Intercepting MOSH and decrypting messages

[manfred-kaiser]

The next release will be able to intercept MOSH. 🎉

Intercepting MOSH is possible, because SSH is used for authentication and for sharing the secret key.
The secret key is used to encrypt and decrypt the messages.

The decrypted data is a state synchronisation protocol (SSP) which is used to sync the terminal window contents between the server and the client. Due to missing documentation of SSP, SSH-MITM is not able to show additional data for the MOSH session 😞 but there's an open issue ticket: mobile-shell/mosh#1087

When more information about the SSP protocol become available, I will add better support to intercept MOSH in SSH-MITM.