bssh (2.1.2-1~jammy1) jammy; urgency=medium
* v2.1.2
### Bug Fixes
- Restore terminal mouse tracking state on PTY session disconnect (#190):
after a PTY session disconnects (normal exit, Ctrl+C, network drop, or
panic), the local terminal no longer prints raw SGR mouse escape
sequences. All cleanup paths now emit the full set of mouse-tracking-off
sequences (modes 1000, 1002, 1003, 1006, 1015) plus cursor-show and
alternate-screen-exit on teardown.
- Make force_terminal_cleanup safe to call from the panic hook: switch to
try_lock() so a poisoned mutex or self-held lock cannot deadlock or
secondary-panic during teardown.
### CI/CD Improvements
- Trigger Homebrew formula update only after the official release
(workflow_call from publish-release), not on every Release workflow run.
- Prevent double-trigger of the release workflow by removing the
"published" event type — publish-release already handles the
pre-release to official conversion.
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 27 Apr 2026 00:00:00 +0900
bssh (2.1.1-1~jammy1) jammy; urgency=high
* v2.1.1
### Bug Fixes
- Fixed bssh-server panic on every client connection: block_on() called inside
tokio async runtime for auth rate limiter ban check (#185)
- Fixed bssh-server rejecting authenticated clients: session not registered
with SessionManager after successful key/password verification (#185)
### Improvements
- Improved Launchpad PPA packaging for Rust 2024 edition
- Added sanitize-vendor.py for vendored crate checksum sanitization
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 17 Apr 2026 00:00:00 +0900
bssh (2.1.0-1~jammy1) jammy; urgency=medium
* v2.1.0
### New Features
- EnvGuard RAII wrapper for safe environment variable handling in tests (#179, #181)
### Improvements
- Migrated bssh and bundled bssh-russh crate to Rust 2024 edition
- Applied 2024 edition clippy improvements: collapsed 38 nested if-let statements into guard-clause form in bssh-russh
- Replaced 177 ad-hoc unsafe env::set_var/remove_var call sites across 17 test files with EnvGuard + #[serial]
- Removed hand-rolled ENV_MUTEX pattern in integration tests in favor of #[serial]
### Bug Fixes
- Fixed pattern matching for Rust 2024 edition: removed explicit ref / ref mut bindings in if-let patterns
### CI/CD Improvements
None
### Technical Details
- Added Test Environment-Variable Mutation Pattern section to ARCHITECTURE.md documenting EnvGuard soundness contract
### Dependencies
- Pinned bytes to v1.11.1
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Tue, 14 Apr 2026 12:00:00 +0900
bssh (2.0.1-1~jammy1) jammy; urgency=medium
* v2.0.1
### New Features
None
### Improvements
- Add bssh-keygen to Debian package build pipeline
### Bug Fixes
- Fix GitHub Actions debian_build.yml distro configuration (questing -> resolute)
### CI/CD Improvements
- Added bssh-keygen to Debian package matrix for all architectures
- Fixed GitHub Actions workflow validation issue in debian_build.yml
### Technical Details
- Created debian/control.bssh-keygen.binary and debian/rules.bssh-keygen.binary for bssh-keygen packaging
### Dependencies
- Bumped bssh-russh from 0.60.0 to 0.60.1 with RustCrypto security updates
- Updated RC dependency versions: rsa 0.10.0-rc.17, elliptic-curve 0.14.0-rc.30, p256/p384/p521 0.14.0-rc.8, ml-kem 0.3.0-rc.2
- Upgraded spki from 0.8.0-rc.4 to 0.8.0 (stable)
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Sun, 13 Apr 2026 12:00:00 +0900
bssh (2.0.0-1~jammy1) jammy; urgency=medium
* v2.0.0
### New Features
- **bssh-server SSH Server**: A lightweight SSH server designed for container environments
- Full SSH, SFTP, and SCP protocol support
- PTY/shell session support with terminal handling
- Password and public key authentication
- YAML-based comprehensive configuration system
- Command execution handler with security controls
- **Audit Logging Infrastructure**: Comprehensive audit logging system
