bssh (1.7.0-1~jammy1) jammy; urgency=medium

  * v1.7.0
  ### New Features
  - **SSH Keepalive Support**: Added SSH keepalive to prevent idle connection timeouts (#122)
    - `--server-alive-interval` option: Configure keepalive interval in seconds (default: 60, 0 to disable)
    - `--server-alive-count-max` option: Maximum keepalive messages without response before disconnect (default: 3)
    - Configuration support in config.yaml via `server_alive_interval` and `server_alive_count_max` fields
    - Helps maintain long-running sessions through firewalls that drop idle connections

  ### Improvements
  - **Documentation**: Added GitHub downloads badge to README

  ### Bug Fixes
  None

  ### CI/CD Improvements
  None

  ### Technical Details
  - Implemented SSH keepalive packet sending at configurable intervals
  - Automatic connection termination after max retries without response
  - Full integration with all execution modes (exec, interactive, file transfer)

  ### Dependencies
  - Updated russh from 0.55.0 to 0.56.0
  - Updated ratatui from 0.29.0 to 0.30.0
  - Updated signal-hook from 0.3.18 to 0.4.1
  - Updated whoami from 1.6.1 to 2.0.1
  - Updated unicode-width from 0.2.0 to 0.2.2

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 09 Jan 2026 00:00:00 +0900

bssh (1.6.0-1~jammy1) jammy; urgency=medium

  * v1.6.0
  ### New Features
  - **Jump Host Configuration Support in YAML**: Added `jump_host` field support in config.yaml (issue #115)
    - Global defaults level: `defaults.jump_host` for all clusters
    - Cluster level: `clusters.<name>.jump_host` for cluster-specific settings
    - Node level: Per-node `jump_host` in detailed node configuration
    - Environment variable expansion supported (`${VAR}` or `$VAR` syntax)
    - Empty string (`""`) explicitly disables jump host inheritance
    - CLI `-J` option always takes precedence over configuration

  ### Improvements
  - **SSH Config ProxyJump Directive**: Apply SSH config ProxyJump directive when -J option not specified (issue #117)
    - ProxyJump directive from SSH config now properly applied as fallback
    - Priority order: CLI `-J` > config.yaml jump_host > SSH config ProxyJump
  - **Documentation**: Added comprehensive jump_host configuration documentation
    - Updated README.md with configuration examples
    - Added docs/architecture/ssh-jump-hosts.md with detailed architecture
    - Updated example-config.yaml with all jump_host configuration patterns

  ### Bug Fixes
  - **Jump Host Authentication**: Fix jump host authentication fails with empty SSH agent (issue #116)
    - Properly handle empty SSH agent when authenticating through jump hosts
    - Fall back to key-based authentication when agent has no identities
  - **Config Fallback**: Apply expand_env_vars to jump_host and add config fallback for exec/interactive
    - Environment variables now properly expanded in jump_host values
    - Configuration jump_host properly used in exec and interactive modes

  ### CI/CD Improvements
  - Updated GitHub workflows

  ### Technical Details
  - Added ConfigResolver::resolve_jump_host() method for centralized jump host resolution
  - Jump host priority: CLI > Node > Cluster > Global defaults
  - Comprehensive test coverage: 424 lines of tests for jump_host configuration
  - Integration tests for all priority levels and edge cases

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 19 Dec 2025 00:00:00 +0900

bssh (1.5.1-1~jammy1) jammy; urgency=medium

  * v1.5.1
  ### New Features
  None

  ### Improvements
  None

  ### Bug Fixes
  - **SSH Disconnect Error Handling**: Handle SshError(Disconnect) during authentication for password fallback (issue #113)
    - Fixed handling of SSH disconnect errors during authentication phase
    - Enables proper password fallback when SSH connection is disconnected during auth

  ### CI/CD Improvements
  None

  ### Technical Details
  - Extended auth error matching to include SshError::Disconnect variant
  - Improved robustness of password fallback authentication flow

