v0.50.0-beta.2

MSRV

russh now correctly builds on Rust 1.65

Changes

• f89c19c: Add backpressure to Channel receivers (#412) (Eric Rodrigues Pires) #412 - set Config::channel_buffer_size to control how many channel messages can be buffered before backpressure propagates over the network.
• 030468a: Add authentication_banner method to server::Handler (#415) (Eric Rodrigues Pires) #415 - you can now send a dynamic SSH banner to clients.
• ab8aca8: migrate to a forked ssh-key lib, removed bundled workarounds - if you were relying on traits directly imported from ssh_key, you might need to import them from russh::keys::ssh_key instead.
• 7c7cb1b: feature-gate des dependency (#424) (Eric Seppanen) #424
• 49ab949: Enforce MSRV (#430) #430
• 242b1e1: replace unmaintained tempdir dependency with tempfile (#423) (Eric Seppanen) #423

Fixes

• ad56a8e: fixed #418 - client - incorrect kex signature verification for RSA-SHA2
• 85c45cb: Remove calls to dbg!() (#414) (Eric Rodrigues Pires) #414
• 65bc5e2: remove unused bcrypt-pbkdf dependency (#421) (Eric Seppanen) #421
• 039054b: bump dependency versions to the minimum version that compiles. (#428) (Eric Seppanen) #428

v0.49.2

Fixes

• cb5d3ba: fixed #418 - client - incorrect kex signature verification for RSA-SHA2
• 97ec468: Remove calls to dbg!() (#414) (Eric Rodrigues Pires)

v0.49.0

Changes

This release fixes the regression in v0.48 which made it impossible to choose the hash algorithm when using RSA keys for authentication. Unfortunately, the fix is a breaking API change, hence the version bump.

client::Handle::authenticate_publickey now takes a russh_keys::key::PrivateKeyWithHashAlg which you can construct from an Arc<russh_keys::PrivateKey> + Option<russh_keys::HashAlg>.

The latter lets you choose between SHA1, SHA256 and SHA512 for RSA keys, and must be None for all other key types.

Example:

let key_pair = load_secret_key(key_path, None)?;

let auth_res = session
    .authenticate_publickey(
        user, 
        PrivateKeyWithHashAlg::new(Arc::new(key_pair), Some(HashAlg::Sha512))?
    )
    .await?;

v0.48.2

Fixes

• 044da62: fixed handling of rsa-sha2-* key algorithms

v0.48.1

Breaking changes

russh v0.48 drops its own data parsing and key handling code in favor of the RustCrypto project's ssh-key (#368) and ssh-encoding (#371) crates. This means there are some breaking changes, which are listed here:

Important for library users

• russh_keys::key::PublicKey is replaced with russh_keys::PublicKey (ssh_key::PublicKey)

• russh_keys::key::KeyPair is replaced with russh_keys::PrivateKey (ssh_key::PrivateKey)

• russh_keys::key::parse_public_key no longer takes a hash algorithm argument as RSA keys are no longer locked down to a specific algorithm internally. RSA key specific hash algorithms are only used in Preferred::key.

• Key type constants in russh_keys::key and russh_keys::key::Name are removed - use the russh_keys::Algorithm enum instead. Config::preferred::key now also takes russh_keys::Algorithms instead of russh_key::key::Names.

• russh::client::Handle::authenticate_future is renamed to russh::client::Handle::authenticate_publickey_with

Less important

• new russh::Error enum variants:

  • Error:Signature
  • Error:SshKey
  • Error:SshEncoding

• new russh_keys::Error enum variants:

  • Error::Rsa
  • Error::Utf8

• russh::auth::Signer is now an async_trait

• russh_keys::ec is removed

• russh_keys::encoding is removed (use russh_keys::ssh_encoding)

• russh_keys::signature is removed

• russh_keys::protocol is removed

• russh_keys::key::SignatureHash is replaced with russh_keys::HashAlg (ssh_key::HashAlg)

• russh_keys::key::SignatureBytes is removed

• russh_keys::key::RsaPrivate is removed (use russh_keys::ssh_key::private::RsaPrivateKey)

• russh_keys::key::RsaPublic is removed (use russh_keys::ssh_key::public::RsaPublicKey)

• russh_keys::key::RsaCrtExtra is removed

• russh_keys::key::Signature is replaced with russh_keys::signature::Signature (signature::Signature)