- File-based audit exporter (JSON Lines format)
- OpenTelemetry audit exporter for observability platforms
- Logstash audit exporter for ELK stack integration
- **Security Features**: Enhanced security controls
- IP-based access control (allow/deny lists)
- Authentication rate limiting (fail2ban-like protection)
- Session management and connection limits
- Path traversal prevention in SFTP handler
- **File Transfer Filtering**: Control file transfers
- Path-based and pattern-based filter rules
- Configurable filter actions (allow/deny)
- **bssh-keygen Tool**: SSH key pair generation utility
- **Server Configuration Enhancements**
- Per-jump-host SSH private key configuration
- SSH config Host alias reference in jump_host configuration
- SSH keepalive settings in interactive mode
- **Separate Packaging**: bssh and bssh-server distributed as separate packages
### Improvements
- Added comprehensive server configuration manual and manpages
- Shared module structure for client/server code reuse
- Help examples and man pages now correctly use -C (uppercase) for the cluster flag
### Bug Fixes
- Fix inconsistent SSH idle disconnects: override russh's 10-minute inactivity_timeout when keepalive is enabled, enable TCP SO_KEEPALIVE on the socket via socket2, and wire user-configured server_alive_interval through the exec-mode code path (previously dropped at the ConnectionConfig boundary)
- Use consistent source package name in bssh-server Debian control file
- Use type inference for ioctl to support both glibc and musl builds in bssh-server
### CI/CD Improvements
- Updated release workflow for dual-package distribution
- Separate Debian packages for client and server
- Separate Homebrew formulas for each component
- Added Teams release notification
- Updated non-LTS Ubuntu target from 25.04 plucky to 25.10 questing
### Technical Details
- russh-based SSH server handler implementation
- Modular audit exporter architecture with trait-based design
- SshConnectionConfig::to_russh_config() now sets inactivity_timeout explicitly; to_tcp_keepalive() derives kernel TCP keepalive params
- Client::connect_with_config rewritten around russh::client::connect_stream to apply SO_KEEPALIVE before handshake
- Key-gen sites use rand::rng() directly now that rand 0.10 stable is reachable
### Dependencies
- Synced bssh-russh fork with upstream warp-tech/russh v0.60.0, pulling in the RustCrypto migration
- rand 0.8 -> 0.10 stable (via rand_core 0.10.0), signature 3.0.0-rc.10, ed25519-dalek 3.0.0-pre.6, elliptic-curve 0.14.0-rc.28, p256/p384/p521 0.14.0-rc.7, ecdsa 0.17.0-rc.16, curve25519-dalek 5.0.0-pre.6, der 0.8, sec1 0.8, pkcs8 0.11.0-rc.11, pkcs5 0.8.0-rc.13, spki 0.8.0-rc.4, ml-kem 0.3.0-rc.1, ssh-key 0.6.18
- tokio 1.50.0 -> 1.51.1, socket2 0.6.1 -> 0.6.3, signal-hook 0.4.3 -> 0.4.4, fastrand 2.3.0 -> 2.4.1, async-compression 0.4.37 -> 0.4.41, bytes 1.11.0 -> 1.11.1
### Breaking Changes
- Package split: bssh-server now requires separate installation
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 13 Apr 2026 12:00:00 +0900
bssh (1.7.0-1~jammy1) jammy; urgency=medium
* v1.7.0
### New Features
- **SSH Keepalive Support**: Added SSH keepalive to prevent idle connection timeouts (#122)
- `--server-alive-interval` option: Configure keepalive interval in seconds (default: 60, 0 to disable)
- `--server-alive-count-max` option: Maximum keepalive messages without response before disconnect (default: 3)
- Configuration support in config.yaml via `server_alive_interval` and `server_alive_count_max` fields
- Helps maintain long-running sessions through firewalls that drop idle connections
### Improvements
- **Documentation**: Added GitHub downloads badge to README
### Bug Fixes
None
### CI/CD Improvements
None
### Technical Details
- Implemented SSH keepalive packet sending at configurable intervals
- Automatic connection termination after max retries without response