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Wed, 18 Dec 2025 00:00:00 +0900

bssh (1.5.0-1~jammy1) jammy; urgency=medium

  * v1.5.0
  ### New Features
  - **pdsh Compatibility Mode**: Full pdsh-style command line compatibility
    - `-w hosts` option mapped to `-H hosts` for target host specification
    - `-x hosts` option mapped to `--exclude hosts` for host exclusion
    - `-f N` option mapped to `--parallel N` for fanout control
    - `-l user` option for remote username
    - `-N` option for disabling hostname prefix in output
    - `-b` option for batch mode (single Ctrl+C termination)
    - `-k` option for fail-fast mode (stop on first failure)
    - `-q` query mode to show target hosts and exit
  - **Hostlist Expressions**: pdsh-style range expansion support
    - Range expansion: `node[1-5]` → node1, node2, node3, node4, node5
    - Zero-padded ranges: `node[01-05]` → node01, node02, ...
    - Comma-separated values: `node[1,3,5]` → node1, node3, node5
    - Cartesian product: `rack[1-2]-node[1-3]` → 6 hosts
    - File input with `^/path/to/hostfile`
  - **In-TUI Log Panel**: Toggle visibility with `l` key
    - Color-coded by level (ERROR red, WARN yellow)
    - Configurable buffer size via BSSH_TUI_LOG_MAX_ENTRIES
  - **--connect-timeout Option**: Separate connection timeout from command timeout
    - Default: 30 seconds, minimum: 1 second

  ### Improvements
  - CI workflow simplification by merging jobs into single pipeline

  ### Bug Fixes
  - Fixed --timeout 0 handling to correctly treat as unlimited instead of ignoring
  - Fixed #[serial] attribute for env var tests to prevent race conditions
  - Fixed connect_timeout propagation through all SSH connection paths

  ### CI/CD Improvements
  - Simplified CI workflow by merging multiple jobs into single pipeline

  ### Technical Details
  - pdsh compatibility layer core infrastructure
  - Comprehensive hostlist expression parser with cartesian product support
  - Added explicit CLI test for --timeout 0 behavior

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Wed, 18 Dec 2025 00:00:00 +0900

bssh (1.4.2-1~jammy1) jammy; urgency=medium

  * v1.4.2
  ### New Features
  None

  ### Improvements
  None

  ### Bug Fixes
  - **PTY Session Fixes**: Fixed terminal escape sequence responses and paste functionality
    - Fixed terminal escape sequence responses displayed on first prompt when starting tmux (#90)
    - Fixed paste not working in PTY sessions (#89)

  ### CI/CD Improvements
  None

  ### Technical Details
  - Terminal handling improvements for PTY sessions
  - Better compatibility with tmux and terminal multiplexers

  ### Dependencies
  - Bumped dependencies to latest versions

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 16 Dec 2025 00:00:00 +0900

bssh (1.4.1-1~jammy1) jammy; urgency=medium

  * v1.4.1
  ### New Features
  None

  ### Improvements
  - **TUI Module Documentation**: Added comprehensive TUI module documentation to README.md and ARCHITECTURE.md
    - Detailed keyboard shortcuts reference table
    - View modes description table
    - TUI activation conditions and requirements
  - **Test Coverage**: Added 84 new tests for TUI and streaming execution
    - tests/tui_snapshot_tests.rs: 20 tests for TUI rendering
    - tests/tui_event_tests.rs: 36 tests for keyboard navigation and view transitions
    - tests/streaming_integration_tests.rs: 28 tests for streaming infrastructure
    - benches/large_output_benchmark.rs: Performance benchmarks for large output handling

  ### Bug Fixes
  - **Password Fallback Extension**: Extended password fallback to handle SSH agent authentication failures
    - Now correctly triggers for AgentAuthenticationFailed, AgentNoIdentities, AgentConnectionFailed, AgentRequestIdentitiesFailed
    - Added is_auth_error_for_password_fallback() helper for testability
    - Added unit tests and integration tests for password fallback

