Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
 [dupe] Chat over SSH (github.com/shazow)
43 points by dsr12 on Jan 7, 2015 | hide | past | favorite | 19 comments


See also "Why aren’t we using SSH for everything?" by the same author https://news.ycombinator.com/item?id=8828543


This was a ShowHN a few weeks ago: https://news.ycombinator.com/item?id=8743374


Supposedly this is a chat server to run as a login shell for users ssh-ing to a particular box.

Apparently, unlike a e.g. Jabber server, your whole interaction, including the typing of your messages, happens in the remote terminal session. Probably this is perfectly fine for chatting inside your LAN, but probably not best if your connectivity is limited or just has a high latency (imagine a ping from Iceland to New Zealand).

It seems that long-term history is not supported yet.

Still this thing must be easier to set up than IRC over TLS.


I wonder if latency can be improved by building upon Mosh[1], rather than SSH.

  [1]: https://mosh.mit.edu/


Mosh doesn't really impact real latency, just perceived latency by buffering the screen (and ironically, is slower on good connections than regular ssh).


The only change request I'd suggest is using IRC as the backend for that chat (i.e. make the ssh chat daemon act as an IRC client to a local IRC instance instead of using the Server.Broadcast mechanism) - it would give a big boost in functionality with not a lot of additional effort.


Most irc channels are public. It's not that useful unless the channel or maybe the entire server is ssh and invite only.


Wasn't the suggestion to run an IRC server on the server you're SSHing into? In which case, surely it'd only be accessible from that machine...


Yup, this. The first obvious benefit is a well tested & implemented chat engine with rooms, and the ability to add existing chat bots.


This exposes your public key through /whois <username>. In order to protect that along with hiding your system's default username, join with "ssh -o PubkeyAuthentication=no <username>@chat.shazow.net"


Better yet, choose your public key depending on the server you're connecting to:

https://wiki.archlinux.org/index.php/SSH_keys#Managing_multi...


Why does that matter if it is a public key?


Theoretically, for DSA and RSA keys under 1024 bytes, they can be brute forced. If you have one of these keys, you won't want to expose them.

It's security through obscurity, but obscurity in addition to real security offers no real harm.


This makes me nostalgic for the days when I used commandline programs like ytalk to chat with friends...


Nice, although everyone is just trying it out willy nilly and exposing the usernames on their computer


True, and information leakage (ie pubkey) is always something, but usernames are not cryptographically secure anyway.


Fun but laggy


woah this is really neat!

Lags a bit as you type, is that to be expected?


Depends how far away from the server you are. Anything over 100ms will lag a little (or a lot). So yes for most of the world.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: