bssh (2.2.3-1~jammy1) jammy; urgency=medium

  * v2.2.3
  ### Dependencies
  - Sync both internal russh forks to upstream stable (#207). Advance
    bssh-russh to russh 0.61.1 and bssh-russh-sftp to russh-sftp 2.3.0,
    bringing the current RustCrypto generation (sha2/sha1 0.11, hmac
    0.13, aes 0.9, digest 0.11, pbkdf2 0.13) and unifying ssh-key on a
    single 0.7.0-rc.10. Re-port the high-frequency PTY Handle::data
    drain fix onto the new server session loop, add a regression test,
    and retire three patches now merged upstream.
  ### Security
  - Patch RUSTSEC-2026-0009 (#208), a stack-exhaustion denial of
    service in time 0.3.45 pulled transitively via ratatui. Bump time
    to 0.3.47 and raise the minimum supported Rust to 1.88, which time
    0.3.47 requires; cargo audit now reports zero vulnerabilities.

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 25 May 2026 12:00:00 +0900

bssh (2.2.2-1~jammy1) jammy; urgency=medium

  * v2.2.2
  ### Bug Fixes
  - Keep idle SSH sessions alive (#206). Lower the default keepalive
    interval (--server-alive-interval) from 60s to 30s so bssh sends
    keepalive traffic before common one-minute idle reapers (load
    balancers, NAT gateways, sshd ClientAliveInterval) close otherwise
    healthy sessions. Normalize --server-alive-interval 0 to fully
    disabled keepalive instead of a zero-duration russh timer, in both
    the russh client config and the TCP SO_KEEPALIVE path. Leave the
    client inactivity_timeout disabled so a healthy interactive session
    that produces no inbound data for a long time (tmux, idle shell,
    REPL) is never torn down locally by bssh. Dead-peer detection now
    resolves in about 120s instead of 180s.

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 25 May 2026 00:00:00 +0900

bssh (2.2.1-1~jammy1) jammy; urgency=medium

  * v2.2.1
  ### Security
  - Forward-port the SSH-agent half of CVE-2026-46673 (compression
    ZIP-bomb DoS) into the bssh-russh fork (#203). Upstream russh v0.60.3
    has the fix but our fork was based on v0.60.1. Adds
    MAX_AGENT_FRAME_LEN = 256 KiB and a read_frame() helper in
    src/keys/agent/{client,server}.rs that rejects oversized peer frame
    lengths with Error::AgentProtocolError before allocating. The
    matching russh-cryptovec 0.59.0 to 0.60.3 bump carries the cryptovec
    hardening half of the same CVE. cargo audit reports 0
    vulnerabilities / 0 warnings post-bump.

  ### Dependencies
  - Bump workspace deps and sync russh forks to upstream stable (#203).
    lru 0.17 to 0.18, signal-hook 0.3 to 0.4, opentelemetry family 0.31
    to 0.32, nix 0.31.3. bssh-russh 0.60.1 to 0.60.3 (picks up
    aws-lc-rs 1.17.0 and the upstream v0.60.2 fixes our PR #193 already
    forward-ported). bssh-russh-sftp 2.1.1 to 2.1.2 full source sync:
    upstream absorbed the original serde_bytes perf patch (now moved to
    patches/historical/); the fork's remaining value-add (two pipelined
    File I/O helpers) is re-ported on top of the new Features API.
    Cargo.toml swaps flurry for dashmap 6.1.0 and adds serde_bytes as a
    direct dep.

  ### Bug Fixes
  - Add the missing [dev-dependencies] block to the bssh-russh fork so
    its 75 inline tests compile for the first time since the initial
    sync at commit 508aa3f0 (#204). Imports were copied from upstream
    russh, dev-deps were not. Adds env_logger 0.11, tempfile 3, and
    tokio with process/macros features. Workspace test aggregate climbs
    from 1796 to 1871 passed / 0 failed / 10 ignored.
  - Drop a redundant .into_iter() in the synced SFTP session loop to
    satisfy rustc 1.95's stricter clippy::useless_conversion lint
    (#205). The line was imported verbatim from upstream russh-sftp
    2.1.2 in PR #203 and broke CI after the toolchain bump.

 -- Jeongkyu Shin <inureyes@gmail.com>  Tue, 19 May 2026 00:30:00 +0900

bssh (2.2.0-1~jammy1) jammy; urgency=medium

  * v2.2.0
  ### New Features
  - Add `BSSH_PASSWORD` environment variable for non-interactive password
    auth (#201). Discouraged for production; documented in the man page
    and README environment-variables section.

  ### Improvements
  - Collect `--password` once up-front in the dispatcher and share the
    secret across all parallel SSH tasks via `Arc<Password>` (#201,
    closes #200). Each per-node auth task previously prompted via
    `rpassword::prompt_password()`, racing for stdin and interleaving
    with the indicatif progress UI. The new flow mirrors the existing
    `Arc<SudoPassword>` pattern: prompt once before any executor or
    `MultiProgress` is initialized, then thread a shared `Arc<Password>`
    through `ParallelExecutor`, `ExecutionConfig`, `ConnectionConfig`,
    `FileTransferParams`, the SFTP `*_with_jump_hosts` helpers, the
    jump-host `determine_auth_method` path, and the legacy
    `execute_command_with_forwarding` path.
  - Warn on stderr when `-S` / `--sudo-password` is passed to subcommands
    where it has no effect (`ping`, `upload`, `download`, `list`,
    `cache-stats`, and interactive shells) (#201, follow-up #200). The
    warning routes to stderr via `eprintln!` so `bssh ... ping | grep ...`
    pipelines stay clean. `exec` and the SSH-mode interactive path
    continue to honor `-S` as before.

  ### Bug Fixes
  - Fix `--password` race across parallel SSH connections (#200, #201).
    Multiple per-node tasks previously raced for stdin: the prompt could
    be missed, repeated per node, or interleaved with the progress UI.
  - Fix `-S` being silently dropped by `ping`, `upload`, and `download`
    (#201, closes #200). The dispatcher only read `cli.sudo_password`
    in the `exec` and interactive branches, so users could pass `-S` to
    other subcommands without any feedback that the flag had no effect.

  ### Dependencies
  - Drop five stale or redundant direct dependencies (#199): `arrayvec`
    (unused), `ctrlc` (replaced by `tokio::signal::ctrl_c`), `directories`
    (replaced by `dirs`, already used in 16 other sites), `signal-hook`
    0.4.4 (downgraded to 0.3 to share the crate `crossterm` already
    pulls in via `signal-hook-mio`), plus the macOS `objc2`/`block2`/
    `dispatch2` chain that `ctrlc` brought in. Three more crates
    (`lazy_static`, `once_cell`, `fastrand`) are no longer directly
    referenced after migrating to `std::sync::LazyLock`/`OnceLock` and
    `rand::random_range`.
  - Replace the unmaintained `atty` crate with `std::io::IsTerminal`
    (stdlib since Rust 1.70) across PTY, logging, ssh::auth, and the
    interactive connection (#198). Drops RUSTSEC-2024-0375 (unmaintained)
    and RUSTSEC-2021-0145 (unsound unaligned read) at once.
  - Pick up 33 transitive patch bumps from `cargo update` within current
    semver constraints (#198): tokio 1.52.1 to 1.52.3, rustls 0.23.39
    to 0.23.40, h2 0.4.13 to 0.4.14, digest 0.11.2 to 0.11.3, rpassword
    7.4.0 to 7.5.2, and others.

  ### Known Issues
  - RUSTSEC-2023-0071 (RSA Marvin Attack) acknowledged via
    `.cargo/audit.toml` ignore with an explanatory comment (#198). Both
    `rsa` 0.9.10 (via `ssh-key` 0.6.x) and `rsa` 0.10.0-rc.17 (via the
    vendored `bssh-russh` fork) are affected, and no fixed upstream
    `rsa` release exists. Bumping to 0.10.0-rc.18 conflicts with the
    `bssh-russh` `pkcs5 = "=0.8.0-rc.13"` pin. Users handling
    untrusted hosts should prefer Ed25519 or ECDSA keys instead of RSA.

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 18 May 2026 00:00:00 +0900

bssh (2.1.4-1~jammy1) jammy; urgency=medium

  * v2.1.4
  ### Improvements
  - Stream SFTP uploads/downloads in 255 KiB chunks instead of buffering
    the whole file in memory (#195). On a 1 GiB transfer over loopback,
    upload peak RSS drops from ~3.23 GB to ~20 MB and wall time from
    38.6 s to 3.5 s; download peak RSS drops from ~2.17 GB to ~16 MB.
    Multi-GB transfers no longer OOM the client.
  - Pipeline up to 64 concurrent SFTP requests for upload and download
    (#196). The server-advertised read/write lengths are also capped
    against local maxima to avoid oversized allocations from untrusted
    SFTP metadata, the download reorder queue is bounded across both
    in-flight and pending out-of-order responses, and `fstat` size info
    is used where available to avoid reads past EOF.
  - Raise the bssh-server SFTP `MAX_READ_SIZE` from 64 KiB to the
    255 KiB SFTP standard (#197). Combined with client-side pipelining,
    this cuts the per-MiB request count on downloads from 16 to 4.

 -- Jeongkyu Shin <inureyes@gmail.com>  Sun, 10 May 2026 00:00:00 +0900

bssh (2.1.3-1~jammy1) jammy; urgency=medium

  * v2.1.3
  ### Bug Fixes
  - Fix SCP/SFTP path doubling on absolute client paths (#186): `ScpHandler`
    and `SftpHandler` no longer re-root every absolute client path under the
    user's home directory. With no chroot configured, absolute paths are
    honored verbatim and relative paths resolve from the user's home
    directory, matching OpenSSH `sftp-server`/`scp` defaults.
  - Fix SCP single-file destinations from appending source filename (#186):
    `scp local.bin host:/tmp/dest.bin` now writes to `/tmp/dest.bin`
    instead of `/tmp/dest.bin/local.bin`, by consulting `target_is_directory`
    and the filesystem state of the resolved target.
  - Make `sftp.root` configuration actually effective (#186): previously
    dead code, the YAML setting now controls the SFTP chroot. Same plumbing
    added for new `scp.root` field.
  - Block chroot bypass via intermediate-directory symlinks: the resolver
    now canonicalizes the closest existing ancestor of the target path and
    verifies it stays inside the canonicalized chroot.

  ### New Features
  - Add `scp.root` configuration field for separate SCP chroot setting,
    falling back to `sftp.root` when unset.

  ### Improvements
  - Vendor `russh-sftp` as `bssh-russh-sftp` with a `serde_bytes` performance
    fix for `SSH_FXP_WRITE`/`SSH_FXP_DATA` packets (#188). Measured impact
    on a CPU-bound host: 1 GiB SFTP upload throughput improves from
    74.8 MiB/s to 96.4 MiB/s (+29%).
  - Forward-port unreleased upstream russh fixes (#193): exclude SHA-1 MACs
    from `Preferred::DEFAULT`/`COMPRESSED` (russh #690), fix channel write
    ordering when `pending_data` is non-empty (russh #693).
  - Upgrade dependencies: tokio 1.52.1, clap 4.6.1, tracing 0.1.44, lru 0.17,
    uuid 1.23.1, tokio-util 0.7.18, aws-lc-rs 1.16.3.

  ### Migration Notes
  - **Default file-transfer behavior is no longer chrooted to the user's
    home directory.** With `sftp.root`/`scp.root` unset (the default),
    absolute client paths are honored verbatim and relative paths resolve
    from the user's home directory. Deployments that intentionally want
    chroot-at-home-dir must now set `sftp.root: <home dir>` explicitly.

  ### Documentation
  - Standardize man page trailers (bssh.1, bssh-keygen.1, bssh-server.8)
    with consistent BUGS / AUTHORS / COPYRIGHT / SEE ALSO ordering and
    Apache-2.0 license notice.

  ### CI/CD Improvements
  - Bump GitHub Actions to Node.js 24-compatible versions:
    actions/checkout v4 -> v6, actions/cache v4 -> v5,
    actions/upload-artifact v4 -> v7, apple-actions/import-codesign-certs
    v3 -> v7.

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 30 Apr 2026 00:00:00 +0900

bssh (2.1.2-1~jammy1) jammy; urgency=medium

  * v2.1.2
  ### Bug Fixes
  - Restore terminal mouse tracking state on PTY session disconnect (#190):
    after a PTY session disconnects (normal exit, Ctrl+C, network drop, or
    panic), the local terminal no longer prints raw SGR mouse escape
    sequences. All cleanup paths now emit the full set of mouse-tracking-off
    sequences (modes 1000, 1002, 1003, 1006, 1015) plus cursor-show and
    alternate-screen-exit on teardown.
  - Make force_terminal_cleanup safe to call from the panic hook: switch to
    try_lock() so a poisoned mutex or self-held lock cannot deadlock or
    secondary-panic during teardown.

  ### CI/CD Improvements
  - Trigger Homebrew formula update only after the official release
    (workflow_call from publish-release), not on every Release workflow run.
  - Prevent double-trigger of the release workflow by removing the
    "published" event type — publish-release already handles the
    pre-release to official conversion.

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 27 Apr 2026 00:00:00 +0900

bssh (2.1.1-1~jammy1) jammy; urgency=high

  * v2.1.1
  ### Bug Fixes
  - Fixed bssh-server panic on every client connection: block_on() called inside
    tokio async runtime for auth rate limiter ban check (#185)
  - Fixed bssh-server rejecting authenticated clients: session not registered
    with SessionManager after successful key/password verification (#185)

  ### Improvements
  - Improved Launchpad PPA packaging for Rust 2024 edition
  - Added sanitize-vendor.py for vendored crate checksum sanitization

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 17 Apr 2026 00:00:00 +0900

bssh (2.1.0-1~jammy1) jammy; urgency=medium

  * v2.1.0
  ### New Features
  - EnvGuard RAII wrapper for safe environment variable handling in tests (#179, #181)

  ### Improvements
  - Migrated bssh and bundled bssh-russh crate to Rust 2024 edition
  - Applied 2024 edition clippy improvements: collapsed 38 nested if-let statements into guard-clause form in bssh-russh
  - Replaced 177 ad-hoc unsafe env::set_var/remove_var call sites across 17 test files with EnvGuard + #[serial]
  - Removed hand-rolled ENV_MUTEX pattern in integration tests in favor of #[serial]

  ### Bug Fixes
  - Fixed pattern matching for Rust 2024 edition: removed explicit ref / ref mut bindings in if-let patterns

  ### CI/CD Improvements
  None

  ### Technical Details
  - Added Test Environment-Variable Mutation Pattern section to ARCHITECTURE.md documenting EnvGuard soundness contract

  ### Dependencies
  - Pinned bytes to v1.11.1

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Tue, 14 Apr 2026 12:00:00 +0900

bssh (2.0.1-1~jammy1) jammy; urgency=medium

  * v2.0.1
  ### New Features
  None

  ### Improvements
  - Add bssh-keygen to Debian package build pipeline

  ### Bug Fixes
  - Fix GitHub Actions debian_build.yml distro configuration (questing -> resolute)

  ### CI/CD Improvements
  - Added bssh-keygen to Debian package matrix for all architectures
  - Fixed GitHub Actions workflow validation issue in debian_build.yml

  ### Technical Details
  - Created debian/control.bssh-keygen.binary and debian/rules.bssh-keygen.binary for bssh-keygen packaging

  ### Dependencies
  - Bumped bssh-russh from 0.60.0 to 0.60.1 with RustCrypto security updates
  - Updated RC dependency versions: rsa 0.10.0-rc.17, elliptic-curve 0.14.0-rc.30, p256/p384/p521 0.14.0-rc.8, ml-kem 0.3.0-rc.2
  - Upgraded spki from 0.8.0-rc.4 to 0.8.0 (stable)

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Sun, 13 Apr 2026 12:00:00 +0900

bssh (2.0.0-1~jammy1) jammy; urgency=medium

  * v2.0.0
  ### New Features
  - **bssh-server SSH Server**: A lightweight SSH server designed for container environments
    - Full SSH, SFTP, and SCP protocol support
    - PTY/shell session support with terminal handling
    - Password and public key authentication
    - YAML-based comprehensive configuration system
    - Command execution handler with security controls
  - **Audit Logging Infrastructure**: Comprehensive audit logging system
    - File-based audit exporter (JSON Lines format)
    - OpenTelemetry audit exporter for observability platforms
    - Logstash audit exporter for ELK stack integration
  - **Security Features**: Enhanced security controls
    - IP-based access control (allow/deny lists)
    - Authentication rate limiting (fail2ban-like protection)
    - Session management and connection limits
    - Path traversal prevention in SFTP handler
  - **File Transfer Filtering**: Control file transfers
    - Path-based and pattern-based filter rules
    - Configurable filter actions (allow/deny)
  - **bssh-keygen Tool**: SSH key pair generation utility
  - **Server Configuration Enhancements**
    - Per-jump-host SSH private key configuration
    - SSH config Host alias reference in jump_host configuration
    - SSH keepalive settings in interactive mode
  - **Separate Packaging**: bssh and bssh-server distributed as separate packages

  ### Improvements
  - Added comprehensive server configuration manual and manpages
  - Shared module structure for client/server code reuse
  - Help examples and man pages now correctly use -C (uppercase) for the cluster flag

  ### Bug Fixes
  - Fix inconsistent SSH idle disconnects: override russh's 10-minute inactivity_timeout when keepalive is enabled, enable TCP SO_KEEPALIVE on the socket via socket2, and wire user-configured server_alive_interval through the exec-mode code path (previously dropped at the ConnectionConfig boundary)
  - Use consistent source package name in bssh-server Debian control file
  - Use type inference for ioctl to support both glibc and musl builds in bssh-server

  ### CI/CD Improvements
  - Updated release workflow for dual-package distribution
  - Separate Debian packages for client and server
  - Separate Homebrew formulas for each component
  - Added Teams release notification
  - Updated non-LTS Ubuntu target from 25.04 plucky to 25.10 questing

  ### Technical Details
  - russh-based SSH server handler implementation
  - Modular audit exporter architecture with trait-based design
  - SshConnectionConfig::to_russh_config() now sets inactivity_timeout explicitly; to_tcp_keepalive() derives kernel TCP keepalive params
  - Client::connect_with_config rewritten around russh::client::connect_stream to apply SO_KEEPALIVE before handshake
  - Key-gen sites use rand::rng() directly now that rand 0.10 stable is reachable

  ### Dependencies
  - Synced bssh-russh fork with upstream warp-tech/russh v0.60.0, pulling in the RustCrypto migration
  - rand 0.8 -> 0.10 stable (via rand_core 0.10.0), signature 3.0.0-rc.10, ed25519-dalek 3.0.0-pre.6, elliptic-curve 0.14.0-rc.28, p256/p384/p521 0.14.0-rc.7, ecdsa 0.17.0-rc.16, curve25519-dalek 5.0.0-pre.6, der 0.8, sec1 0.8, pkcs8 0.11.0-rc.11, pkcs5 0.8.0-rc.13, spki 0.8.0-rc.4, ml-kem 0.3.0-rc.1, ssh-key 0.6.18
  - tokio 1.50.0 -> 1.51.1, socket2 0.6.1 -> 0.6.3, signal-hook 0.4.3 -> 0.4.4, fastrand 2.3.0 -> 2.4.1, async-compression 0.4.37 -> 0.4.41, bytes 1.11.0 -> 1.11.1

  ### Breaking Changes
  - Package split: bssh-server now requires separate installation

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 13 Apr 2026 12:00:00 +0900

bssh (1.7.0-1~jammy1) jammy; urgency=medium

  * v1.7.0
  ### New Features
  - **SSH Keepalive Support**: Added SSH keepalive to prevent idle connection timeouts (#122)
    - `--server-alive-interval` option: Configure keepalive interval in seconds (default: 60, 0 to disable)
    - `--server-alive-count-max` option: Maximum keepalive messages without response before disconnect (default: 3)
    - Configuration support in config.yaml via `server_alive_interval` and `server_alive_count_max` fields
    - Helps maintain long-running sessions through firewalls that drop idle connections

  ### Improvements
  - **Documentation**: Added GitHub downloads badge to README

  ### Bug Fixes
  None

  ### CI/CD Improvements
  None

  ### Technical Details
  - Implemented SSH keepalive packet sending at configurable intervals
  - Automatic connection termination after max retries without response
  - Full integration with all execution modes (exec, interactive, file transfer)

  ### Dependencies
  - Updated russh from 0.55.0 to 0.56.0
  - Updated ratatui from 0.29.0 to 0.30.0
  - Updated signal-hook from 0.3.18 to 0.4.1
  - Updated whoami from 1.6.1 to 2.0.1
  - Updated unicode-width from 0.2.0 to 0.2.2

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 09 Jan 2026 00:00:00 +0900

bssh (1.6.0-1~jammy1) jammy; urgency=medium

  * v1.6.0
  ### New Features
  - **Jump Host Configuration Support in YAML**: Added `jump_host` field support in config.yaml (issue #115)
    - Global defaults level: `defaults.jump_host` for all clusters
    - Cluster level: `clusters.<name>.jump_host` for cluster-specific settings
    - Node level: Per-node `jump_host` in detailed node configuration
    - Environment variable expansion supported (`${VAR}` or `$VAR` syntax)
    - Empty string (`""`) explicitly disables jump host inheritance
    - CLI `-J` option always takes precedence over configuration

