bssh (1.7.0-1~jammy1) jammy; urgency=medium
* v1.7.0
### New Features
- **SSH Keepalive Support**: Added SSH keepalive to prevent idle connection timeouts (#122)
- `--server-alive-interval` option: Configure keepalive interval in seconds (default: 60, 0 to disable)
- `--server-alive-count-max` option: Maximum keepalive messages without response before disconnect (default: 3)
- Configuration support in config.yaml via `server_alive_interval` and `server_alive_count_max` fields
- Helps maintain long-running sessions through firewalls that drop idle connections
### Improvements
- **Documentation**: Added GitHub downloads badge to README
### Bug Fixes
None
### CI/CD Improvements
None
### Technical Details
- Implemented SSH keepalive packet sending at configurable intervals
- Automatic connection termination after max retries without response
- Full integration with all execution modes (exec, interactive, file transfer)
### Dependencies
- Updated russh from 0.55.0 to 0.56.0
- Updated ratatui from 0.29.0 to 0.30.0
- Updated signal-hook from 0.3.18 to 0.4.1
- Updated whoami from 1.6.1 to 2.0.1
- Updated unicode-width from 0.2.0 to 0.2.2
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 09 Jan 2026 00:00:00 +0900
bssh (1.6.0-1~jammy1) jammy; urgency=medium
* v1.6.0
### New Features
- **Jump Host Configuration Support in YAML**: Added `jump_host` field support in config.yaml (issue #115)
- Global defaults level: `defaults.jump_host` for all clusters
- Cluster level: `clusters.<name>.jump_host` for cluster-specific settings
- Node level: Per-node `jump_host` in detailed node configuration
- Environment variable expansion supported (`${VAR}` or `$VAR` syntax)
- Empty string (`""`) explicitly disables jump host inheritance
- CLI `-J` option always takes precedence over configuration
### Improvements
- **SSH Config ProxyJump Directive**: Apply SSH config ProxyJump directive when -J option not specified (issue #117)
- ProxyJump directive from SSH config now properly applied as fallback
- Priority order: CLI `-J` > config.yaml jump_host > SSH config ProxyJump
- **Documentation**: Added comprehensive jump_host configuration documentation
- Updated README.md with configuration examples
- Added docs/architecture/ssh-jump-hosts.md with detailed architecture
- Updated example-config.yaml with all jump_host configuration patterns
### Bug Fixes
- **Jump Host Authentication**: Fix jump host authentication fails with empty SSH agent (issue #116)
- Properly handle empty SSH agent when authenticating through jump hosts
- Fall back to key-based authentication when agent has no identities
- **Config Fallback**: Apply expand_env_vars to jump_host and add config fallback for exec/interactive
- Environment variables now properly expanded in jump_host values
- Configuration jump_host properly used in exec and interactive modes
### CI/CD Improvements
- Updated GitHub workflows
### Technical Details
- Added ConfigResolver::resolve_jump_host() method for centralized jump host resolution
- Jump host priority: CLI > Node > Cluster > Global defaults
- Comprehensive test coverage: 424 lines of tests for jump_host configuration
- Integration tests for all priority levels and edge cases
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 19 Dec 2025 00:00:00 +0900
bssh (1.5.1-1~jammy1) jammy; urgency=medium
* v1.5.1
### New Features
None
### Improvements
None
### Bug Fixes
- **SSH Disconnect Error Handling**: Handle SshError(Disconnect) during authentication for password fallback (issue #113)
- Fixed handling of SSH disconnect errors during authentication phase
- Enables proper password fallback when SSH connection is disconnected during auth
### CI/CD Improvements
None
### Technical Details
- Extended auth error matching to include SshError::Disconnect variant
- Improved robustness of password fallback authentication flow
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Wed, 18 Dec 2025 00:00:00 +0900
bssh (1.5.0-1~jammy1) jammy; urgency=medium
* v1.5.0
### New Features
- **pdsh Compatibility Mode**: Full pdsh-style command line compatibility
- `-w hosts` option mapped to `-H hosts` for target host specification
- `-x hosts` option mapped to `--exclude hosts` for host exclusion
- `-f N` option mapped to `--parallel N` for fanout control
- `-l user` option for remote username
- `-N` option for disabling hostname prefix in output
- `-b` option for batch mode (single Ctrl+C termination)
- `-k` option for fail-fast mode (stop on first failure)
- `-q` query mode to show target hosts and exit
- **Hostlist Expressions**: pdsh-style range expansion support
- Range expansion: `node[1-5]` → node1, node2, node3, node4, node5
- Zero-padded ranges: `node[01-05]` → node01, node02, ...
