proxy-jump #4

Merged

Arctic merged 10 commits from proxy-jump into main

2026-04-23 05:45:21 +00:00

Arctic commented

2026-04-23 05:45:11 +00:00

Owner

feat: add managed ProxyJump support and SSH config migration

Add first-class ProxyJump and ProxyCommand support across the host
model, UI, and inventory display, including proxy-aware edit prompts
and a new "Via (Proxy)" column.

Switch managed SSH operations to use the main SSH config and host labels
(ssh -F ... -- <label>) so connect, key install, key rotation, and
remote cleanup all honor per-host proxy settings.

Harden SSH config handling by:

enforcing managed host-key directives on host fragments
migrating existing ~/.ssh/config files to include conf/*/config
tightening Include detection to avoid false positives
validating usernames and proxy directives more strictly

Improve key-management safety by rejecting symlink identity files,
handling overwrite/rotation flows more safely, and making remote key
installation prefer flock while preserving compatibility on systems
where flock is unavailable.

Refresh docs, tests, and CI to cover the managed-SSH path, config
migration behavior, updated inventory table, and release artifact naming.

feat: add managed ProxyJump support and SSH config migration Add first-class ProxyJump and ProxyCommand support across the host model, UI, and inventory display, including proxy-aware edit prompts and a new "Via (Proxy)" column. Switch managed SSH operations to use the main SSH config and host labels (`ssh -F ... -- <label>`) so connect, key install, key rotation, and remote cleanup all honor per-host proxy settings. Harden SSH config handling by: - enforcing managed host-key directives on host fragments - migrating existing ~/.ssh/config files to include conf/*/config - tightening Include detection to avoid false positives - validating usernames and proxy directives more strictly Improve key-management safety by rejecting symlink identity files, handling overwrite/rotation flows more safely, and making remote key installation prefer flock while preserving compatibility on systems where flock is unavailable. Refresh docs, tests, and CI to cover the managed-SSH path, config migration behavior, updated inventory table, and release artifact naming.

Arctic added 10 commits

2026-04-23 05:45:11 +00:00

Add first-class ProxyJump and ProxyCommand support

continuous-integration/drone/push Build is passing

Details

cc3413f4b7

Extend HostConfig and HostRecord with optional proxy fields, parse and
write OpenSSH directives, and update edit logic to add/remove lines
like IdentityFile. New inventory column Via (Proxy); add/edit flows
prompt for bastion jump vs custom ProxyCommand with mutual exclusion.

Bump version to 0.1.13.

SSH Manager: ProxyJump, host-key policy, lean inventory, opt-in proxy 2128aec55f

- Add ProxyJump/ProxyCommand with structured prompts and per-fragment host-key verification (accept-new + known_hosts), startup migration for existing fragments.
- Drop Conf Directory from the main inventory table; optional proxy setup on add host (y/n) before prompts.
- Bump version to 0.1.14.

ci: trigger Drone pipeline

continuous-integration/drone/push Build is passing

Details

8f3b84f28c

Fix BUG_REVIEW B-01–B-19: SSH flows, validation, keys, UX, CI ddcafbd9cc

- Connect/probes use main config and host labels; probe disables ControlMaster.
- Harden Host/User/label parsing and ProxyJump IPv6 and round-trips.
- Reject symlink key paths for reads; tighten dirs to 0o700; flock remote install.
- Multi-digit menu jumps, cancel UX, update_host_config outcomes, Drone arch artifact.

ci: retrigger Drone pipeline

continuous-integration/drone/push Build is failing

Details

19cb82918d

style: apply rustfmt for CI cargo fmt --check

continuous-integration/drone/push Build is passing

Details

d7337a4f1f

v0.1.15: managed SSH install, config migration, and remote fixes acfb2b2c9b

chore(ci): trigger Drone build

continuous-integration/drone/push Build is passing

Details