  ### Improvements
  - **SSH Config ProxyJump Directive**: Apply SSH config ProxyJump directive when -J option not specified (issue #117)
    - ProxyJump directive from SSH config now properly applied as fallback
    - Priority order: CLI `-J` > config.yaml jump_host > SSH config ProxyJump
  - **Documentation**: Added comprehensive jump_host configuration documentation
    - Updated README.md with configuration examples
    - Added docs/architecture/ssh-jump-hosts.md with detailed architecture
    - Updated example-config.yaml with all jump_host configuration patterns

  ### Bug Fixes
  - **Jump Host Authentication**: Fix jump host authentication fails with empty SSH agent (issue #116)
    - Properly handle empty SSH agent when authenticating through jump hosts
    - Fall back to key-based authentication when agent has no identities
  - **Config Fallback**: Apply expand_env_vars to jump_host and add config fallback for exec/interactive
    - Environment variables now properly expanded in jump_host values
    - Configuration jump_host properly used in exec and interactive modes

  ### CI/CD Improvements
  - Updated GitHub workflows

  ### Technical Details
  - Added ConfigResolver::resolve_jump_host() method for centralized jump host resolution
  - Jump host priority: CLI > Node > Cluster > Global defaults
  - Comprehensive test coverage: 424 lines of tests for jump_host configuration
  - Integration tests for all priority levels and edge cases

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 19 Dec 2025 00:00:00 +0900

bssh (1.5.1-1~jammy1) jammy; urgency=medium

  * v1.5.1
  ### New Features
  None

  ### Improvements
  None

  ### Bug Fixes
  - **SSH Disconnect Error Handling**: Handle SshError(Disconnect) during authentication for password fallback (issue #113)
    - Fixed handling of SSH disconnect errors during authentication phase
    - Enables proper password fallback when SSH connection is disconnected during auth

  ### CI/CD Improvements
  None

  ### Technical Details
  - Extended auth error matching to include SshError::Disconnect variant
  - Improved robustness of password fallback authentication flow

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Wed, 18 Dec 2025 00:00:00 +0900

bssh (1.5.0-1~jammy1) jammy; urgency=medium

  * v1.5.0
  ### New Features
  - **pdsh Compatibility Mode**: Full pdsh-style command line compatibility
    - `-w hosts` option mapped to `-H hosts` for target host specification
    - `-x hosts` option mapped to `--exclude hosts` for host exclusion
    - `-f N` option mapped to `--parallel N` for fanout control
    - `-l user` option for remote username
    - `-N` option for disabling hostname prefix in output
    - `-b` option for batch mode (single Ctrl+C termination)
    - `-k` option for fail-fast mode (stop on first failure)
    - `-q` query mode to show target hosts and exit
  - **Hostlist Expressions**: pdsh-style range expansion support
    - Range expansion: `node[1-5]` → node1, node2, node3, node4, node5
    - Zero-padded ranges: `node[01-05]` → node01, node02, ...
    - Comma-separated values: `node[1,3,5]` → node1, node3, node5
    - Cartesian product: `rack[1-2]-node[1-3]` → 6 hosts
    - File input with `^/path/to/hostfile`
  - **In-TUI Log Panel**: Toggle visibility with `l` key
    - Color-coded by level (ERROR red, WARN yellow)
    - Configurable buffer size via BSSH_TUI_LOG_MAX_ENTRIES
  - **--connect-timeout Option**: Separate connection timeout from command timeout
    - Default: 30 seconds, minimum: 1 second

  ### Improvements
  - CI workflow simplification by merging jobs into single pipeline

  ### Bug Fixes
  - Fixed --timeout 0 handling to correctly treat as unlimited instead of ignoring
  - Fixed #[serial] attribute for env var tests to prevent race conditions
  - Fixed connect_timeout propagation through all SSH connection paths

  ### CI/CD Improvements
  - Simplified CI workflow by merging multiple jobs into single pipeline

  ### Technical Details
  - pdsh compatibility layer core infrastructure
  - Comprehensive hostlist expression parser with cartesian product support
  - Added explicit CLI test for --timeout 0 behavior

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Wed, 18 Dec 2025 00:00:00 +0900

bssh (1.4.2-1~jammy1) jammy; urgency=medium

  * v1.4.2
  ### New Features
  None

  ### Improvements
  None

  ### Bug Fixes
  - **PTY Session Fixes**: Fixed terminal escape sequence responses and paste functionality
    - Fixed terminal escape sequence responses displayed on first prompt when starting tmux (#90)
    - Fixed paste not working in PTY sessions (#89)

  ### CI/CD Improvements
  None

  ### Technical Details
  - Terminal handling improvements for PTY sessions
  - Better compatibility with tmux and terminal multiplexers

  ### Dependencies
  - Bumped dependencies to latest versions

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 16 Dec 2025 00:00:00 +0900

bssh (1.4.1-1~jammy1) jammy; urgency=medium

  * v1.4.1
  ### New Features
  None

  ### Improvements
  - **TUI Module Documentation**: Added comprehensive TUI module documentation to README.md and ARCHITECTURE.md
    - Detailed keyboard shortcuts reference table
    - View modes description table
    - TUI activation conditions and requirements
  - **Test Coverage**: Added 84 new tests for TUI and streaming execution
    - tests/tui_snapshot_tests.rs: 20 tests for TUI rendering
    - tests/tui_event_tests.rs: 36 tests for keyboard navigation and view transitions
    - tests/streaming_integration_tests.rs: 28 tests for streaming infrastructure
    - benches/large_output_benchmark.rs: Performance benchmarks for large output handling