Features

• aa9bdb4: added support for [email protected] and [email protected] keys in client
• 68fff93: Add support for StrictHostKeyChecking and UserKnownHostsFile (#386) (Mattias Eriksson) #386
• 981cf7b: Derive Debug where possible (#374) (Quentin Santos) #374
• c328558: Implement From<&str> and From<&[u8]> for CryptoVec (#391) (Josh McKinney) #391

Fixes

• 47ca41d: Send proper algorithm for certificates (#378) (Jerome Gravel-Niquet) #378
• 2d8c08a: ratatui examples fixed. (#388) (André Almeida) #388
• bd6dc3a: impl Drop for server examples (#376) (Eric Rodrigues Pires) #376
• ac441a6: fix:remove unused memcpy function (#406) (irvingouj @ Devolutions) #406
• a5c4adc: #401 - removing TX busywait (#408) #408

Docs

• 2dca3c6: Document how to reply to channel requests (#381) (Quentin Santos) #381

v0.47.0-beta.3

Breaking changes

russh v0.47 will drop its own data parsing and key handling code in favor of the RustCrypto project's ssh-key (#368) and ssh-encoding (#371) crates. This means there are some breaking changes, which are listed here:

Important for library users

• russh_keys::key::PublicKey is replaced with russh_keys::PublicKey (ssh_key::PublicKey)

• russh_keys::key::KeyPair is replaced with russh_keys::PrivateKey (ssh_key::PrivateKey)

• russh_keys::key::parse_public_key no longer takes a hash algorithm argument as RSA keys are no longer locked down to a specific algorithm internally. RSA key specific hash algorithms are only used in Preferred::key.

• Key type constants in russh_keys::key and russh_keys::key::Name are removed - use the russh_keys::Algorithm enum instead. Config::preferred::key now also takes russh_keys::Algorithms instead of russh_key::key::Names.

• russh::client::Handle::authenticate_future is renamed to russh::client::Handle::authenticate_publickey_with

Less important

• new russh::Error enum variants:

  • Error:Signature
  • Error:SshKey
  • Error:SshEncoding

• new russh_keys::Error enum variants:

  • Error::Rsa
  • Error::Utf8

• russh::auth::Signer is now an async_trait

• russh_keys::ec is removed

• russh_keys::encoding is removed (use russh_keys::ssh_encoding)

• russh_keys::signature is removed

• russh_keys::protocol is removed

• russh_keys::key::SignatureHash is replaced with russh_keys::HashAlg (ssh_key::HashAlg)

• russh_keys::key::SignatureBytes is removed

• russh_keys::key::RsaPrivate is removed (use russh_keys::ssh_key::private::RsaPrivateKey)

• russh_keys::key::RsaPublic is removed (use russh_keys::ssh_key::public::RsaPublicKey)

• russh_keys::key::RsaCrtExtra is removed

• russh_keys::key::Signature is replaced with russh_keys::signature::Signature (signature::Signature)

Features

• aa9bdb4: added support for [email protected] and [email protected] keys in client
• 68fff93: Add support for StrictHostKeyChecking and UserKnownHostsFile (#386) (Mattias Eriksson) #386
• 981cf7b: Derive Debug where possible (#374) (Quentin Santos) #374
• c328558: Implement From<&str> and From<&[u8]> for CryptoVec (#391) (Josh McKinney) #391

Fixes

• 47ca41d: Send proper algorithm for certificates (#378) (Jerome Gravel-Niquet) #378
• 2d8c08a: ratatui examples fixed. (#388) (André Almeida) #388
• bd6dc3a: impl Drop for server examples (#376) (Eric Rodrigues Pires) #376

Docs

• 2dca3c6: Document how to reply to channel requests (#381) (Quentin Santos) #381

v0.46.0

Changes

• wasm-support: add wasm support (#351) #351 (irvingouj @ Devolutions)
• 97dc08b: Support Pageant as agent (#326) #326
• 26aae26: added named pipe support for AgentClient and AgentClient::dynamic()
• 8b88465: added AgentClient::into_inner
• 67a6ba8: Implement streamlocal-forward for remote => local UDS forwarding (#312) (kanpov) #312
• b9759d4: client channel handling changes - server_channel_open_direct_tcpip, server_channel_open_agent_forward and server_channel_open_session now receive a Channel instead of a ChannelId. Also added should_accept_unknown_server_channel and server_channel_open_unknown callbacks.
• d6ee97a: new rich NoCommonAlgo error
• cb8d9e9: fixed #338 - make KeyPair::generate_ed25519 infallible
• 9444608: Add a way to open an agent forwarding channel (#344) (Thomas Rampelberg) #344
• ee59e07: Add ed25519 to ALL_KEY_TYPES (#360) (Toni Peter) #360
• 3f7271b: fixed #358 - relax strict kex checks to match OpenSSH
• 72aa097: Update deps (#363) (Lucas Kent) #363

