This article deliberately diverges from the multi-node rsync artifact fan-out narrative, which answers how binaries land consistently across workers. Here we answer how engineers stay attached to a shared node long enough to triage flaky tests, tail build logs, and coordinate hotfixes without their session freezing mid-keystroke. If you are designing artifact trees and promotion paths, read the 2026 Mac mini M4 cluster artifact matrix first. If you split gateways across availability zones and need webhook digests, see OpenClaw multi-AZ gateway notes. The full index lives on the blog home.
SSH remains the default control plane: it carries git+ssh, scp, rsync --rsh=ssh, and most CI runners. Mosh is a narrow upgrade for long interactive sessions when RTT spikes and jitter would otherwise make a tmux pane feel like molasses. Neither protocol serializes writes to a shared DerivedData tree—that is still a filesystem and orchestration concern.
Rule of thumb for 2026 cross-region teams: batch and automation stay on SSH with explicit timeouts; pair debugging, release captains, and on-call shells evaluate Mosh once UDP egress is approved. The matrix below is about operator experience, not throughput of artifact sync—keep those budgets on the rsync track.
| Signal | Prefer SSH | Prefer Mosh |
|---|---|---|
| Session survival | Reconnect scripts, ServerAliveInterval, tmux detach/attach |
Roaming, sleep/wake, high packet loss without frozen local echo |
| Compliance surface | Single TCP port, mature logging hooks | Requires UDP allow lists and mosh-server packaging on the Mac |
| Parallel builds | Same as Mosh—use workspace isolation plus flock on promote | Same as SSH—do not confuse transport with mutual exclusion |
Port and firewall checklist
Paste the rows into security groups, corporate egress allow lists, and the notes field of your node firewall policy. After every change, re-test from three real paths—office Wi‑Fi, phone tether, and split-tunnel VPN—because paper approvals rarely match UDP return behavior under symmetric NAT.
| Plane | Protocol / port | Notes |
|---|---|---|
| SSH control | TCP 22 (or your custom port) |
Keep key rotation, rate limits, and jump hosts. Automation, scp, and git+ssh share this path. |
| Mosh data | UDP 60000–61000 default range (shrink on server if policy demands) |
Requires mosh-server on the Mac. Symptom pattern: SSH works, Mosh hangs after login almost always means UDP is blocked or return traffic is filtered. |
| NAT / return path | Stateful permit for established/related flows | Document observed loss and RTT per geography; DPI or UDP “optimization” middleboxes occasionally break Mosh even when pings look fine. |
Acceptance checks before you declare the cluster “Mosh-ready”: (1) run mosh user@host from each network class; (2) toggle Wi‑Fi while typing—local echo should stay usable; (3) when you narrow the UDP window, mirror the same bounds in client launch scripts so help desk answers stay deterministic.
Build locks and flock combination strategy
Mosh improves how characters render and survive packet loss; it does not order concurrent writers against the same canonical artifact directory. Treat parallel work as wide compile, narrow promote: every branch gets an isolated worktree, and only the promotion stage—copy into the blessed tree, write manifest, trigger notifications—runs under an exclusive flock.
- Lock file placement: store lock files on local SSD or a low-latency metadata volume. Holding locks across high-latency mounts (SSHFS, far-away NFS) amplifies false contention and masks real stalls.
- Critical section width: wrap only promotion steps, not entire Xcode or SwiftPM compiles. Wide locks turn your M4 fleet into a single-threaded machine.
- Human vs robot path: when engineers use Mosh to run helper scripts, those scripts should call the same promote entrypoint as CI so nobody bypasses flock “just for a quick hotfix.”
- Parallel acceptance: launch two interactive shells and race the promote script; one should exit quickly with a documented code (for example
17for “lock busy”) while observability tags the event as queued, not wedged.
A minimal promote gate that both GitHub Actions and humans can call looks like this—keep it beside the wider rsync guidance in your internal wiki, but execute it from whichever shell transport you prefer:
flock -n /var/tmp/m4-promote.lock bash -c '
./scripts/promote_artifacts.sh
' || { echo "promote lock busy"; exit 17; }
Extend the checklist with infrastructure signals: alert when lock wait time crosses a percentile budget, and correlate spikes with simultaneous Mosh sessions so you can tell “two humans collided” from “CI storm.” When you need predictable capacity before locking in network changes, compare regions on the public pricing page so finance and platform see the same numbers.
FAQ
Can Mosh replace flock or CI mutual exclusion? No. Mosh is transport and rendering for interactive terminals. Whether two jobs can safely write the same directory is still governed by workspace layout, orchestrator concurrency, and explicit locks on promotion.
TCP 22 is open—why does Mosh still fail? Because Mosh also needs a UDP data plane and a working mosh-server on the host. SSH carries the bootstrap; it does not substitute for the UDP range in the table above. Validate return traffic and any middlebox that “helps” UDP.
Should automation jobs move to Mosh? Usually not. Non-interactive work is easier to audit with SSH, deterministic exit codes, and wall-clock timeouts. Keep Mosh for humans staring at compiler output through bad hotel networks.
Does tmux make Mosh redundant? tmux protects server-side state if SSH drops; Mosh additionally smooths client-side typing when the network is ugly. Many teams stack both: Mosh into the datacenter edge, tmux on the node for handoffs between operators.
Browse plans without signing in
Compare regions and SKUs on the public pricing page—no account required to view. When you are ready, check out on the purchase flow, provision dedicated Mac mini M4 nodes, and paste this firewall plus flock checklist into your runbooks.