- Full integration with all execution modes (exec, interactive, file transfer)
### Dependencies
- Updated russh from 0.55.0 to 0.56.0
- Updated ratatui from 0.29.0 to 0.30.0
- Updated signal-hook from 0.3.18 to 0.4.1
- Updated whoami from 1.6.1 to 2.0.1
- Updated unicode-width from 0.2.0 to 0.2.2
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 09 Jan 2026 00:00:00 +0900
bssh (1.6.0-1~jammy1) jammy; urgency=medium
* v1.6.0
### New Features
- **Jump Host Configuration Support in YAML**: Added `jump_host` field support in config.yaml (issue #115)
- Global defaults level: `defaults.jump_host` for all clusters
- Cluster level: `clusters.<name>.jump_host` for cluster-specific settings
- Node level: Per-node `jump_host` in detailed node configuration
- Environment variable expansion supported (`${VAR}` or `$VAR` syntax)
- Empty string (`""`) explicitly disables jump host inheritance
- CLI `-J` option always takes precedence over configuration
### Improvements
- **SSH Config ProxyJump Directive**: Apply SSH config ProxyJump directive when -J option not specified (issue #117)
- ProxyJump directive from SSH config now properly applied as fallback
- Priority order: CLI `-J` > config.yaml jump_host > SSH config ProxyJump
- **Documentation**: Added comprehensive jump_host configuration documentation
- Updated README.md with configuration examples
- Added docs/architecture/ssh-jump-hosts.md with detailed architecture
- Updated example-config.yaml with all jump_host configuration patterns
### Bug Fixes
- **Jump Host Authentication**: Fix jump host authentication fails with empty SSH agent (issue #116)
- Properly handle empty SSH agent when authenticating through jump hosts
- Fall back to key-based authentication when agent has no identities
- **Config Fallback**: Apply expand_env_vars to jump_host and add config fallback for exec/interactive
- Environment variables now properly expanded in jump_host values
- Configuration jump_host properly used in exec and interactive modes
### CI/CD Improvements
- Updated GitHub workflows
### Technical Details
- Added ConfigResolver::resolve_jump_host() method for centralized jump host resolution
- Jump host priority: CLI > Node > Cluster > Global defaults
- Comprehensive test coverage: 424 lines of tests for jump_host configuration
- Integration tests for all priority levels and edge cases
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 19 Dec 2025 00:00:00 +0900
bssh (1.5.1-1~jammy1) jammy; urgency=medium
* v1.5.1
### New Features
None
### Improvements
None
### Bug Fixes
- **SSH Disconnect Error Handling**: Handle SshError(Disconnect) during authentication for password fallback (issue #113)
- Fixed handling of SSH disconnect errors during authentication phase
- Enables proper password fallback when SSH connection is disconnected during auth
### CI/CD Improvements
None
### Technical Details
- Extended auth error matching to include SshError::Disconnect variant
- Improved robustness of password fallback authentication flow
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Wed, 18 Dec 2025 00:00:00 +0900
bssh (1.5.0-1~jammy1) jammy; urgency=medium
* v1.5.0
### New Features
- **pdsh Compatibility Mode**: Full pdsh-style command line compatibility
- `-w hosts` option mapped to `-H hosts` for target host specification
- `-x hosts` option mapped to `--exclude hosts` for host exclusion
- `-f N` option mapped to `--parallel N` for fanout control
- `-l user` option for remote username
- `-N` option for disabling hostname prefix in output
- `-b` option for batch mode (single Ctrl+C termination)
- `-k` option for fail-fast mode (stop on first failure)
- `-q` query mode to show target hosts and exit
- **Hostlist Expressions**: pdsh-style range expansion support
- Range expansion: `node[1-5]` → node1, node2, node3, node4, node5
- Zero-padded ranges: `node[01-05]` → node01, node02, ...