Fixes

• process multiple host entries (#331) #331 (Yaroslav Bolyukin)
• b704f4c: Remove leftover extraneous debugging in host globbing function (#328) (Adam Chappell) #328
• c99f49c: fixed Error::Disconnect getting returned from connect instead of the more specific error type when connection fails during kex phase
• 73fa3e5: Improve echoserver example, bump Rust toolchain to 1.81 (#339) (Julian) #339
• fix typo: add a missing word. (#342) #342 (Pipelight)
• f587d13: Reject unsupported key types instead of failing (#352) (Gary Guo) #352
• 6df962d: Minor accuracy improvements to server documentation (#346) (Kaleb Elwert) #346
• add adopters to readme (#356) #356 (Thomas Rampelberg)
• cd84f4d: Update sftp examples (#357) (Roman) #357

v0.45.0

Changes

• 4eaa080: added support for the 3des-cbc cipher. As an outdated cipher, it's not included in the defaults list and has to be explicitly enabled.

Improvements

• 9b9e145: Consolidate dirs deps (#320) (Lucas Kent) #320

v0.44.1

Security fixes

CVE-2024-43410 - SSH OOM DoS through malicious packet length

It was possible for an attacker to cause Warpgate to allocate an arbitrary amount of memory by sending a packet with a malformed length field, potentially causing the application to get killed due to excessive RAM usage.

v0.44.0

Breaking changes

OpenSSL-free RSA

• This release adds a default pure-Rust RSA implementation, meaning that you can disable the openssl feature to reduce your app size and improve portability and build speed.
• RSA is now enabled by default in Preferred::DEFAULT when the openssl feature is disabled.

Preferred algorithms config changes - 77cc2f7

• The fields specifying cipher algorithms in Preferred are now Cow<&'static, [Name]> instead of &'static [Name], allowing you to dynamically construct the lists. If you're using custom algorithm lists, you'll need to update your code:

  config.preferred = Preferred {
-   kex: &[CURVE25519],
+   kex: Cow::Borrowed(&[CURVE25519]),
    ..<_>::default()
  }

• The type of Preferred::compression items is now russh::compression::Name instead of String.
• All Name structs now implement TryFrom<&'static str> which will validate that the named algorithm is actually implemented in the library.
• There are now companion algorithm lists to choose from dynamically: russh_keys::key::ALL_KEY_TYPES, russh::kex::ALL_KEX_ALGORITHMS, russh::cipher::ALL_CIPHERS, russh::compression::ALL_COMPRESSION_ALGORITHMS and russh::mac::ALL_MAC_ALGORITHMS.

Incorrect Ed25519 PKCS#8 key saving

• Up to v0.43, russh-keys has generated incorrect key format when saving Ed25519 keys in PKCS#8 format. This is fixed in v0.44 but by default, v0.44 will fail to parse keys generated in v0.43.
• To allow v0.44 to parse these keys, enable the legacy-ed25519-pkcs8-parser feature of the russh-keys crate.

Other changes

• 3bfd99f: ecdh-sha2-nistp{256,384,521} kex support (#282) (Michael Gleason) #282
• 800969b: Implement -cbc ciphers. (#297) (Pierre Barre) #297
• 1eaadfb: Add support for glob pattern matching in Host directives (#306) (Adam Chappell) #306
• 88196a7: allow converting ChannelId into u32

Fixes

• 643be05: Fix block ciphers + HMAC_SHA1_ETM (#298) (Pierre Barre) #298
• 2bfe426: Fix hardcoded public key auth negotiation (#294) (Tom König) #294
• 9cce48c: Allow ssh-rsa keys to be used for rsa-sha2-* auth (#290) (Ana Gelez) #290
• Fix a segmentation fault (#288) #288 (Ana Gelez)
• 9e1ed09: Overachiever host key checking (#302) (Jean-Baptiste Skutnik) #302
• 3f4646a: removed use of unstable Option::inspect
• f2d94c0: fixed warp-tech/warpgate#996 - prevent offering of unparseable public keys from ending the session