Skip to content

feat(ssh): native SSH support — PTY terminal + SFTP filesystem#276

Open
dcieslak19973 wants to merge 26 commits into
crynta:mainfrom
dcieslak19973:main
Open

feat(ssh): native SSH support — PTY terminal + SFTP filesystem#276
dcieslak19973 wants to merge 26 commits into
crynta:mainfrom
dcieslak19973:main

Conversation

@dcieslak19973
Copy link
Copy Markdown

@dcieslak19973 dcieslak19973 commented May 16, 2026

Summary

  • Adds native SSH support using russh + russh-sftp (pure Rust, no OpenSSH dependency)
  • SSH profiles stored persistently with key file or SSH agent auth
  • TOFU (Trust On First Use) host key fingerprint verification
  • Full PTY terminal over SSH wired to the existing xterm.js frontend
  • All filesystem commands (read, write, stat, create, rename, delete, search, grep) branch on SSH via SFTP
  • WorkspaceEnvSelector shows SSH profiles alongside WSL distros, works cross-platform
  • SSH settings tab for managing profiles (name, host, port, user, auth method, key path)
  • Auto-reconnects last SSH profile on app startup

New dependencies

  • russh = "0.45" — SSH client
  • russh-sftp = "2" — SFTP over russh sessions
  • uuid = "1" — profile IDs
  • shellexpand = "3"~ expansion in key paths

Architecture

A new WorkspaceEnv::Ssh { profile_id } variant flows through all PTY and FS commands. Each command branches early on SSH, delegating to SFTP wrappers or an SSH exec channel. Local paths use the existing spawn_blocking path unchanged.

Test plan

  • Add an SSH profile in Settings → SSH
  • Connect via the workspace selector — TOFU dialog appears on first connect
  • Terminal opens and is interactive (shell, ls, vim, etc.)
  • File explorer shows remote filesystem, files open in editor
  • Restart app — auto-reconnects to last SSH profile

🤖 Generated with Claude Code

@dcieslak19973 dcieslak19973 requested a review from crynta as a code owner May 16, 2026 00:33
Copilot AI review requested due to automatic review settings May 16, 2026 00:33
dcieslak19973 and others added 22 commits May 16, 2026 10:39
@claude
docs: add native SSH support design spec
1553a9e 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
docs: add SSH support implementation plan
2519b32 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
chore(ssh): add russh deps, stub ssh module
d79718d 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
chore(ssh): remove dead serde attr from placeholder SshProfile
2ae425d
feat(ssh): add Ssh variant to WorkspaceEnv
f257606
@claude
feat(ssh): profile CRUD — store, types, tauri commands
0e60769 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(ssh): optimistic store updates, error handling in loadProfiles
ecfc7a3
feat(ssh): SshConn, SshState, ClientHandler with TOFU fingerprint
27de209
@claude
feat(ssh): ssh_connect, ssh_disconnect, key+agent auth
c6e211b 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(ssh): remove duplicate imports in ssh/mod.rs
8cdfd01
refactor(pty): PtyHandle enum supports local + SSH sessions
41bb54d
feat(ssh): SSH PTY channel — shell over russh wired to on_data/on_exit
2b6aa0e
fix(ssh): log unhandled channel msgs instead of silently discarding
d778485
@claude
feat(ssh): SFTP wrappers for read_dir, read_file, write_file, stat, C…
b66d2f0 
…RUD, search, grep

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(ssh): fs commands — SSH branch via SFTP for file, tree, mutate
ebd97cc
@claude
feat(ssh): branch fs::search and fs::grep on SSH via SFTP remote comm…
567a226 
…ands

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
feat(ssh): register SSH commands in lib.rs, add SshState::manage, ser…
70008b3 
…de tests

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
feat(ssh): WorkspaceEnvSelector SSH section + TOFU FingerprintDialog
6dcc989 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
feat(ssh): SSH settings tab with profile CRUD UI
cca5f91 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
fix(ssh): resolve Windows compile errors — russh API, private session…
5dfab8c 
… mod, profile cmd paths

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
fix(ssh): Windows compile fixes, flush timer, auto-reconnect on startup
2162093 
- Fix russh API paths for Windows (keys::key::PublicKey, keys::load_secret_key)
- Fix profile_id serde rename to camelCase for frontend compat
- Fix pty flush: use interval timer so output isn't stuck in pending buffer
- Add ssh_home command to fetch remote home dir via exec
- Auto-reconnect last SSH profile on app startup, persisted via lastSshProfileId pref
- Connect SSH before fetching home dir in switchWorkspace

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(ssh): check host fingerprint before authentication (TOFU security…
fb073a0 
… fix)

Credentials were previously transmitted before the user confirmed the host
fingerprint, enabling a MITM attacker to capture them on first connect.

Fix: after connecting, check whether this is a first-time host connection.
If the fingerprint is unknown, immediately disconnect and return
TOFU_REQUIRED:<fingerprint> — no credentials are sent. The frontend shows
the confirmation dialog; once the user accepts, ssh_fingerprint_save
persists the fingerprint and the caller retries ssh_connect.

Also adds ssh_fingerprint_save as a proper Tauri command (previously
fingerprint persistence was done silently server-side with no user consent).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crynta crynta Awaiting requested review from crynta crynta is a code owner

Copilot code review Copilot Awaiting requested review from Copilot

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dcieslak19973