  ### CI/CD Improvements
  None

  ### Technical Details
  - Added insta 1.34 for snapshot testing
  - Added criterion 0.5 for benchmarking
  - Added mockall 0.12 for mocking in integration tests
  - Refactored test code for improved quality

  ### Dependencies
  - insta 1.34 (dev-dependency)
  - criterion 0.5 (dev-dependency)
  - mockall 0.12 (dev-dependency)

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 16 Dec 2025 00:00:00 +0900

bssh (1.4.0-1~jammy1) jammy; urgency=medium

  * v1.4.0
  ### New Features
  - **Sudo Password Support**: Added `-S/--sudo-password` flag for automated sudo authentication
    - Securely prompts for sudo password before command execution
    - Automatically detects and responds to sudo password prompts
    - Works with both streaming and non-streaming execution modes
    - `BSSH_SUDO_PASSWORD` environment variable support (with security warnings)
    - Uses `secrecy` crate for secure memory handling
    - Password cleared from memory immediately after use

  ### Improvements
  - **Password Fallback**: Improved SSH debugging for compatibility
    - Enhanced password authentication fallback logic
    - Better error messages for SSH connection issues
  - **Developer Tooling**: Added githooks setup script for development workflow

  ### Bug Fixes
  - Fixed clippy warnings for useless_vec and same_item_push
  - Improved SSH compatibility with password fallback mechanism

  ### CI/CD Improvements
  - Added setup script for githooks

  ### Technical Details
  - Secure memory handling with secrecy and zeroize crates
  - Automatic sudo prompt detection and response

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Sun, 15 Dec 2025 00:00:00 +0900

bssh (1.3.0-1~jammy1) jammy; urgency=medium

  * v1.3.0
  ### New Features
  - **Interactive TUI**: Added interactive Terminal User Interface with multiple view modes
    - Summary view: All nodes at a glance with progress bars
    - Detail view (1-9): Full output from specific node with scrolling
    - Split view (s): Monitor 2-4 nodes simultaneously
    - Diff view (d): Compare output from two nodes side-by-side
    - Auto-scroll (f): Toggle automatic scrolling
    - Navigation: Arrow keys, PgUp/PgDn, Home/End
    - Help (?): Show keyboard shortcuts
  - **Multi-node Stream Management**: Phase 2 streaming infrastructure
    - Real-time output modes for multi-node operations
    - Stream mode with [node] prefixes for real-time monitoring

  ### Bug Fixes
  - **PTY Escape Sequence Filtering**: Filter terminal escape sequence responses in PTY sessions
    - Fixed issue with terminal response codes appearing in output

  ### Technical Details
  - Implemented ratatui-based TUI rendering
  - Added multi-node output aggregation and display
  - Enhanced streaming infrastructure for real-time updates

 -- Jeongkyu Shin <inureyes@gmail.com>  Wed, 10 Dec 2025 00:00:00 +0900

bssh (1.2.2-1~jammy1) jammy; urgency=medium

  * v1.2.2
  ### Bug Fixes
  - **Backend.AI Auto-detection**: Improved host heuristics for Backend.AI environments
    - Added localhost and localhost.localdomain detection
    - Added IPv4 address validation (127.0.0.1, 192.168.x.x, etc.)
    - Enhanced detection for user@host, host:port, FQDN, IPv6 patterns
    - Users can now use `bssh localhost "command"` naturally in Backend.AI
    - 16 comprehensive tests added for host detection logic

  ### Technical Details
  - Extracted testable `looks_like_host_specification()` function
  - Added `is_ipv4_address()` helper with strict validation
  - Performance optimized with early returns
  - Updated ARCHITECTURE.md with detailed documentation

