qssh 0.4.0

Post-quantum secure shell with NIST PQC algorithms (Falcon, SPHINCS+, ML-KEM), configurable security tiers, and quantum-resistant protocol design
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

# Changelog

All notable changes to QSSH are documented in this file.

## [0.3.1] - 2026-02-22

### Added

- **ProxyJump** (`-J user@jumphost`): Connect through intermediate hosts via DirectTcpip channel tunneling. Opens a PQ-encrypted channel through the jump host and bridges it to a local TCP socket pair for the final connection's handshake. Supports ProxyCommand (`%h`/`%p` substitution) via process stdio bridging.
- **Automatic Rekey Timer**: Periodic key rotation fires every `key_rotation_interval` seconds (default 3600). Uses Falcon-signed ephemeral shares + HKDF-SHA3-256 derivation. Transport crypto swapped atomically via RwLock with sequence number reset.
- **qsshd Daemonization**: Proper Unix double-fork daemon (`--daemon` flag). Runs fork/setsid before tokio runtime starts (thread-safe). PID file via `--pid-file` (default `/var/run/qsshd.pid`), stdio redirect to /dev/null.
- **Host Key Persistence**: `qsshd --generate-keys` now serializes SPHINCS+ and Falcon keys to binary file (QSSH v1 format with length-prefixed fields). Server loads keys on startup. Public key fingerprint (SHA-256) written to `.pub` file. File permissions set to 0600.
- `PqKeyExchange::to_bytes()` / `PqKeyExchange::from_bytes()` for key serialization
- `QsshClient::connect_via_stream()` for pre-established TCP connections
- 3 new unit tests for host key round-trip, invalid magic, and truncation

### Changed

- GSSAPI module gated behind `gssapi` feature flag (was always compiled, all operations return errors)
- Docker HEALTHCHECK: replaced non-functional qssh client probe with TCP port check
- Dockerfile: added qssh-sign and qssh-node binaries to Docker image
- Version bump to 0.3.1

## [0.3.0] - 2026-02-20

### Added

- **Auto-Reconnect** (`--persistent`): Exponential backoff reconnection with configurable max retries. `ReconnectConfig` struct with initial_delay (500ms), max_delay (30s), 2x multiplier.
- **Connection Multiplexing** (`-S <path>`): SSH-style ControlMaster/ControlClient. Auto-detects: if master exists, connect as client; otherwise become master. Unix socket for IPC.
- **Key Rotation (Rekey)**: Full Falcon key exchange over encrypted channel. Both sides generate new PqKeyExchange, exchange signed shares, derive new AES-256-GCM keys via HKDF-SHA3-256, atomically swap transport crypto. Sequence numbers reset to prevent nonce reuse.
- **Signing Service** (`qssh-sign`): Vault-based key management for QuantumHarmony node operators. Lamport OTS for one-time signatures, rate limiting, audit log with hash chain.
- **`qssh-node` CLI**: One-liner PQ tunnel to QuantumHarmony nodes. Auto-binds standard ports (9944, 8080, 8085, 9955, 3080), vault unlock, persistent reconnect by default.
- **SOCKS5 Proxy** (`-D`): Dynamic port forwarding via SOCKS5 proxy with CONNECT support
- **Remote Port Forwarding** (`-R`): Full implementation — client sends GlobalRequest(TcpipForward), server binds listener, opens ForwardedTcpip channels back to client for bidirectional bridging
- **PTY Dimension Tracking**: Sends terminal dimensions on connect, handles SIGWINCH resize

### Changed

- Transport crypto uses `Arc<RwLock<SymmetricCrypto>>` instead of `Arc<SymmetricCrypto>` for atomic rekey
- Default transport is quantum-native (768-byte frames)

### Fixed

- Removed dead code (unused imports, unreachable branches)
- Cleaned up unused `AsyncReadExt`, `KeyType` imports

## [0.2.0] - 2026-02-14

### Added

- **Security Tiers (T0-T5)**: Configurable security levels based on threat model
- **Connection Multiplexing**: Full SSH-style ControlMaster implementation
- **Quantum Transport KEM**: Complete bidirectional key exchange
- **Session Encryption**: HKDF-based session key derivation + AES-256-GCM

### Fixed

- DirectTcpipChannel::into_stream() returns Result instead of panic!
- Session keys no longer use placeholder zeros

### Security

- Removed vulnerable Kyber algorithms (KyberSlash)
- Added replay attack protection with sequence numbers
- Fixed frame sizes (768 bytes) for traffic analysis resistance

### Known Issues

- Falcon algorithm segfaults on macOS (pqcrypto library issue)
- ProxyJump/ProxyCommand incomplete