How I Upgraded My Remote Work Setup: From Mac VPN + NFS + SSH to WireGuard + NFS + Mosh

 As an engineer working with embedded Linux and server-side development, remote access to my company's servers is a daily task. For years, I used the built-in VPN on my Mac to connect to our TP-Link router's VPN server, then mounted company file servers via NFS and connected via traditional SSH. It worked—but just barely.

In this post, I want to share how I replaced that aging setup with a much more modern solution: WireGuard + NFS + Mosh. The difference is night and day.

The Old Setup: Mac VPN + NFS + SSH

  • VPN: The built-in Mac VPN client connected to the office TP-Link router.

  • NFS: I mounted the server filesystem using NFS over VPN.

  • SSH: I worked on the server using normal SSH sessions.

Problems:

  • Slow file transfer speeds. VPN overhead and TCP congestion made working with large files (>2GB) frustrating.

  • Unstable SSH sessions. If my home network briefly disconnected, my SSH session would die.

  • High latency. Typing over SSH had noticeable lag.

The New Setup: WireGuard + NFS + Mosh

Step 1: Replacing VPN with WireGuard

WireGuard is a next-generation VPN protocol. It is:

  • Blazing fast (native kernel support)

  • Extremely secure (using modern cryptography)

  • Lightweight and simple to configure

I installed a WireGuard server at the office and configured my Mac client with wg-quick. The difference in speed was immediately noticeable.

Step 2: Keeping NFS for File Sharing

I kept NFS for mounting company file servers. The big change? Now NFS traffic runs over WireGuard instead of the old VPN tunnel.

Result:

  • Much faster file transfers

  • Lower CPU load

  • Seamless mounting and unmounting

Step 3: Replacing SSH with Mosh

Mosh (mobile shell) is designed for mobile or unreliable networks. Compared to SSH:

  • Sessions survive network changes or sleep.

  • Latency feels much lower.

  • Perfect for long compile jobs and log monitoring.

I no longer have to worry about my session dropping when I switch Wi-Fi networks.

Real-World Improvements

Before (Mac VPN + SSH)After (WireGuard + Mosh)
~3-5 MB/s file transfers  ~10-15 MB/s file transfers
SSH session drops frequently   Mosh sessions never drop
150-200ms terminal latency   ~50ms terminal latency

I feel like my entire workflow has become smoother and more productive.

Conclusion

If you are still using traditional VPN + SSH for remote access, I highly recommend trying WireGuard + Mosh. Combined with NFS for file access, it has completely transformed my remote development experience.

I now enjoy faster file transfers, stable sessions, and a much more responsive terminal.

Happy remote hacking!

Comments

Post a Comment

Popular posts from this blog

Industrial vs Consumer TFT Displays: Why They’re Not Interchangeable

  TFT displays are ubiquitous—from smartphones and tablets to industrial HMIs and outdoor terminals. But under the surface, not all TFT panels are created equal. A display designed for a handheld device is fundamentally different from one engineered for 24/7 operation in a high-temperature, high-vibration environment. In this article, we’ll explore the   core differences between industrial and consumer-grade TFT displays , and why choosing the wrong type can lead to premature failure, performance issues, or even safety risks in demanding applications. What Is an Industrial TFT Display ? An industrial TFT (Thin-Film Transistor) display is built to operate in harsh, mission-critical environments—think factory automation, medical equipment, agricultural systems, and outdoor kiosks. These displays prioritize long-term reliability, thermal stability, and interface flexibility. Key characteristics include: Wide temperature range   (–30°C to +85°C) High sustained brightness ...
Read more

How I Migrated U-Boot to Support a New eMMC Chip After Samsung’s Line Shutdown

When Samsung announced the discontinuation of one of its widely used eMMC product lines, many embedded vendors were forced to make quick adjustments. In our case, the eMMC used on one of our Rockchip-based boards became EOL (End of Life), and we had to quickly replace it with a different vendor's part to keep production moving. This article documents the steps I took to modify U-Boot to support the new eMMC chip, including datasheet analysis, pin compatibility checks, register tuning, and extensive code changes. Background Our board is based on a Rockchip SoC (RK3566), using a Samsung eMMC for storage. The original chip had been in stable production until Samsung shut down its eMMC production line for that model. The replacement chip came from a different vendor, with different electrical specs and initialization behavior. The challenge was that the replacement chip: Had different timing requirements (especially HS400 mode). Required tuning of EXT_CSD registers. Had a slightly diff...
Read more

Why Custom Embedded Systems Are the Backbone of Smarter Devices

Why Custom Embedded Systems Are the Backbone of Smarter Devices As smart devices take over industries like home automation, medical equipment, and industrial control, it’s clear that off-the-shelf hardware often falls short. That’s where custom embedded systems come into play. These purpose-built platforms are tailored for specific tasks, delivering optimized performance, longer lifecycle support, and tighter integration into the final product. What Is a Custom Embedded System? A custom embedded system is a computing platform specifically designed for a single application. Unlike generic SBCs, it offers complete flexibility over hardware specifications, interface design, and software stack. Typical features include: Custom PCB layout and form factor Specific processors and memory tuned for your workload Targeted I/O (CAN, UART, MIPI, SPI, etc.) Optimized power efficiency for mobile or low-power systems Long-term supply support with industrial-grade components...
Read more