- Comma-separated values: `node[1,3,5]` → node1, node3, node5
- Cartesian product: `rack[1-2]-node[1-3]` → 6 hosts
- File input with `^/path/to/hostfile`
- **In-TUI Log Panel**: Toggle visibility with `l` key
- Color-coded by level (ERROR red, WARN yellow)
- Configurable buffer size via BSSH_TUI_LOG_MAX_ENTRIES
- **--connect-timeout Option**: Separate connection timeout from command timeout
- Default: 30 seconds, minimum: 1 second
### Improvements
- CI workflow simplification by merging jobs into single pipeline
### Bug Fixes
- Fixed --timeout 0 handling to correctly treat as unlimited instead of ignoring
- Fixed #[serial] attribute for env var tests to prevent race conditions
- Fixed connect_timeout propagation through all SSH connection paths
### CI/CD Improvements
- Simplified CI workflow by merging multiple jobs into single pipeline
### Technical Details
- pdsh compatibility layer core infrastructure
- Comprehensive hostlist expression parser with cartesian product support
- Added explicit CLI test for --timeout 0 behavior
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Wed, 18 Dec 2025 00:00:00 +0900
bssh (1.4.2-1~jammy1) jammy; urgency=medium
* v1.4.2
### New Features
None
### Improvements
None
### Bug Fixes
- **PTY Session Fixes**: Fixed terminal escape sequence responses and paste functionality
- Fixed terminal escape sequence responses displayed on first prompt when starting tmux (#90)
- Fixed paste not working in PTY sessions (#89)
### CI/CD Improvements
None
### Technical Details
- Terminal handling improvements for PTY sessions
- Better compatibility with tmux and terminal multiplexers
### Dependencies
- Bumped dependencies to latest versions
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 16 Dec 2025 00:00:00 +0900
bssh (1.4.1-1~jammy1) jammy; urgency=medium
* v1.4.1
### New Features
None
### Improvements
- **TUI Module Documentation**: Added comprehensive TUI module documentation to README.md and ARCHITECTURE.md
- Detailed keyboard shortcuts reference table
- View modes description table
- TUI activation conditions and requirements
- **Test Coverage**: Added 84 new tests for TUI and streaming execution
- tests/tui_snapshot_tests.rs: 20 tests for TUI rendering
- tests/tui_event_tests.rs: 36 tests for keyboard navigation and view transitions
- tests/streaming_integration_tests.rs: 28 tests for streaming infrastructure
- benches/large_output_benchmark.rs: Performance benchmarks for large output handling
### Bug Fixes
- **Password Fallback Extension**: Extended password fallback to handle SSH agent authentication failures
- Now correctly triggers for AgentAuthenticationFailed, AgentNoIdentities, AgentConnectionFailed, AgentRequestIdentitiesFailed
- Added is_auth_error_for_password_fallback() helper for testability
- Added unit tests and integration tests for password fallback
### CI/CD Improvements
None
### Technical Details
- Added insta 1.34 for snapshot testing
- Added criterion 0.5 for benchmarking
- Added mockall 0.12 for mocking in integration tests
- Refactored test code for improved quality
### Dependencies
- insta 1.34 (dev-dependency)
- criterion 0.5 (dev-dependency)
- mockall 0.12 (dev-dependency)
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 16 Dec 2025 00:00:00 +0900
bssh (1.4.0-1~jammy1) jammy; urgency=medium
* v1.4.0
### New Features
- **Sudo Password Support**: Added `-S/--sudo-password` flag for automated sudo authentication
- Securely prompts for sudo password before command execution
- Automatically detects and responds to sudo password prompts
- Works with both streaming and non-streaming execution modes
- `BSSH_SUDO_PASSWORD` environment variable support (with security warnings)
- Uses `secrecy` crate for secure memory handling
- Password cleared from memory immediately after use
### Improvements
- **Password Fallback**: Improved SSH debugging for compatibility
- Enhanced password authentication fallback logic
- Better error messages for SSH connection issues
- **Developer Tooling**: Added githooks setup script for development workflow
### Bug Fixes
- Fixed clippy warnings for useless_vec and same_item_push
- Improved SSH compatibility with password fallback mechanism
### CI/CD Improvements
- Added setup script for githooks
### Technical Details
- Secure memory handling with secrecy and zeroize crates
- Automatic sudo prompt detection and response
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Sun, 15 Dec 2025 00:00:00 +0900
