Files
alknet/docs/architecture/crates/alknet-ssh/spec.md
glm-5.1 f77b515968 docs(architecture): add Phase 0 architecture specs for ALPN-as-service model
Foundational architecture documents following the SDD process:

ADRs:
- 001: ALPN-based protocol dispatch (one endpoint, ALPN negotiation)
- 002: ProtocolHandler trait (replaces StreamInterface/MessageInterface)
- 003: Crate decomposition (one crate per handler, core provides shared infra)
- 004: Auth as shared core (IdentityProvider, hybrid resolution model)
- 005: irpc as call protocol foundation
- 006: ALPN string convention and connection model (alknet/ prefix, one ALPN per connection)

Docs:
- overview.md: crate graph, shared types, ALPN registry, failure modes
- README.md: index with doc table, ADR table, lifecycle definitions
- open-questions.md: 10 OQs across 7 themes (3 resolved, 7 open)

Crate spec stubs for all 11 planned crates (alknet-core through alknet CLI).

Key decisions resolved during self-review:
- AuthContext resolution is hybrid: endpoint resolves TLS-level auth,
  handlers resolve protocol-level auth (resolves OQ-02)
- ALPN is per-connection not per-stream, corrected ADR-001 (resolves OQ-06)
- ALPN naming uses alknet/ prefix without versions (resolves OQ-03)
- HandlerError return type on ProtocolHandler trait
- alknet/secret removed from ALPN registry until OQ-08 resolved
2026-06-15 22:14:58 +00:00

912 B

status, last_updated
status last_updated
planned 2026-06-15

alknet-ssh

Status: Planned — This spec has not been written yet. It will be produced as part of Phase 2 architecture work.

Purpose

SSH handler implementing ProtocolHandler on ALPN alknet/ssh. Provides russh-based SSH-2 handshake, channel multiplexing, SOCKS5 proxy, and port forwarding (direct-tcpip, forwarded-tcpip, streamlocal-forward).

Port Source

Old module Lines Notes
src/interface/ssh.rs 982 SSH channel handling
src/server/handler.rs 974 SSH server handler
src/server/channel_proxy.rs 555 Channel proxy
src/client/* ~1900 SOCKS5 client, connect logic
src/socks5/* ~800 SOCKS5 protocol

References

  • overview.md
  • ADR-002: ProtocolHandler trait
  • ADR-004: Auth as shared core
  • russh reference: docs/research/references/ssh/russh/