- Comma-separated values: `node[1,3,5]` → node1, node3, node5
- Cartesian product: `rack[1-2]-node[1-3]` → 6 hosts
- File input with `^/path/to/hostfile`
- **In-TUI Log Panel**: Toggle visibility with `l` key
- Color-coded by level (ERROR red, WARN yellow)
- Configurable buffer size via BSSH_TUI_LOG_MAX_ENTRIES
- **--connect-timeout Option**: Separate connection timeout from command timeout
- Default: 30 seconds, minimum: 1 second
### Improvements
- CI workflow simplification by merging jobs into single pipeline
### Bug Fixes
- Fixed --timeout 0 handling to correctly treat as unlimited instead of ignoring
- Fixed #[serial] attribute for env var tests to prevent race conditions
- Fixed connect_timeout propagation through all SSH connection paths
### CI/CD Improvements
- Simplified CI workflow by merging multiple jobs into single pipeline
### Technical Details
- pdsh compatibility layer core infrastructure
- Comprehensive hostlist expression parser with cartesian product support
- Added explicit CLI test for --timeout 0 behavior
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Wed, 18 Dec 2025 00:00:00 +0900
bssh (1.4.2-1~jammy1) jammy; urgency=medium
* v1.4.2
### New Features
None
### Improvements
None
### Bug Fixes
- **PTY Session Fixes**: Fixed terminal escape sequence responses and paste functionality
- Fixed terminal escape sequence responses displayed on first prompt when starting tmux (#90)
- Fixed paste not working in PTY sessions (#89)
### CI/CD Improvements
None
### Technical Details
- Terminal handling improvements for PTY sessions
- Better compatibility with tmux and terminal multiplexers
### Dependencies
- Bumped dependencies to latest versions
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 16 Dec 2025 00:00:00 +0900
bssh (1.4.1-1~jammy1) jammy; urgency=medium
* v1.4.1
### New Features
None
### Improvements
- **TUI Module Documentation**: Added comprehensive TUI module documentation to README.md and ARCHITECTURE.md
- Detailed keyboard shortcuts reference table
- View modes description table
- TUI activation conditions and requirements
- **Test Coverage**: Added 84 new tests for TUI and streaming execution
- tests/tui_snapshot_tests.rs: 20 tests for TUI rendering
- tests/tui_event_tests.rs: 36 tests for keyboard navigation and view transitions
- tests/streaming_integration_tests.rs: 28 tests for streaming infrastructure
- benches/large_output_benchmark.rs: Performance benchmarks for large output handling
### Bug Fixes
- **Password Fallback Extension**: Extended password fallback to handle SSH agent authentication failures
- Now correctly triggers for AgentAuthenticationFailed, AgentNoIdentities, AgentConnectionFailed, AgentRequestIdentitiesFailed
- Added is_auth_error_for_password_fallback() helper for testability
- Added unit tests and integration tests for password fallback
### CI/CD Improvements
None
### Technical Details
- Added insta 1.34 for snapshot testing
- Added criterion 0.5 for benchmarking
- Added mockall 0.12 for mocking in integration tests
- Refactored test code for improved quality
### Dependencies
- insta 1.34 (dev-dependency)
- criterion 0.5 (dev-dependency)
- mockall 0.12 (dev-dependency)
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 16 Dec 2025 00:00:00 +0900
bssh (1.4.0-1~jammy1) jammy; urgency=medium
* v1.4.0
### New Features
- **Sudo Password Support**: Added `-S/--sudo-password` flag for automated sudo authentication
- Securely prompts for sudo password before command execution
- Automatically detects and responds to sudo password prompts
- Works with both streaming and non-streaming execution modes
- `BSSH_SUDO_PASSWORD` environment variable support (with security warnings)
- Uses `secrecy` crate for secure memory handling
- Password cleared from memory immediately after use
### Improvements
- **Password Fallback**: Improved SSH debugging for compatibility
- Enhanced password authentication fallback logic
- Better error messages for SSH connection issues
- **Developer Tooling**: Added githooks setup script for development workflow
### Bug Fixes
- Fixed clippy warnings for useless_vec and same_item_push
- Improved SSH compatibility with password fallback mechanism
### CI/CD Improvements
- Added setup script for githooks
### Technical Details
- Secure memory handling with secrecy and zeroize crates
- Automatic sudo prompt detection and response
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Sun, 15 Dec 2025 00:00:00 +0900
bssh (1.3.0-1~jammy1) jammy; urgency=medium
* v1.3.0
### New Features
- **Interactive TUI**: Added interactive Terminal User Interface with multiple view modes
- Summary view: All nodes at a glance with progress bars
- Detail view (1-9): Full output from specific node with scrolling
- Split view (s): Monitor 2-4 nodes simultaneously
- Diff view (d): Compare output from two nodes side-by-side
- Auto-scroll (f): Toggle automatic scrolling
- Navigation: Arrow keys, PgUp/PgDn, Home/End
- Help (?): Show keyboard shortcuts
- **Multi-node Stream Management**: Phase 2 streaming infrastructure
- Real-time output modes for multi-node operations
- Stream mode with [node] prefixes for real-time monitoring
### Bug Fixes
- **PTY Escape Sequence Filtering**: Filter terminal escape sequence responses in PTY sessions
- Fixed issue with terminal response codes appearing in output
### Technical Details
- Implemented ratatui-based TUI rendering
- Added multi-node output aggregation and display
- Enhanced streaming infrastructure for real-time updates
-- Jeongkyu Shin <inureyes@gmail.com> Wed, 10 Dec 2025 00:00:00 +0900
bssh (1.2.2-1~jammy1) jammy; urgency=medium
* v1.2.2
### Bug Fixes
- **Backend.AI Auto-detection**: Improved host heuristics for Backend.AI environments
- Added localhost and localhost.localdomain detection
- Added IPv4 address validation (127.0.0.1, 192.168.x.x, etc.)
