Session Migration

[b-angus]

Without knowing enough about how all the pieces fit together, I sent Lonny Wong a note asking about the possibility for tssh and tsshd to support session migration between devices, rather than just session resiliency on a single device.

Lonny mentioned that a number of the pieces are already in place inside of tsshd, but, for the Apple ecosystem, it might be better to ask here in the "rootshell" app area. Lonny also said that there would likely be some security issues to address in order to make this type of functionality as safe as possible.

I don't have enough technical experience to be much other than a nuisance, so I'm just following Lonny's suggestion and posting my original question about the idea below.

I'm quite curious about your thoughts.

Cheers,
Brian

I've been following your projects (and also the new "rootshell" app) for a while.  I have what is likely a somewhat dopey question, but I'll ask anyway...    :)

Your tssh and tsshd projects seem to be solving some really long running nuisance problems with terminal connectivity, namely poor connections, dropped connections, and roaming IP addresses.

I'm curious if in addition to solving the roaming "device" type of issues, if it also solves the roaming "person" problem.  For many people tmux has historically been the best solution for these types of problems, with the primary benefit being to guard against session drops.  But, another huge tmux feature is to provide for session migration to alternate devices such as from an office pc to a home computer, iPhone or iPad.

My initial read is that tssh sessions can be continued on the same device where the current and initial session keys are already stored, but that these sessions aren't migratable to alternate devices since there are no available keys on any new client device?  My understanding may well be wrong; however, do you think this is a feature that might interest you?

In my mind, to implement something like this, session list, attach and detach functions would be needed that could be executed when logging in on a new device using a new OpenSSH connection where an existing session could then be selected, re-keyed, and transitioned back to the desired underlying protocol (KCP / QUIC)?

I don't know if there would be any security issues with an approach like this or if this is too far outside of what you are doing.  However, not requiring tmux, zellij or screen for session control seems like a useful benefit.  Those tools could still be used for those who like their other features, but session control might be able to be handled more universally?

[b-angus]

Sorry about the formatting - I obviously haven't quite figured Github comment posting... :)

[lonnywong]

That's a very interesting idea. In the Apple ecosystem, implementing this session migration using Handoff would be quite compelling.

For a solid reference on the security architecture required to make this safe (end-to-end encryption, replay protection, and device-to-device trust), you can check out Apple's documentation here: https://support.apple.com/en-hk/guide/security/secf78dbe639/web

I think rootshell is a great place to explore this kind of capability!

[kitknox]

Interesting idea. There are a number of options. The most critical thing is securely getting the credentials and other session state information from one device to another. The first architectural decision is if we attempt to use iCloud for this or not. We already have features that allow for syncing keychain data between a users devices this way. The tssh session keys are already stored this way, but are currently scoped to the local keychain. It’s just a metadata change to get them to sync to other devices.

One of the funny things I already run into when testing on my MacBook is when I end up with more than one instance of rootshell running at the same time on one machine. The second instance that starts of attaches to the active tssh sessions and takes them over causing the tssh sessions on the other instance to fail. But this is basically already an app to app transfer.

There are other options if we wanted to skip iCloud for exchanging data between even otherwise untrusted devices. I’ll have to think about this more.

[lonnywong]

Actually, my suggestion wasn't to pass the session key via iCloud syncing, but rather to leverage Apple’s Handoff functionality.

The idea is to utilize the Continuity framework: when your iPhone and macOS are in proximity with Bluetooth enabled and signed into the same iCloud account, you can "hand off" the active task. Just like how opening a tab in Chrome on iOS triggers a prompt in the macOS Dock to continue browsing, it would be incredibly "cool" if Rootshell could natively hand over an active session key to a nearby device. It would make the transition between mobile and desktop feel much more integrated.

[b-angus]

I've spent a small amount of time looking for interesting and somewhat similar projects here on GitHub and have found a number of session management related items. There seem to be a quite a few borrowing ideas from each other. One in particular stands out as it is currently Mac and Linux friendly. It is a more generic approach rather than an Apple ecosystem type of approach. Here are links to the author's blog where he describes his thought processes and and a link to the his GitHub repository:

https://bower.sh/you-might-not-need-tmux
https://github.com/neurosnap/zmx

The "zmx" tool seems a bit more like a very minimal stripped down screen or tmux, but is using libghostty for session restoration and built with zig. I'm not sure how useful this could be for you or if tsshd could incorporate some of the ideas into its daemon when establishing new connections, it seems there could be some interesting potential? As I noted before, I'm talking well beyond competence level, but I still find this fascinating. The author's Blog and GitHub pages also list a number of other related tools. Could be worth a look... :)

[kitknox]

I have an initial implementation working and just transferred a tssh session from my MacBook to iPad via continuity including moving over the scroll back history.

[kitknox]

It took a little bit of time to get this to be stable. I am now reliably transferring across all supported device types without experiencing any failures. With that I'm now planning to include it in the next build.

[kitknox]

One other note from testing. In some cases if devices are not on matching firmware the Apple provided continuity connectivity doesn't seem to always be backwards compatible. This is going to end up being problematic for users that are on devices that can't run anything newer than iOS 18 for example but have a MacBook running macOS 26.5. If this feature proves popular I can look at extending to an additional bonjour or iCloud coordination fallback. This would be useful for cases when you are remote and want to be able to "grab" back a session from another device. Would have to make sure that sort of thing is only allowed if the user wants it to be etc.

[lonnywong]

I'm currently considering implementing this feature directly in tsshd（ trzsz/tsshd#35 ）. By doing so, we can handle the session attachment natively and completely eliminate the need to rely on iCloud for passing session keys.