v0.52.0-beta.1

Features

• make ChannelWriteHalf::make_writer[_ext] public, fix #498 (#499) #499 (Mingwei Samuel)
• add ChannelReadHalf::make_reader[_ext], #498 (#502) #502 (Mingwei Samuel)
• ec273f8: Add Handle::send_keepalive (#511) (Uli Schlachter) #511
• fd9da16: Added client::Handle::debug (#510) (Pascal Grange) #510

Fixes

• 20ea6a0: Handle unexpected EOF as expected in session closure (#495) (lgmugnier) #495
• 6a6fa80: make ChannelCloseOnDrop async
• c2fa2df: fixed #506 - removed faulty server-sig-algs timeout on wasm (#508) #508

v0.51.1

Changes

• 71cd4ab: fixed #468 - allow RSA keys below 2048-bit length

russh has previously disallowed <2048-bit RSA keys - whether as private or as server host keys, both as server and client due to a security check in the ssh-key crate.

This behaviour has now been changed to allow these keys, and the decision to accept or reject them now lies on the library consumer. To recreate the old behaviour within your Handler, add the following check to your check_server_key implementation. You'll need to import the rsa crate.

async fn check_server_key(
    &mut self,
    server_public_key: &PublicKey,
) -> Result<bool, Self::Error> {
    use rsa::traits::PublicKeyParts;

    if let Some(ssh_pk) = server_public_key.key_data().rsa() {
        let rsa_pk: rsa::RsaPublicKey = ssh_pk.try_into()?;
        if rsa_pk.size() < 2048 {
            return Ok(false);
        }
    }
    
    ...
}

• 0c722b8: partial_success support (#478) #478
• 32a9ee1: Add a crate feature to enable DSA support (#473) (Francesco Degrassi) #473
• db5e5ba: wait for extension info from the server in the best_supported_rsa_hash method. Previously there was a race condition between calling best_supported_rsa_hash and the server sending the EXT_INFO message. Now russh will wait for up to one second to receive EXT_INFO when you call best_supported_rsa_hash.
• 92362fc: Introduce Channel::split() to allow splitting a channel into a read half and a write half (#482) (Uli Schlachter) #482
• 32667df: Added support for additional DH groups (#486) (Jacob Van Brunt) #486
• replaced libc dependency with nix (#483) #483 (iHsin)

Fixes

• 0665aac: Cryptovec/Windows: Add reference counting per Page, improve error-msg (#471) (Adrian Müller (DTT)) #471
• 0b4cf36: Optimize examples/client_open_direct_tcpip.rs (#477) (handewo) #477
• ffc5726: Remove unused dependencies (#488) (Uli Schlachter) #488

v0.51.0-beta.3

Changes

• db5e5ba: wait for extension info from the server in the best_supported_rsa_hash method. Previously there was a race condition between calling best_supported_rsa_hash and the server sending the EXT_INFO message. Now russh will wait for up to one second to receive EXT_INFO when you call best_supported_rsa_hash.

• 92362fc: Introduce Channel::split() to allow splitting a channel into a read half and a write half (#482) (Uli Schlachter) #482

• 32667df: Added support for additional DH groups (#486) (Jacob Van Brunt) #486

• replaced libc dependency with nix (#483) #483 (iHsin)

v0.51.0-beta.2

Changes

• 0c722b8: partial_success support (#478) #478
• 32a9ee1: Add a crate feature to enable DSA support (#473) (Francesco Degrassi) #473

Fixes

• 0665aac: Cryptovec/Windows: Add reference counting per Page, improve error-msg (#471) (Adrian Müller (DTT)) #471
• 0b4cf36: Optimize examples/client_open_direct_tcpip.rs (#477) (handewo) #477

v0.51.0-beta.1

Changes

• 71cd4ab: fixed #468 - allow RSA keys below 2048-bit length

russh has previously disallowed <2048-bit RSA keys - whether as private or as server host keys, both as server and client due to a security check in the ssh-key crate.

This behaviour has now been changed to allow these keys, and the decision to accept or reject them now lies on the library consumer. To recreate the old behaviour within your Handler, add the following check to your check_server_key implementation. You'll need to import the rsa crate.

async fn check_server_key(
    &mut self,
    server_public_key: &PublicKey,
) -> Result<bool, Self::Error> {
    use rsa::traits::PublicKeyParts;

    if let Some(ssh_pk) = server_public_key.key_data().rsa() {
        let rsa_pk: rsa::RsaPublicKey = ssh_pk.try_into()?;
        if rsa_pk.size() < 2048 {
            return Ok(false);
        }
    }
    
    ...
}

v0.50.4

Fixes

• 83aacd1: re-fixed #470 - correctly ignore hash_alg argument when signing with non-RSA keys via agent
• bf235bc: fixed #470 - incorrect hash passed for an RSA key offer in agent authentication

v0.50.3

Changes

• b5e244b: populate comments for agent identities (#466) (Chris) #466
• 07d6243: Add a function to send ExitStatus message to Channel (#465) (procr1337) #465

Fixes

• 16a18bc: fixed #470 - broken agent auth with rsa-sha2-* algos

v0.50.2

[email protected]

Changes

• e574068: fixed #460 - do not panic on mlock failures (#464) (Eugene) #464

Reverted a change from 0.50.0 that made cryptovec panic when the OS fails to mlock() the memory.

Instead, russh-cryptovec will log a one-time log warning about this.

A common cause for these errors is running on Linux under a low RLIMIT_MEMLOCK limit

Docs

• 6a59d0e: Add client demo that implement open direct tcpip. (#454) (handewo) #454

v0.50.0

Significant changes

russh_keys merged into russh

• 23cc724: (#450) - the russh_keys crate has been fully merged into russh. If you have been importing from russh::keys, no changes are needed, otherwise remove the russh_keys dependency and replace all use russh_keys imports with use russh::keys.