 -- Jeongkyu Shin <inureyes@gmail.com>  Tue, 29 Oct 2025 00:00:00 +0900

bssh (1.2.1-1~jammy1) jammy; urgency=medium

  * v1.2.1
  ### Bug Fixes
  - **Password Authentication**: Fixed password authentication fallback in interactive mode
    - Re-implemented proper password authentication fallback logic
    - Ensured password prompt works correctly after key-based auth fails
  - **Test Race Condition**: Fixed race condition in RankDetector tests
    - Added #[serial] attribute to prevent environment variable conflicts
    - Tests now run sequentially when accessing shared environment state

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 28 Oct 2025 00:00:00 +0900

bssh (1.2.0-1~jammy1) jammy; urgency=medium

  * v1.2.0
  ### BREAKING CHANGES
  - **Exit Code Behavior Changed**: Now returns main rank's actual exit code by default
    - Old behavior (v1.0-v1.1): Returns 0 only if all nodes succeed, 1 if any fail
    - New behavior (v1.2.0+): Returns main rank's actual exit code (matches MPI standard)
    - Migration: Use --require-all-success flag to preserve old behavior
    - Benefit: Preserves actual exit codes (139=SIGSEGV, 137=OOM, 124=timeout)

  ### New Features
  - **Exit Code Strategy**: Main rank exit code returned by default
    - Matches MPI standard tools (mpirun, srun, mpiexec)
    - Preserves actual exit codes for better diagnostics
    - --require-all-success flag for legacy behavior
    - --check-all-nodes flag for hybrid mode
    - Automatic main rank detection via BACKENDAI_CLUSTER_ROLE
  - **Example Scripts**: Added mpi_exit_code.sh and health_check.sh examples

  ### Improvements
  - Exit code behavior aligns with HPC and distributed computing best practices
  - Enables sophisticated error handling in shell scripts and CI/CD pipelines

  ### Bug Fixes
  - Fixed security-framework dependency version (downgraded from 3.5.1 to 2.12.1)
  - Fixed cargo clippy warnings in test code

  ### Testing
  - Added comprehensive exit code tests (86 total test cases)
  - Added serial test runner for environment-dependent tests
  - Documentation updates for breaking changes in README, CHANGELOG, ARCHITECTURE

  ### Dependencies
  - Updated security-framework to 2.12.1 for better compatibility

 -- Jeongkyu Shin <inureyes@gmail.com>  Sun, 27 Oct 2025 21:00:00 +0900

bssh (1.1.0-1~jammy1) jammy; urgency=medium

  * v1.1.0
  ### New Features
  - **macOS Keychain Integration**: Complete Phase 2 implementation of UseKeychain SSH option
    - Automatic passphrase storage in macOS Keychain after successful authentication
    - Automatic passphrase retrieval before prompting user
    - Secure memory handling with Zeroizing for all sensitive data
    - Integration with SSH config UseKeychain option per host
  - **ProxyUseFdpass Support**: Added ProxyUseFdpass SSH configuration option
    - Optimizes ProxyCommand usage by passing connected file descriptors
    - Reduces overhead from lingering processes and extra read/write operations
  - **Password Authentication Fallback**: Automatic password retry when key-based auth fails
    - Matches OpenSSH standard behavior
    - Interactive terminal detection with TTY checks
    - Works for both exec and interactive modes

  ### Improvements
  - **Security Enhancements**: Multiple security improvements from PR review
    - SSH key file ownership validation (prevents storing passphrases for others' keys)
    - User consent prompt before password fallback authentication
    - Rate limiting between authentication attempts (prevents brute-force)
    - World-readable SSH key permission warnings
  - **Code Quality**: Eliminated 251 lines of code duplication in connection logic
  - **Cross-Platform**: All macOS-specific code properly isolated with conditional compilation

  ### Bug Fixes
  - Fixed clippy warnings (unused_mut, unused_imports, dead_code) on non-macOS platforms
  - Fixed interactive mode missing use_keychain field causing authentication failures
  - Fixed password prompt not appearing when connecting to new servers