  ### Bug Fixes
  - **Password Fallback Extension**: Extended password fallback to handle SSH agent authentication failures
    - Now correctly triggers for AgentAuthenticationFailed, AgentNoIdentities, AgentConnectionFailed, AgentRequestIdentitiesFailed
    - Added is_auth_error_for_password_fallback() helper for testability
    - Added unit tests and integration tests for password fallback

  ### CI/CD Improvements
  None

  ### Technical Details
  - Added insta 1.34 for snapshot testing
  - Added criterion 0.5 for benchmarking
  - Added mockall 0.12 for mocking in integration tests
  - Refactored test code for improved quality

  ### Dependencies
  - insta 1.34 (dev-dependency)
  - criterion 0.5 (dev-dependency)
  - mockall 0.12 (dev-dependency)

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 16 Dec 2025 00:00:00 +0900

bssh (1.4.0-1~jammy1) jammy; urgency=medium

  * v1.4.0
  ### New Features
  - **Sudo Password Support**: Added `-S/--sudo-password` flag for automated sudo authentication
    - Securely prompts for sudo password before command execution
    - Automatically detects and responds to sudo password prompts
    - Works with both streaming and non-streaming execution modes
    - `BSSH_SUDO_PASSWORD` environment variable support (with security warnings)
    - Uses `secrecy` crate for secure memory handling
    - Password cleared from memory immediately after use

  ### Improvements
  - **Password Fallback**: Improved SSH debugging for compatibility
    - Enhanced password authentication fallback logic
    - Better error messages for SSH connection issues
  - **Developer Tooling**: Added githooks setup script for development workflow

  ### Bug Fixes
  - Fixed clippy warnings for useless_vec and same_item_push
  - Improved SSH compatibility with password fallback mechanism

  ### CI/CD Improvements
  - Added setup script for githooks

  ### Technical Details
  - Secure memory handling with secrecy and zeroize crates
  - Automatic sudo prompt detection and response

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Sun, 15 Dec 2025 00:00:00 +0900

bssh (1.3.0-1~jammy1) jammy; urgency=medium

  * v1.3.0
  ### New Features
  - **Interactive TUI**: Added interactive Terminal User Interface with multiple view modes
    - Summary view: All nodes at a glance with progress bars
    - Detail view (1-9): Full output from specific node with scrolling
    - Split view (s): Monitor 2-4 nodes simultaneously
    - Diff view (d): Compare output from two nodes side-by-side
    - Auto-scroll (f): Toggle automatic scrolling
    - Navigation: Arrow keys, PgUp/PgDn, Home/End
    - Help (?): Show keyboard shortcuts
  - **Multi-node Stream Management**: Phase 2 streaming infrastructure
    - Real-time output modes for multi-node operations
    - Stream mode with [node] prefixes for real-time monitoring

  ### Bug Fixes
  - **PTY Escape Sequence Filtering**: Filter terminal escape sequence responses in PTY sessions
    - Fixed issue with terminal response codes appearing in output

  ### Technical Details
  - Implemented ratatui-based TUI rendering
  - Added multi-node output aggregation and display
  - Enhanced streaming infrastructure for real-time updates

 -- Jeongkyu Shin <inureyes@gmail.com>  Wed, 10 Dec 2025 00:00:00 +0900

bssh (1.2.2-1~jammy1) jammy; urgency=medium

  * v1.2.2
  ### Bug Fixes
  - **Backend.AI Auto-detection**: Improved host heuristics for Backend.AI environments
    - Added localhost and localhost.localdomain detection
    - Added IPv4 address validation (127.0.0.1, 192.168.x.x, etc.)
    - Enhanced detection for user@host, host:port, FQDN, IPv6 patterns
    - Users can now use `bssh localhost "command"` naturally in Backend.AI
    - 16 comprehensive tests added for host detection logic

  ### Technical Details
  - Extracted testable `looks_like_host_specification()` function
  - Added `is_ipv4_address()` helper with strict validation
  - Performance optimized with early returns
  - Updated ARCHITECTURE.md with detailed documentation

 -- Jeongkyu Shin <inureyes@gmail.com>  Tue, 29 Oct 2025 00:00:00 +0900

bssh (1.2.1-1~jammy1) jammy; urgency=medium

  * v1.2.1
  ### Bug Fixes
  - **Password Authentication**: Fixed password authentication fallback in interactive mode
    - Re-implemented proper password authentication fallback logic
    - Ensured password prompt works correctly after key-based auth fails
  - **Test Race Condition**: Fixed race condition in RankDetector tests
    - Added #[serial] attribute to prevent environment variable conflicts
    - Tests now run sequentially when accessing shared environment state

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 28 Oct 2025 00:00:00 +0900

bssh (1.2.0-1~jammy1) jammy; urgency=medium

  * v1.2.0
  ### BREAKING CHANGES
  - **Exit Code Behavior Changed**: Now returns main rank's actual exit code by default
    - Old behavior (v1.0-v1.1): Returns 0 only if all nodes succeed, 1 if any fail
    - New behavior (v1.2.0+): Returns main rank's actual exit code (matches MPI standard)
    - Migration: Use --require-all-success flag to preserve old behavior
    - Benefit: Preserves actual exit codes (139=SIGSEGV, 137=OOM, 124=timeout)

