04

Transport

SSH and Mosh in pure Rust. Evern connects over SSH, optionally upgrades to Mosh for UDP-based resilience, and uses exponential backoff reconnection to maintain sessions across network changes.

View Source

TransportLayer Trait

Both SSH and Mosh implement a shared TransportLayer trait in the Rust core. This abstraction lets the session manager switch between transport implementations transparently — the UI layer never knows which protocol is active.

Connection type is exposed to the platform UI via connection_type() for status badge display, but all I/O flows through the same interface.

transport trait
trait TransportLayer {
fn connect(&self,
profile: &ServerProfile
) -> Result<()>;
 
fn send(&self,
data: &[u8]
) -> Result<()>;
 
fn recv(&self
) -> Result<Vec<u8>>;
 
fn disconnect(&self) -> Result<()>;
fn is_alive(&self) -> bool;
}

SSH (russh)

Capability Detail Status
Protocol SSH2 via russh (pure Rust, async with tokio) Implemented
Key Types Ed25519, RSA, ECDSA Implemented
Authentication Password, private key, keyboard-interactive Implemented
Port Forwarding Local and remote Planned
Agent Forwarding SSH agent forwarding Planned
Jump Hosts ProxyCommand support Planned
SFTP File browser Planned
Connection Time <2s Wi-Fi, <4s LTE Target
Timeout 20 seconds Implemented

Configuring SSH

Evern supports three authentication methods during the connection flow. Users choose their method when creating or editing a server profile.

Importing Keys

Private keys are imported via the platform file picker on both Android and iOS. After selection, the key is stored securely in the Android Keystore (Android) or the iOS Keychain (iOS). Supported key formats include Ed25519, RSA, and ECDSA. The key material is never written to app-local storage in plaintext.

Password Authentication

Passwords are entered during the connect flow. Users may optionally save credentials to the platform secure store (Android Keystore / iOS Keychain) for subsequent connections.

SSH Config Import

Importing ~/.ssh/config files is planned for a future release. This feature will parse host aliases, identity files, proxy commands, and other directives into Evern server profiles. It is not yet implemented.

key import flow
# User taps "Import Key"
Platform file picker opens
Select id_ed25519 / id_rsa / id_ecdsa
 
# Key is validated
Parse key format and type
Prompt for passphrase if encrypted
 
# Stored securely
Android: Keystore
iOS: Keychain

Mosh Protocol

The evern-mosh crate is a custom Rust implementation of the Mosh State Synchronization Protocol (SSP). It implements SSP with protobuf wire compatibility, AES-OCB encryption, UDP transport, and terminal state diff. The implementation interoperates with standard mosh-server installations and has been tested against real mosh-server instances.

Protocol Stack

  • SSP (State Synchronization Protocol) — instruction encoding/decoding, protobuf wire compatibility, zlib compression, fragmentation/reassembly
  • AES-OCB Encryption — datagram encryption with nonce/layout + integrity checks
  • UDP Transport — timestamp handling and predictive local echo reconciliation
  • Terminal State Diff — minimal updates instead of full-frame redraws
mosh protocol layers
Application Layer
Terminal state diff model
Predictive local echo
 
SSP Layer
Instruction encode/decode
Protobuf wire format
zlib compression
 
Crypto Layer
AES-128-OCB
Nonce + integrity
 
Transport Layer
UDP datagrams
Timestamp reconciliation

Auto-Upgrade

Evern connects via SSH first, then probes whether mosh-server is available on the remote host. If available and the version returns expected output, Evern starts a Mosh session and hands off transparently. If Mosh is unavailable or the upgrade fails, SSH continues with keepalive enabled.

The connection type badge in the UI reflects the active transport. Users never need to configure this — it happens automatically.

Edge Cases

  • Incompatible mosh-server version — If the remote mosh-server is too old or returns unexpected output during the version probe, the upgrade is skipped silently and Evern remains on SSH with keepalive.
  • UDP blocked by network — The Mosh upgrade fails during the UDP handshake phase. Evern remains on the existing SSH connection. No user action is needed.
  • SSH drops mid-upgrade — The SSH session remains the active transport until the Mosh handoff completes. If SSH drops before handoff finishes, the reconnection engine handles recovery using the standard backoff strategy.
Connect via SSH
Probe mosh-server version
Start Mosh session (UDP)
Hand off transport
Fallback: SSH + keepalive

Reconnection Strategy

When a connection drops, the reconnection engine uses exponential backoff with jitter. Network change callbacks from the platform (Android ConnectivityManager, iOS NWPathMonitor) trigger immediate reconnection attempts when connectivity returns.

Backoff Parameters

  • Base delay: 1 second
  • Max delay: 30 seconds (bounded — the delay never exceeds this ceiling)
  • Jitter: random value between 0% and 50% of the current delay, added to each attempt
  • Strategy: each retry doubles the previous delay (1s, 2s, 4s, 8s, 16s, 30s, 30s, ...) before jitter is applied

The UI shows reconnection state with an attempt counter. tmux and screen sessions are auto-detected and offered for reattachment after reconnection.

reconnection
# Connection drops
State: RECONNECTING
 
Attempt 1 ... 1.0s + jitter
Attempt 2 ... 2.0s + jitter
Attempt 3 ... 4.0s + jitter
Attempt 4 ... 8.0s + jitter
Attempt 5 ... 16.0s + jitter
Attempt 6 ... 30.0s + jitter (max)
 
# Network callback: reachable
Immediate reconnect attempt
 
# tmux session detected
State: CONNECTED (Mosh)
Reattached: tmux session "dev"

Network Resilience

Wi-Fi
session alive
Cellular
session alive
Offline
session alive
Wi-Fi
session alive

Mosh uses UDP datagrams that survive IP address changes, Wi-Fi to cellular transitions, and extended dead zones. The session state lives on the server — the client can reconnect from any network at any time. SSH sessions use keepalive and automatic reconnection with session reattachment.

Security Model

Feature Default User Override
Host Key Verification Trust on first use (TOFU) No — always enforced
Host Key Change Warning Full-screen blocking alert; typed hostname confirmation required No — always blocking
Credential Storage Platform-native (Android Keystore / iOS Keychain) No
App Lock Biometric/PIN on launch (on by default) Can disable
Scrollback Memory only, cleared on session close Line limit configurable
Idle Timeout 5 minutes, then re-lock Configurable
App Switcher Blurred preview No
Clipboard Auto-Clear Off 30s / 60s / 2min

Secure defaults, no paternalism. Protect against realistic threats automatically, never prevent the user from doing their job.

Previous Voice Input Next Design Identities