Mosh is based on UDP, which makes it difficult to tunnel.
The current PoC works like this:
We use ngrok to make the device reachable via TCP over the internet, so the device and the desktop do not have to be on the same network.
Through this ngrok tunnel we open an ssh connection to the device and use ssh tunnel forwarding, to expose a virtual network p2p connection between the device and the desktop computer. We use this virtual network connection to send UDP packets to the mosh server running on the device.
I’m not a 100% sure if this setup would work for your use case, but these are my thoughts:
The whole setup can probably be automated, and for your use case it has too. The current setup uses two underlying TCP connections (ngrok, ssh), when network connections fail a lot, these two TCP connections will also fail and an automated system would need to recreate these connections on the fly. The advantage of mosh like this is that mosh would be able to keep the current session open, because it is UDP based, there might be lags, when the underlying connections have to be recreated. This would give you the benefit of a continuous shell session, but you can also keep you current shell session, solely with ssh, with a tool like
The other option would be to make a VPN connection:
We don’t grant direct access to the device via our VPN, but this does not mean, that you cannot put an openvpn client into your application as well and connect to you own openvpn server. If you make this vpn connection UDP based, you can directly connect to a mosh server listening on the VPN interface. Since both network connection would be UDP based, these are more robust against network failures, but this option would require you to operate an openvpn server.
Hope this helps.