quicssh-rs
π quicssh-rs is a QUIC proxy that allows to use QUIC to connect to an SSH server without needing to patch the client or the server.
quicssh-rs is quicssh rust implementation. It is based on quinn and tokio
Why use QUIC? Because SSH is vulnerable in TCP connection environments, and most SSH packets are actually small, so it is only necessary to maintain the SSH connection to use it in any network environment. QUIC is a good choice because it has good weak network optimization and an important feature called connection migration. This means that I can switch Wi-Fi networks freely when remote, ensuring a stable SSH connection.
Demo
demo-quicssh-rs.mp4
Why not mosh?
Because the architecture of mosh requires the opening of many ports to support control and data connections, which is not very user-friendly in many environments. In addition, vscode remote development does not support mosh.
Architecture
Standard SSH connection
βββββββββββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββ
β bob β β wopr β
β βββββββββββββββββββββββββββββββββββββ β β βββββββββββββββββββββ β
β β ssh user@wopr βββΌββββtcpβββββββΌβΆβ sshd β β
β βββββββββββββββββββββββββββββββββββββ β β βββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββ
SSH Connection proxified with QUIC
βββββββββββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββ
β bob β β wopr β
β βββββββββββββββββββββββββββββββββββββ β β βββββββββββββββββββββ β
β βssh -o ProxyCommand "quicssh-rs β β β β sshd β β
β β client quic://%h:4433 β β β βββββββββββββββββββββ β
β β user@wopr β β β β² β
β βββββββββββββββββββββββββββββββββββββ β β β β
β β β β β β
β process β β tcp to localhost:22 β
β β β β β β
β βΌ β β β β
β βββββββββββββββββββββββββββββββββββββ β βββββββββββββββββββββββββ
β β quicssh-rs client wopr:4433 βββΌβquic (udp)βββΆβ quicssh-rs server ββ
β βββββββββββββββββββββββββββββββββββββ β βββββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββ
Usage
$ quicssh-rs -h
A simple ssh server based on quic protocol
Usage: quicssh-rs <COMMAND>
Commands:
server Server
client Client
help Print this message or the help of the given subcommand(s)
Options:
-h, --help Print help
-V, --version Print versionClient
$ quicssh-rs client -h
Client
Usage: quicssh-rs client [OPTIONS] <URL>
Arguments:
<URL> Server address
Options:
-b, --bind <BIND_ADDR> Client address
-h, --help Print help
-V, --version Print versionClient SSH Config
β°β$ cat ~/.ssh/config
Host test
HostName test.test
User root
Port 22333
ProxyCommand /Users/ouyangjun/code/quicssh-rs/target/release/quicssh-rs client quic://%h:%p
β°β$ ssh test
Last login: Mon May 1 13:32:15 2023 from 127.0.0.1Server
$ quicssh-rs server -h
Server
Usage: quicssh-rs server [OPTIONS]
Options:
-l, --listen <LISTEN> Address to listen on [default: 0.0.0.0:4433]
-h, --help Print help
-V, --version Print version