Native async traits

• 3e04597: (#455) - client::Handler, server::Handler and other traits are now native Rust async traits. In most cases, you can simply remove the #[async_trait] macro from your trait impl. Alternatively, you can enable the async_trait feature, which will turn the traits into #[async_trait]s again. Note that the old async_trait support will be removed soon.

RSA hash negotiation

• 72847a7 / d4d3605: support automatic RSA key hash detection using server-sig-algs extension (#452 / #453)

Russh client now supports the server-sig-algs OpenSSH extension and can automatically select the strongest hash for RSA keys.

You can use russh::client::Handle::best_supported_rsa_hash() to choose the hash.

PrivateKeyWithHashAlg::new is now infallible and will ignore hash_alg for non-RSA keys, so you don't have to build separate logic just for RSA keys:

session.authenticate_publickey(
    user, 
    PrivateKeyWithHashAlg::new(
        Arc::new(key_pair),
        session.best_supported_rsa_hash().await?.unwrap_or(...), // some fallback Option<HashAlg>
    ),
).await?;

If you just want to fall back to SHA1 / ssh-rsa in case the server does not support server-sig-algs:

session.authenticate_publickey(
    user, 
    PrivateKeyWithHashAlg::new(
        Arc::new(key_pair),
        session.best_supported_rsa_hash().await?.flatten(),
    ),
).await?;

Channel backpressure

• f89c19c: added backpressure to channel buffers (#412) (Eric Rodrigues Pires) #412 - set Config::channel_buffer_size to control how many channel messages can be buffered before backpressure propagates over the network. Previously russh would simply buffer unread channel messages infinitely, eventually causing an out-of-RAM situation, and now it will block the connection until you consume them. Even if the server does not write data to the channel (e.g. it's a write-only channel for you as a client), it is still writing flow control messages, which you must consume.

So, any time you open a channel, make sure you have a loop somewhere that is either polling .wait() or reads from the AsyncRead side of its ChannelStream.

ssh-key traits

• ab8aca8: russh has migrated to its own fork of the ssh-key crate, removed bundled workarounds - if you were relying on traits directly imported from ssh_key, you might need to import them from russh::keys::ssh_key instead.

New features

• c9baadf: DH GEX support (#440) - diffie-hellman-group-exchange-sha256 KEX is now on the default kex list. To take advantage of dynamic DH groups, pre-generate some safe primes and implement dynamic group lookup in the server::Handler::lookup_dh_gex_group method - see this method's docs for more info.
• 66f9416: Add an option to enable TCP_NODELAY (#435) (Patryk Wychowaniec)
• 571dbe3: added support for loading PPK v2 and v3 private keys
• 030468a: added authentication_banner method to server::Handler (#415) (Eric Rodrigues Pires) #415 - you can now send a dynamic SSH banner to clients.
• 4c7b27a: expose the "remaining methods" field in auth failure responses #441
• 77f53ed: support for parsing X9.62 EC private keys
• 902010f: Allow setting hash algorithm to use for signing requests of SSH agent (#449) (Wiktor Kwapisiewicz) #449

MSRV

MSRV for the russh crate is now 1.75

Changes

• 7c7cb1b: feature-gate des dependency (#424) (Eric Seppanen) #424
• d9fb484: Include error-reason when failining in CryptoVec unix (#443) (Adrian Müller (DTT)) #443

Fixes

• 7c1060f: fixed client keyboard-interactive auth not working as second auth method
• ad56a8e: fixed #418 - client - incorrect kex signature verification for RSA-SHA2
• 85c45cb: Remove calls to dbg!() (#414) (Eric Rodrigues Pires) #414
• 65bc5e2: remove unused bcrypt-pbkdf dependency (#421) (Eric Seppanen) #421
• cb22369: src/platform/unix.rs:cfg detect macos (#447) (@RandyMcMillan) #447
• 039054b: bump dependency versions to the minimum version that compiles. (#428) (Eric Seppanen) #428
• 242b1e1: replace unmaintained tempdir dependency with tempfile (#423) (Eric Seppanen) #423
• 49ab949: Enforce MSRV (#430) #430
• 290bdbe: fixed unwrap panic in pageant
• 4fe938e: Send proper algorithm for certificates (#451) (Jerome Gravel-Niquet) #451

v0.50.0-beta.11

Changes

• 72847a7 / d4d3605: support automatic RSA key hash detection using server-sig-algs extension (#452 / #453)

Russh client now supports the server-sig-algs OpenSSH extension and can automatically select the strongest hash for RSA keys.

You can use russh::client::Handle::best_supported_rsa_hash() to choose the hash.

PrivateKeyWithHashAlg::new is now infallible and will ignore hash_alg for non-RSA keys, so you don't have to build separate logic just for RSA keys:

session.authenticate_publickey(
    user, 
    PrivateKeyWithHashAlg::new(
        Arc::new(key_pair),
        session.best_supported_rsa_hash().await?.unwrap_or(...), // some fallback Option<HashAlg>
    ),
).await?;

If you just want to fall back to SHA1 / ssh-rsa in case the server does not support server-sig-algs:

session.authenticate_publickey(
    user, 
    PrivateKeyWithHashAlg::new(
        Arc::new(key_pair),
        session.best_supported_rsa_hash().await?.flatten(),
    ),
).await?;

Fixes

• 4fe938e: Send proper algorithm for certificates (#451) (Jerome Gravel-Niquet) #451