most folks want to have the key forwarding. And you can do it in simple ssh connections.
But for mosh, eventhough it's built on ssh, it seems they don't want to add it. Odd. But hey... it's their code, it's their choice, and that's why I have the workflow where I do the commits on my iPad, and use Blink with mosh just to run the code. It would be nice to have SSH Agent Forwarding, but the durability of mosh trumps the need for agent forwarding... so I'll just stick to what I have now.
But it sure would be nice... maybe they'll figure it out.