- Enhanced detection for user@host, host:port, FQDN, IPv6 patterns
- Users can now use `bssh localhost "command"` naturally in Backend.AI
- 16 comprehensive tests added for host detection logic
### Technical Details
- Extracted testable `looks_like_host_specification()` function
- Added `is_ipv4_address()` helper with strict validation
- Performance optimized with early returns
- Updated ARCHITECTURE.md with detailed documentation
-- Jeongkyu Shin <inureyes@gmail.com> Tue, 29 Oct 2025 00:00:00 +0900
bssh (1.2.1-1~jammy1) jammy; urgency=medium
* v1.2.1
### Bug Fixes
- **Password Authentication**: Fixed password authentication fallback in interactive mode
- Re-implemented proper password authentication fallback logic
- Ensured password prompt works correctly after key-based auth fails
- **Test Race Condition**: Fixed race condition in RankDetector tests
- Added #[serial] attribute to prevent environment variable conflicts
- Tests now run sequentially when accessing shared environment state
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 28 Oct 2025 00:00:00 +0900
bssh (1.2.0-1~jammy1) jammy; urgency=medium
* v1.2.0
### BREAKING CHANGES
- **Exit Code Behavior Changed**: Now returns main rank's actual exit code by default
- Old behavior (v1.0-v1.1): Returns 0 only if all nodes succeed, 1 if any fail
- New behavior (v1.2.0+): Returns main rank's actual exit code (matches MPI standard)
- Migration: Use --require-all-success flag to preserve old behavior
- Benefit: Preserves actual exit codes (139=SIGSEGV, 137=OOM, 124=timeout)
### New Features
- **Exit Code Strategy**: Main rank exit code returned by default
- Matches MPI standard tools (mpirun, srun, mpiexec)
- Preserves actual exit codes for better diagnostics
- --require-all-success flag for legacy behavior
- --check-all-nodes flag for hybrid mode
- Automatic main rank detection via BACKENDAI_CLUSTER_ROLE
- **Example Scripts**: Added mpi_exit_code.sh and health_check.sh examples
### Improvements
- Exit code behavior aligns with HPC and distributed computing best practices
- Enables sophisticated error handling in shell scripts and CI/CD pipelines
### Bug Fixes
- Fixed security-framework dependency version (downgraded from 3.5.1 to 2.12.1)
- Fixed cargo clippy warnings in test code
### Testing
- Added comprehensive exit code tests (86 total test cases)
- Added serial test runner for environment-dependent tests
- Documentation updates for breaking changes in README, CHANGELOG, ARCHITECTURE
### Dependencies
- Updated security-framework to 2.12.1 for better compatibility
-- Jeongkyu Shin <inureyes@gmail.com> Sun, 27 Oct 2025 21:00:00 +0900
bssh (1.1.0-1~jammy1) jammy; urgency=medium
* v1.1.0
### New Features
- **macOS Keychain Integration**: Complete Phase 2 implementation of UseKeychain SSH option
- Automatic passphrase storage in macOS Keychain after successful authentication
- Automatic passphrase retrieval before prompting user
- Secure memory handling with Zeroizing for all sensitive data
- Integration with SSH config UseKeychain option per host
- **ProxyUseFdpass Support**: Added ProxyUseFdpass SSH configuration option
- Optimizes ProxyCommand usage by passing connected file descriptors
- Reduces overhead from lingering processes and extra read/write operations
- **Password Authentication Fallback**: Automatic password retry when key-based auth fails
- Matches OpenSSH standard behavior
- Interactive terminal detection with TTY checks
- Works for both exec and interactive modes
### Improvements
- **Security Enhancements**: Multiple security improvements from PR review
- SSH key file ownership validation (prevents storing passphrases for others' keys)
- User consent prompt before password fallback authentication
- Rate limiting between authentication attempts (prevents brute-force)
- World-readable SSH key permission warnings
- **Code Quality**: Eliminated 251 lines of code duplication in connection logic
- **Cross-Platform**: All macOS-specific code properly isolated with conditional compilation