  ### New Features
  - **Exit Code Strategy**: Main rank exit code returned by default
    - Matches MPI standard tools (mpirun, srun, mpiexec)
    - Preserves actual exit codes for better diagnostics
    - --require-all-success flag for legacy behavior
    - --check-all-nodes flag for hybrid mode
    - Automatic main rank detection via BACKENDAI_CLUSTER_ROLE
  - **Example Scripts**: Added mpi_exit_code.sh and health_check.sh examples

  ### Improvements
  - Exit code behavior aligns with HPC and distributed computing best practices
  - Enables sophisticated error handling in shell scripts and CI/CD pipelines

  ### Bug Fixes
  - Fixed security-framework dependency version (downgraded from 3.5.1 to 2.12.1)
  - Fixed cargo clippy warnings in test code

  ### Testing
  - Added comprehensive exit code tests (86 total test cases)
  - Added serial test runner for environment-dependent tests
  - Documentation updates for breaking changes in README, CHANGELOG, ARCHITECTURE

  ### Dependencies
  - Updated security-framework to 2.12.1 for better compatibility

 -- Jeongkyu Shin <inureyes@gmail.com>  Sun, 27 Oct 2025 21:00:00 +0900

bssh (1.1.0-1~jammy1) jammy; urgency=medium

  * v1.1.0
  ### New Features
  - **macOS Keychain Integration**: Complete Phase 2 implementation of UseKeychain SSH option
    - Automatic passphrase storage in macOS Keychain after successful authentication
    - Automatic passphrase retrieval before prompting user
    - Secure memory handling with Zeroizing for all sensitive data
    - Integration with SSH config UseKeychain option per host
  - **ProxyUseFdpass Support**: Added ProxyUseFdpass SSH configuration option
    - Optimizes ProxyCommand usage by passing connected file descriptors
    - Reduces overhead from lingering processes and extra read/write operations
  - **Password Authentication Fallback**: Automatic password retry when key-based auth fails
    - Matches OpenSSH standard behavior
    - Interactive terminal detection with TTY checks
    - Works for both exec and interactive modes

  ### Improvements
  - **Security Enhancements**: Multiple security improvements from PR review
    - SSH key file ownership validation (prevents storing passphrases for others' keys)
    - User consent prompt before password fallback authentication
    - Rate limiting between authentication attempts (prevents brute-force)
    - World-readable SSH key permission warnings
  - **Code Quality**: Eliminated 251 lines of code duplication in connection logic
  - **Cross-Platform**: All macOS-specific code properly isolated with conditional compilation

  ### Bug Fixes
  - Fixed clippy warnings (unused_mut, unused_imports, dead_code) on non-macOS platforms
  - Fixed interactive mode missing use_keychain field causing authentication failures
  - Fixed password prompt not appearing when connecting to new servers

  ### Dependencies
  - Added security-framework crate for macOS Keychain API integration
  - Added libc crate for macOS user ID checks

 -- Jeongkyu Shin <inureyes@gmail.com>  Fri, 24 Oct 2025 17:31:48 +0900

bssh (1.0.0-1~jammy1) jammy; urgency=medium

  * v1.0.0
  ### New Features
  - **Comprehensive SSH Configuration Support**: Added ~71 SSH configuration options (~69% coverage of OpenSSH's 103 options)
    - Certificate Authentication Options: CertificateFile, CASignatureAlgorithms, HostbasedAuthentication, HostbasedAcceptedAlgorithms
    - Advanced Port Forwarding Control: GatewayPorts, ExitOnForwardFailure, PermitRemoteOpen
    - Command Execution and Automation: PermitLocalCommand, LocalCommand, RemoteCommand, KnownHostsCommand, ForkAfterAuthentication, SessionType, StdinNull
    - Host Key Verification & Security: NoHostAuthenticationForLocalhost, HashKnownHosts, CheckHostIP, VisualHostKey, HostKeyAlias, VerifyHostKeyDNS, UpdateHostKeys
    - Additional Authentication Options: NumberOfPasswordPrompts, EnableSSHKeysign
    - Network & Connection Options: BindInterface, IPQoS, RekeyLimit
    - X11 Forwarding Options: ForwardX11Timeout, ForwardX11Trusted
    - Authentication and Security Management: IdentitiesOnly, AddKeysToAgent, IdentityAgent, PubkeyAcceptedAlgorithms, RequiredRSASize, FingerprintHash
    - Include and Match directive support for flexible configuration
    - Support for both "Option Value" and "Option=Value" syntax

  ### Improvements
  - **Modular SSH Config Parser**: Refactored oversized parser.rs (1706 lines) into category-based modules (~200-350 lines each)
  - **Enhanced Security**: Comprehensive security hardening for SSH configuration
    - Path validation to prevent usage of sensitive system files
    - Memory exhaustion prevention with entry limits
    - Command injection prevention for LocalCommand and KnownHostsCommand
    - Token validation and dangerous character detection
    - Algorithm list validation with deduplication
  - **Terminology Cleanup**: Removed phase terminology from codebase and documentation for better clarity

  ### Bug Fixes
  - Fixed critical security vulnerabilities in SSH config parser (Priority: CRITICAL/HIGH)
  - Enhanced input validation and error handling