bssh (1.3.0-1~jammy1) jammy; urgency=medium
* v1.3.0
### New Features
- **Interactive TUI**: Added interactive Terminal User Interface with multiple view modes
- Summary view: All nodes at a glance with progress bars
- Detail view (1-9): Full output from specific node with scrolling
- Split view (s): Monitor 2-4 nodes simultaneously
- Diff view (d): Compare output from two nodes side-by-side
- Auto-scroll (f): Toggle automatic scrolling
- Navigation: Arrow keys, PgUp/PgDn, Home/End
- Help (?): Show keyboard shortcuts
- **Multi-node Stream Management**: Phase 2 streaming infrastructure
- Real-time output modes for multi-node operations
- Stream mode with [node] prefixes for real-time monitoring
### Bug Fixes
- **PTY Escape Sequence Filtering**: Filter terminal escape sequence responses in PTY sessions
- Fixed issue with terminal response codes appearing in output
### Technical Details
- Implemented ratatui-based TUI rendering
- Added multi-node output aggregation and display
- Enhanced streaming infrastructure for real-time updates
-- Jeongkyu Shin <inureyes@gmail.com> Wed, 10 Dec 2025 00:00:00 +0900
bssh (1.2.2-1~jammy1) jammy; urgency=medium
* v1.2.2
### Bug Fixes
- **Backend.AI Auto-detection**: Improved host heuristics for Backend.AI environments
- Added localhost and localhost.localdomain detection
- Added IPv4 address validation (127.0.0.1, 192.168.x.x, etc.)
- Enhanced detection for user@host, host:port, FQDN, IPv6 patterns
- Users can now use `bssh localhost "command"` naturally in Backend.AI
- 16 comprehensive tests added for host detection logic
### Technical Details
- Extracted testable `looks_like_host_specification()` function
- Added `is_ipv4_address()` helper with strict validation
- Performance optimized with early returns
- Updated ARCHITECTURE.md with detailed documentation
-- Jeongkyu Shin <inureyes@gmail.com> Tue, 29 Oct 2025 00:00:00 +0900
bssh (1.2.1-1~jammy1) jammy; urgency=medium
* v1.2.1
### Bug Fixes
- **Password Authentication**: Fixed password authentication fallback in interactive mode
- Re-implemented proper password authentication fallback logic
- Ensured password prompt works correctly after key-based auth fails
- **Test Race Condition**: Fixed race condition in RankDetector tests
- Added #[serial] attribute to prevent environment variable conflicts
- Tests now run sequentially when accessing shared environment state
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 28 Oct 2025 00:00:00 +0900
bssh (1.2.0-1~jammy1) jammy; urgency=medium
* v1.2.0
### BREAKING CHANGES
- **Exit Code Behavior Changed**: Now returns main rank's actual exit code by default
- Old behavior (v1.0-v1.1): Returns 0 only if all nodes succeed, 1 if any fail
- New behavior (v1.2.0+): Returns main rank's actual exit code (matches MPI standard)
- Migration: Use --require-all-success flag to preserve old behavior
- Benefit: Preserves actual exit codes (139=SIGSEGV, 137=OOM, 124=timeout)
### New Features
- **Exit Code Strategy**: Main rank exit code returned by default
- Matches MPI standard tools (mpirun, srun, mpiexec)
- Preserves actual exit codes for better diagnostics
- --require-all-success flag for legacy behavior
- --check-all-nodes flag for hybrid mode
- Automatic main rank detection via BACKENDAI_CLUSTER_ROLE
- **Example Scripts**: Added mpi_exit_code.sh and health_check.sh examples
### Improvements
- Exit code behavior aligns with HPC and distributed computing best practices
- Enables sophisticated error handling in shell scripts and CI/CD pipelines
### Bug Fixes
- Fixed security-framework dependency version (downgraded from 3.5.1 to 2.12.1)
- Fixed cargo clippy warnings in test code
### Testing
- Added comprehensive exit code tests (86 total test cases)
- Added serial test runner for environment-dependent tests
- Documentation updates for breaking changes in README, CHANGELOG, ARCHITECTURE
### Dependencies
- Updated security-framework to 2.12.1 for better compatibility
-- Jeongkyu Shin <inureyes@gmail.com> Sun, 27 Oct 2025 21:00:00 +0900
bssh (1.1.0-1~jammy1) jammy; urgency=medium
* v1.1.0
### New Features
- **macOS Keychain Integration**: Complete Phase 2 implementation of UseKeychain SSH option
- Automatic passphrase storage in macOS Keychain after successful authentication
- Automatic passphrase retrieval before prompting user
- Secure memory handling with Zeroizing for all sensitive data
- Integration with SSH config UseKeychain option per host