  ### Dependencies
  - Added security-framework crate for macOS Keychain API integration
  - Added libc crate for macOS user ID checks

 -- Jeongkyu Shin <inureyes@gmail.com>  Fri, 24 Oct 2025 17:31:48 +0900

bssh (1.0.0-1~jammy1) jammy; urgency=medium

  * v1.0.0
  ### New Features
  - **Comprehensive SSH Configuration Support**: Added ~71 SSH configuration options (~69% coverage of OpenSSH's 103 options)
    - Certificate Authentication Options: CertificateFile, CASignatureAlgorithms, HostbasedAuthentication, HostbasedAcceptedAlgorithms
    - Advanced Port Forwarding Control: GatewayPorts, ExitOnForwardFailure, PermitRemoteOpen
    - Command Execution and Automation: PermitLocalCommand, LocalCommand, RemoteCommand, KnownHostsCommand, ForkAfterAuthentication, SessionType, StdinNull
    - Host Key Verification & Security: NoHostAuthenticationForLocalhost, HashKnownHosts, CheckHostIP, VisualHostKey, HostKeyAlias, VerifyHostKeyDNS, UpdateHostKeys
    - Additional Authentication Options: NumberOfPasswordPrompts, EnableSSHKeysign
    - Network & Connection Options: BindInterface, IPQoS, RekeyLimit
    - X11 Forwarding Options: ForwardX11Timeout, ForwardX11Trusted
    - Authentication and Security Management: IdentitiesOnly, AddKeysToAgent, IdentityAgent, PubkeyAcceptedAlgorithms, RequiredRSASize, FingerprintHash
    - Include and Match directive support for flexible configuration
    - Support for both "Option Value" and "Option=Value" syntax

  ### Improvements
  - **Modular SSH Config Parser**: Refactored oversized parser.rs (1706 lines) into category-based modules (~200-350 lines each)
  - **Enhanced Security**: Comprehensive security hardening for SSH configuration
    - Path validation to prevent usage of sensitive system files
    - Memory exhaustion prevention with entry limits
    - Command injection prevention for LocalCommand and KnownHostsCommand
    - Token validation and dangerous character detection
    - Algorithm list validation with deduplication
  - **Terminology Cleanup**: Removed phase terminology from codebase and documentation for better clarity

  ### Bug Fixes
  - Fixed critical security vulnerabilities in SSH config parser (Priority: CRITICAL/HIGH)
  - Enhanced input validation and error handling

  ### CI/CD Improvements
  None

  ### Technical Details
  - Enhanced SSH configuration merging logic with proper priority handling
  - Comprehensive test coverage: 278 tests including parser, resolver, integration, and security tests
  - Improved code organization and maintainability with modular structure
  - Support for scalar option override and vector option accumulation with deduplication

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 24 Oct 2025 00:00:00 +0900

bssh (0.9.1-1~jammy1) jammy; urgency=medium

  * v0.9.1
  ### New Features
  None

  ### Improvements
  - **PTY Terminal Modes**: Complete implementation of PTY terminal modes for better interactive session support
  - **Shift Key Input Support**: Full Shift key input handling in PTY mode for proper terminal behavior

  ### Bug Fixes
  - Fixed terminal mode implementation for PTY sessions
  - Improved Shift key input handling in interactive mode

  ### CI/CD Improvements
  None

  ### Technical Details
  - Enhanced terminal mode settings for PTY allocation
  - Implemented proper terminal flag handling for interactive sessions
  - Improved keyboard input processing for special keys

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 14 Oct 2025 00:00:00 +0900

bssh (0.9.0-1~jammy1) jammy; urgency=medium

  * v0.9.0
  ### New Features
  - **SSH ProxyJump File Transfer Support**: Added complete file transfer operations through SSH jump hosts (#39)
    - Upload single files through jump host chains
    - Download single files through jump hosts
    - Upload directories recursively through jump hosts
    - Download directories through jump hosts
    - All file transfer operations now fully support multi-hop SSH connections