### Bug Fixes
- Fixed clippy warnings (unused_mut, unused_imports, dead_code) on non-macOS platforms
- Fixed interactive mode missing use_keychain field causing authentication failures
- Fixed password prompt not appearing when connecting to new servers
### Dependencies
- Added security-framework crate for macOS Keychain API integration
- Added libc crate for macOS user ID checks
-- Jeongkyu Shin <inureyes@gmail.com> Fri, 24 Oct 2025 17:31:48 +0900
bssh (1.0.0-1~jammy1) jammy; urgency=medium
* v1.0.0
### New Features
- **Comprehensive SSH Configuration Support**: Added ~71 SSH configuration options (~69% coverage of OpenSSH's 103 options)
- Certificate Authentication Options: CertificateFile, CASignatureAlgorithms, HostbasedAuthentication, HostbasedAcceptedAlgorithms
- Advanced Port Forwarding Control: GatewayPorts, ExitOnForwardFailure, PermitRemoteOpen
- Command Execution and Automation: PermitLocalCommand, LocalCommand, RemoteCommand, KnownHostsCommand, ForkAfterAuthentication, SessionType, StdinNull
- Host Key Verification & Security: NoHostAuthenticationForLocalhost, HashKnownHosts, CheckHostIP, VisualHostKey, HostKeyAlias, VerifyHostKeyDNS, UpdateHostKeys
- Additional Authentication Options: NumberOfPasswordPrompts, EnableSSHKeysign
- Network & Connection Options: BindInterface, IPQoS, RekeyLimit
- X11 Forwarding Options: ForwardX11Timeout, ForwardX11Trusted
- Authentication and Security Management: IdentitiesOnly, AddKeysToAgent, IdentityAgent, PubkeyAcceptedAlgorithms, RequiredRSASize, FingerprintHash
- Include and Match directive support for flexible configuration
- Support for both "Option Value" and "Option=Value" syntax
### Improvements
- **Modular SSH Config Parser**: Refactored oversized parser.rs (1706 lines) into category-based modules (~200-350 lines each)
- **Enhanced Security**: Comprehensive security hardening for SSH configuration
- Path validation to prevent usage of sensitive system files
- Memory exhaustion prevention with entry limits
- Command injection prevention for LocalCommand and KnownHostsCommand
- Token validation and dangerous character detection
- Algorithm list validation with deduplication
- **Terminology Cleanup**: Removed phase terminology from codebase and documentation for better clarity
### Bug Fixes
- Fixed critical security vulnerabilities in SSH config parser (Priority: CRITICAL/HIGH)
- Enhanced input validation and error handling
### CI/CD Improvements
None
### Technical Details
- Enhanced SSH configuration merging logic with proper priority handling
- Comprehensive test coverage: 278 tests including parser, resolver, integration, and security tests
- Improved code organization and maintainability with modular structure
- Support for scalar option override and vector option accumulation with deduplication
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 24 Oct 2025 00:00:00 +0900
bssh (0.9.1-1~jammy1) jammy; urgency=medium
* v0.9.1
### New Features
None
### Improvements
- **PTY Terminal Modes**: Complete implementation of PTY terminal modes for better interactive session support
- **Shift Key Input Support**: Full Shift key input handling in PTY mode for proper terminal behavior
### Bug Fixes
- Fixed terminal mode implementation for PTY sessions
- Improved Shift key input handling in interactive mode
### CI/CD Improvements
None
### Technical Details
- Enhanced terminal mode settings for PTY allocation
- Implemented proper terminal flag handling for interactive sessions
- Improved keyboard input processing for special keys
### Dependencies
None
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 14 Oct 2025 00:00:00 +0900
bssh (0.9.0-1~jammy1) jammy; urgency=medium
* v0.9.0
### New Features
- **SSH ProxyJump File Transfer Support**: Added complete file transfer operations through SSH jump hosts (#39)
- Upload single files through jump host chains
- Download single files through jump hosts
- Upload directories recursively through jump hosts