- **ProxyUseFdpass Support**: Added ProxyUseFdpass SSH configuration option
- Optimizes ProxyCommand usage by passing connected file descriptors
- Reduces overhead from lingering processes and extra read/write operations
- **Password Authentication Fallback**: Automatic password retry when key-based auth fails
- Matches OpenSSH standard behavior
- Interactive terminal detection with TTY checks
- Works for both exec and interactive modes
### Improvements
- **Security Enhancements**: Multiple security improvements from PR review
- SSH key file ownership validation (prevents storing passphrases for others' keys)
- User consent prompt before password fallback authentication
- Rate limiting between authentication attempts (prevents brute-force)
- World-readable SSH key permission warnings
- **Code Quality**: Eliminated 251 lines of code duplication in connection logic
- **Cross-Platform**: All macOS-specific code properly isolated with conditional compilation
### Bug Fixes
- Fixed clippy warnings (unused_mut, unused_imports, dead_code) on non-macOS platforms
- Fixed interactive mode missing use_keychain field causing authentication failures
- Fixed password prompt not appearing when connecting to new servers
### Dependencies
- Added security-framework crate for macOS Keychain API integration
- Added libc crate for macOS user ID checks
-- Jeongkyu Shin <inureyes@gmail.com> Fri, 24 Oct 2025 17:31:48 +0900
bssh (1.0.0-1~jammy1) jammy; urgency=medium
* v1.0.0
### New Features
- **Comprehensive SSH Configuration Support**: Added ~71 SSH configuration options (~69% coverage of OpenSSH's 103 options)
- Certificate Authentication Options: CertificateFile, CASignatureAlgorithms, HostbasedAuthentication, HostbasedAcceptedAlgorithms
- Advanced Port Forwarding Control: GatewayPorts, ExitOnForwardFailure, PermitRemoteOpen
- Command Execution and Automation: PermitLocalCommand, LocalCommand, RemoteCommand, KnownHostsCommand, ForkAfterAuthentication, SessionType, StdinNull
- Host Key Verification & Security: NoHostAuthenticationForLocalhost, HashKnownHosts, CheckHostIP, VisualHostKey, HostKeyAlias, VerifyHostKeyDNS, UpdateHostKeys
- Additional Authentication Options: NumberOfPasswordPrompts, EnableSSHKeysign
- Network & Connection Options: BindInterface, IPQoS, RekeyLimit
- X11 Forwarding Options: ForwardX11Timeout, ForwardX11Trusted
- Authentication and Security Management: IdentitiesOnly, AddKeysToAgent, IdentityAgent, PubkeyAcceptedAlgorithms, RequiredRSASize, FingerprintHash
- Include and Match directive support for flexible configuration
- Support for both "Option Value" and "Option=Value" syntax
### Improvements
- **Modular SSH Config Parser**: Refactored oversized parser.rs (1706 lines) into category-based modules (~200-350 lines each)
- **Enhanced Security**: Comprehensive security hardening for SSH configuration
- Path validation to prevent usage of sensitive system files
- Memory exhaustion prevention with entry limits
- Command injection prevention for LocalCommand and KnownHostsCommand
- Token validation and dangerous character detection
- Algorithm list validation with deduplication
- **Terminology Cleanup**: Removed phase terminology from codebase and documentation for better clarity
### Bug Fixes
- Fixed critical security vulnerabilities in SSH config parser (Priority: CRITICAL/HIGH)
- Enhanced input validation and error handling
### CI/CD Improvements
None
### Technical Details
- Enhanced SSH configuration merging logic with proper priority handling
- Comprehensive test coverage: 278 tests including parser, resolver, integration, and security tests
- Improved code organization and maintainability with modular structure
- Support for scalar option override and vector option accumulation with deduplication
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 24 Oct 2025 00:00:00 +0900
bssh (0.9.1-1~jammy1) jammy; urgency=medium
* v0.9.1
### New Features
None
### Improvements
- **PTY Terminal Modes**: Complete implementation of PTY terminal modes for better interactive session support
- **Shift Key Input Support**: Full Shift key input handling in PTY mode for proper terminal behavior
### Bug Fixes
- Fixed terminal mode implementation for PTY sessions
- Improved Shift key input handling in interactive mode
### CI/CD Improvements
None
### Technical Details
- Enhanced terminal mode settings for PTY allocation
- Implemented proper terminal flag handling for interactive sessions