  ### Improvements
  - **Jump Host Interactive Mode**: Interactive shell sessions now work through jump hosts
    - Dynamic timeout calculation based on hop count (30s base + 15s per hop)
    - Prevents premature timeouts on multi-hop connections
    - Full authentication support (SSH keys, agent, password) for each hop
  - **Package Updates**: Updated dependencies to latest versions for better security and stability

  ### Bug Fixes
  - Fixed interactive mode timeout issues when connecting through jump hosts
  - Fixed file transfer operations not working with jump host chains

  ### CI/CD Improvements
  None

  ### Technical Details
  - Parallel Executor Integration: Jump host support across all parallel operations
  - Updated executor.rs to propagate jump_hosts to all node operations
  - Maintains backward compatibility with Option<&str> type
  - All *_to_node() functions now accept jump_hosts parameter

  ### Dependencies
  - Added serial_test dependency for thread-safe environment variable testing
  - Updated various dependencies for security patches

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 14 Oct 2025 00:00:00 +0900

bssh (0.8.0-1~jammy1) jammy; urgency=medium

  * v0.8.0
  ### New Features
  - **SSH Port Forwarding**: Added comprehensive SSH port forwarding support with local (-L), remote (-R), and dynamic (-D) SOCKS5 forwarding (#31)
    - Local port forwarding for accessing remote services through local ports
    - Remote port forwarding for exposing local services to remote servers
    - Dynamic port forwarding with SOCKS5 proxy support
    - Multiple simultaneous port forwarding configurations
    - Full integration with all authentication methods
  
  ### Improvements
  - **Error Handling**: Removed dangerous unwrap() calls throughout the codebase for better stability (#35)
  - **SSH Error Messages**: Improved error messages for SSH connection failures and authentication issues (#36)
  - **Command Execution**: Enabled automatic command execution for better usability
  
  ### Bug Fixes
  - Fixed potential panics from unwrap() calls in production code
  - Improved error recovery and reporting for SSH operations
  
  ### CI/CD Improvements
  None
  
  ### Technical Details
  - Complete SSH port forwarding implementation with Phase 1 and Phase 2 features
  - Comprehensive port forwarding architecture documentation
  - Enhanced error handling with proper Result types and context
  - Fixed DNS resolution errors in forwarding tests
  
  ### Dependencies
  - No major dependency changes in this release
  
  ### Breaking Changes
  None
  
  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 12 Sep 2025 00:00:00 +0900

bssh (0.7.0-1~jammy1) jammy; urgency=medium

  * v0.7.0
  ### New Features
  - **SSH Jump Host Support**: Added infrastructure and CLI integration for SSH jump hosts using OpenSSH-compatible -J syntax (#30)
    - Robust parsing of OpenSSH ProxyJump format (e.g., `user@host:port,user2@host2:port2`)
    - Support for single and multiple jump hosts in chain
    - IPv6 address handling with bracket notation
    - Comprehensive input validation and error handling
    - Full integration with all commands (exec, ping, upload, download)
  
  ### Improvements
  - **Ubuntu PPA**: Improved Ubuntu PPA build process and package generation
  - **Debian Packaging**: Enhanced Cargo vendor support for older distribution compatibility
  
  ### Bug Fixes
  - Fixed Ubuntu PPA update issues
  - Fixed deprecated GitHub Actions by replacing actions-rs/toolchain with dtolnay/rust-toolchain
  
  ### CI/CD Improvements
  - Modernized GitHub Actions workflow by removing deprecated actions
  - Improved build process for Debian-based distributions
  
  ### Technical Details
  - Jump host parser implementation with comprehensive error handling
  - OpenSSH-compatible command-line syntax for ProxyJump functionality
  - Enhanced logging for jump host connection debugging
  
  ### Dependencies
  - No major dependency changes in this release
  
  ### Breaking Changes
  None
  
  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Sat, 30 Aug 2025 08:48:19 +0900