  ### CI/CD Improvements
  None

  ### Technical Details
  - Enhanced SSH configuration merging logic with proper priority handling
  - Comprehensive test coverage: 278 tests including parser, resolver, integration, and security tests
  - Improved code organization and maintainability with modular structure
  - Support for scalar option override and vector option accumulation with deduplication

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 24 Oct 2025 00:00:00 +0900

bssh (0.9.1-1~jammy1) jammy; urgency=medium

  * v0.9.1
  ### New Features
  None

  ### Improvements
  - **PTY Terminal Modes**: Complete implementation of PTY terminal modes for better interactive session support
  - **Shift Key Input Support**: Full Shift key input handling in PTY mode for proper terminal behavior

  ### Bug Fixes
  - Fixed terminal mode implementation for PTY sessions
  - Improved Shift key input handling in interactive mode

  ### CI/CD Improvements
  None

  ### Technical Details
  - Enhanced terminal mode settings for PTY allocation
  - Implemented proper terminal flag handling for interactive sessions
  - Improved keyboard input processing for special keys

  ### Dependencies
  None

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 14 Oct 2025 00:00:00 +0900

bssh (0.9.0-1~jammy1) jammy; urgency=medium

  * v0.9.0
  ### New Features
  - **SSH ProxyJump File Transfer Support**: Added complete file transfer operations through SSH jump hosts (#39)
    - Upload single files through jump host chains
    - Download single files through jump hosts
    - Upload directories recursively through jump hosts
    - Download directories through jump hosts
    - All file transfer operations now fully support multi-hop SSH connections

  ### Improvements
  - **Jump Host Interactive Mode**: Interactive shell sessions now work through jump hosts
    - Dynamic timeout calculation based on hop count (30s base + 15s per hop)
    - Prevents premature timeouts on multi-hop connections
    - Full authentication support (SSH keys, agent, password) for each hop
  - **Package Updates**: Updated dependencies to latest versions for better security and stability

  ### Bug Fixes
  - Fixed interactive mode timeout issues when connecting through jump hosts
  - Fixed file transfer operations not working with jump host chains

  ### CI/CD Improvements
  None

  ### Technical Details
  - Parallel Executor Integration: Jump host support across all parallel operations
  - Updated executor.rs to propagate jump_hosts to all node operations
  - Maintains backward compatibility with Option<&str> type
  - All *_to_node() functions now accept jump_hosts parameter

  ### Dependencies
  - Added serial_test dependency for thread-safe environment variable testing
  - Updated various dependencies for security patches

  ### Breaking Changes
  None

  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Mon, 14 Oct 2025 00:00:00 +0900

bssh (0.8.0-1~jammy1) jammy; urgency=medium

  * v0.8.0
  ### New Features
  - **SSH Port Forwarding**: Added comprehensive SSH port forwarding support with local (-L), remote (-R), and dynamic (-D) SOCKS5 forwarding (#31)
    - Local port forwarding for accessing remote services through local ports
    - Remote port forwarding for exposing local services to remote servers
    - Dynamic port forwarding with SOCKS5 proxy support
    - Multiple simultaneous port forwarding configurations
    - Full integration with all authentication methods
  
  ### Improvements
  - **Error Handling**: Removed dangerous unwrap() calls throughout the codebase for better stability (#35)
  - **SSH Error Messages**: Improved error messages for SSH connection failures and authentication issues (#36)
  - **Command Execution**: Enabled automatic command execution for better usability
  
  ### Bug Fixes
  - Fixed potential panics from unwrap() calls in production code
  - Improved error recovery and reporting for SSH operations
  
  ### CI/CD Improvements
  None
  
  ### Technical Details
  - Complete SSH port forwarding implementation with Phase 1 and Phase 2 features
  - Comprehensive port forwarding architecture documentation
  - Enhanced error handling with proper Result types and context
  - Fixed DNS resolution errors in forwarding tests
  
  ### Dependencies
  - No major dependency changes in this release
  
  ### Breaking Changes
  None
  
  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Thu, 12 Sep 2025 00:00:00 +0900

bssh (0.7.0-1~jammy1) jammy; urgency=medium

  * v0.7.0
  ### New Features
  - **SSH Jump Host Support**: Added infrastructure and CLI integration for SSH jump hosts using OpenSSH-compatible -J syntax (#30)
    - Robust parsing of OpenSSH ProxyJump format (e.g., `user@host:port,user2@host2:port2`)
    - Support for single and multiple jump hosts in chain
    - IPv6 address handling with bracket notation
    - Comprehensive input validation and error handling
    - Full integration with all commands (exec, ping, upload, download)
  
  ### Improvements
  - **Ubuntu PPA**: Improved Ubuntu PPA build process and package generation
  - **Debian Packaging**: Enhanced Cargo vendor support for older distribution compatibility
  
  ### Bug Fixes
  - Fixed Ubuntu PPA update issues
  - Fixed deprecated GitHub Actions by replacing actions-rs/toolchain with dtolnay/rust-toolchain
  
  ### CI/CD Improvements
  - Modernized GitHub Actions workflow by removing deprecated actions
  - Improved build process for Debian-based distributions
  
  ### Technical Details
  - Jump host parser implementation with comprehensive error handling
  - OpenSSH-compatible command-line syntax for ProxyJump functionality
  - Enhanced logging for jump host connection debugging
  
  ### Dependencies
  - No major dependency changes in this release
  
  ### Breaking Changes
  None
  
  ### Known Issues
  None

 -- Jeongkyu Shin <inureyes@gmail.com>  Sat, 30 Aug 2025 08:48:19 +0900