- Improved keyboard input processing for special keys
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 14 Oct 2025 00:00:00 +0900
bssh (0.9.0-1~jammy1) jammy; urgency=medium
* v0.9.0
### New Features
- **SSH ProxyJump File Transfer Support**: Added complete file transfer operations through SSH jump hosts (#39)
- Upload single files through jump host chains
- Download single files through jump hosts
- Upload directories recursively through jump hosts
- Download directories through jump hosts
- All file transfer operations now fully support multi-hop SSH connections
### Improvements
- **Jump Host Interactive Mode**: Interactive shell sessions now work through jump hosts
- Dynamic timeout calculation based on hop count (30s base + 15s per hop)
- Prevents premature timeouts on multi-hop connections
- Full authentication support (SSH keys, agent, password) for each hop
- **Package Updates**: Updated dependencies to latest versions for better security and stability
### Bug Fixes
- Fixed interactive mode timeout issues when connecting through jump hosts
- Fixed file transfer operations not working with jump host chains
### CI/CD Improvements
None
### Technical Details
- Parallel Executor Integration: Jump host support across all parallel operations
- Updated executor.rs to propagate jump_hosts to all node operations
- Maintains backward compatibility with Option<&str> type
- All *_to_node() functions now accept jump_hosts parameter
### Dependencies
- Added serial_test dependency for thread-safe environment variable testing
- Updated various dependencies for security patches
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 14 Oct 2025 00:00:00 +0900
bssh (0.8.0-1~jammy1) jammy; urgency=medium
* v0.8.0
### New Features
- **SSH Port Forwarding**: Added comprehensive SSH port forwarding support with local (-L), remote (-R), and dynamic (-D) SOCKS5 forwarding (#31)
- Local port forwarding for accessing remote services through local ports
- Remote port forwarding for exposing local services to remote servers
- Dynamic port forwarding with SOCKS5 proxy support
- Multiple simultaneous port forwarding configurations
- Full integration with all authentication methods
### Improvements
- **Error Handling**: Removed dangerous unwrap() calls throughout the codebase for better stability (#35)
- **SSH Error Messages**: Improved error messages for SSH connection failures and authentication issues (#36)
- **Command Execution**: Enabled automatic command execution for better usability
### Bug Fixes
- Fixed potential panics from unwrap() calls in production code
- Improved error recovery and reporting for SSH operations
### CI/CD Improvements
None
### Technical Details
- Complete SSH port forwarding implementation with Phase 1 and Phase 2 features
- Comprehensive port forwarding architecture documentation
- Enhanced error handling with proper Result types and context
- Fixed DNS resolution errors in forwarding tests
### Dependencies
- No major dependency changes in this release
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 12 Sep 2025 00:00:00 +0900
bssh (0.7.0-1~jammy1) jammy; urgency=medium
* v0.7.0
### New Features
- **SSH Jump Host Support**: Added infrastructure and CLI integration for SSH jump hosts using OpenSSH-compatible -J syntax (#30)
- Robust parsing of OpenSSH ProxyJump format (e.g., `user@host:port,user2@host2:port2`)
- Support for single and multiple jump hosts in chain
- IPv6 address handling with bracket notation
- Comprehensive input validation and error handling
- Full integration with all commands (exec, ping, upload, download)
### Improvements
- **Ubuntu PPA**: Improved Ubuntu PPA build process and package generation
- **Debian Packaging**: Enhanced Cargo vendor support for older distribution compatibility
### Bug Fixes
- Fixed Ubuntu PPA update issues
- Fixed deprecated GitHub Actions by replacing actions-rs/toolchain with dtolnay/rust-toolchain
### CI/CD Improvements
- Modernized GitHub Actions workflow by removing deprecated actions
- Improved build process for Debian-based distributions
### Technical Details
- Jump host parser implementation with comprehensive error handling
- OpenSSH-compatible command-line syntax for ProxyJump functionality
- Enhanced logging for jump host connection debugging
### Dependencies
- No major dependency changes in this release
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Sat, 30 Aug 2025 08:48:19 +0900