- Download directories through jump hosts
- All file transfer operations now fully support multi-hop SSH connections
### Improvements
- **Jump Host Interactive Mode**: Interactive shell sessions now work through jump hosts
- Dynamic timeout calculation based on hop count (30s base + 15s per hop)
- Prevents premature timeouts on multi-hop connections
- Full authentication support (SSH keys, agent, password) for each hop
- **Package Updates**: Updated dependencies to latest versions for better security and stability
### Bug Fixes
- Fixed interactive mode timeout issues when connecting through jump hosts
- Fixed file transfer operations not working with jump host chains
### CI/CD Improvements
None
### Technical Details
- Parallel Executor Integration: Jump host support across all parallel operations
- Updated executor.rs to propagate jump_hosts to all node operations
- Maintains backward compatibility with Option<&str> type
- All *_to_node() functions now accept jump_hosts parameter
### Dependencies
- Added serial_test dependency for thread-safe environment variable testing
- Updated various dependencies for security patches
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Mon, 14 Oct 2025 00:00:00 +0900
bssh (0.8.0-1~jammy1) jammy; urgency=medium
* v0.8.0
### New Features
- **SSH Port Forwarding**: Added comprehensive SSH port forwarding support with local (-L), remote (-R), and dynamic (-D) SOCKS5 forwarding (#31)
- Local port forwarding for accessing remote services through local ports
- Remote port forwarding for exposing local services to remote servers
- Dynamic port forwarding with SOCKS5 proxy support
- Multiple simultaneous port forwarding configurations
- Full integration with all authentication methods
### Improvements
- **Error Handling**: Removed dangerous unwrap() calls throughout the codebase for better stability (#35)
- **SSH Error Messages**: Improved error messages for SSH connection failures and authentication issues (#36)
- **Command Execution**: Enabled automatic command execution for better usability
### Bug Fixes
- Fixed potential panics from unwrap() calls in production code
- Improved error recovery and reporting for SSH operations
### CI/CD Improvements
None
### Technical Details
- Complete SSH port forwarding implementation with Phase 1 and Phase 2 features
- Comprehensive port forwarding architecture documentation
- Enhanced error handling with proper Result types and context
- Fixed DNS resolution errors in forwarding tests
### Dependencies
- No major dependency changes in this release
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Thu, 12 Sep 2025 00:00:00 +0900
bssh (0.7.0-1~jammy1) jammy; urgency=medium
* v0.7.0
### New Features
- **SSH Jump Host Support**: Added infrastructure and CLI integration for SSH jump hosts using OpenSSH-compatible -J syntax (#30)
- Robust parsing of OpenSSH ProxyJump format (e.g., `user@host:port,user2@host2:port2`)
- Support for single and multiple jump hosts in chain
- IPv6 address handling with bracket notation
- Comprehensive input validation and error handling
- Full integration with all commands (exec, ping, upload, download)
### Improvements
- **Ubuntu PPA**: Improved Ubuntu PPA build process and package generation
- **Debian Packaging**: Enhanced Cargo vendor support for older distribution compatibility
### Bug Fixes
- Fixed Ubuntu PPA update issues
- Fixed deprecated GitHub Actions by replacing actions-rs/toolchain with dtolnay/rust-toolchain
### CI/CD Improvements
- Modernized GitHub Actions workflow by removing deprecated actions
- Improved build process for Debian-based distributions
### Technical Details
- Jump host parser implementation with comprehensive error handling
- OpenSSH-compatible command-line syntax for ProxyJump functionality
- Enhanced logging for jump host connection debugging
### Dependencies
- No major dependency changes in this release
### Breaking Changes
None
### Known Issues
None
-- Jeongkyu Shin <inureyes@gmail.com> Sat, 30 Aug 2025 08:48:19 +0900