Foundational architecture documents following the SDD process: ADRs: - 001: ALPN-based protocol dispatch (one endpoint, ALPN negotiation) - 002: ProtocolHandler trait (replaces StreamInterface/MessageInterface) - 003: Crate decomposition (one crate per handler, core provides shared infra) - 004: Auth as shared core (IdentityProvider, hybrid resolution model) - 005: irpc as call protocol foundation - 006: ALPN string convention and connection model (alknet/ prefix, one ALPN per connection) Docs: - overview.md: crate graph, shared types, ALPN registry, failure modes - README.md: index with doc table, ADR table, lifecycle definitions - open-questions.md: 10 OQs across 7 themes (3 resolved, 7 open) Crate spec stubs for all 11 planned crates (alknet-core through alknet CLI). Key decisions resolved during self-review: - AuthContext resolution is hybrid: endpoint resolves TLS-level auth, handlers resolve protocol-level auth (resolves OQ-02) - ALPN is per-connection not per-stream, corrected ADR-001 (resolves OQ-06) - ALPN naming uses alknet/ prefix without versions (resolves OQ-03) - HandlerError return type on ProtocolHandler trait - alknet/secret removed from ALPN registry until OQ-08 resolved
29 lines
912 B
Markdown
29 lines
912 B
Markdown
---
|
|
status: planned
|
|
last_updated: 2026-06-15
|
|
---
|
|
|
|
# alknet-ssh
|
|
|
|
> **Status: Planned** — This spec has not been written yet. It will be produced as part of Phase 2 architecture work.
|
|
|
|
## Purpose
|
|
|
|
SSH handler implementing `ProtocolHandler` on ALPN `alknet/ssh`. Provides russh-based SSH-2 handshake, channel multiplexing, SOCKS5 proxy, and port forwarding (direct-tcpip, forwarded-tcpip, streamlocal-forward).
|
|
|
|
## Port Source
|
|
|
|
| Old module | Lines | Notes |
|
|
|---|---|---|
|
|
| `src/interface/ssh.rs` | 982 | SSH channel handling |
|
|
| `src/server/handler.rs` | 974 | SSH server handler |
|
|
| `src/server/channel_proxy.rs` | 555 | Channel proxy |
|
|
| `src/client/*` | ~1900 | SOCKS5 client, connect logic |
|
|
| `src/socks5/*` | ~800 | SOCKS5 protocol |
|
|
|
|
## References
|
|
|
|
- [overview.md](../../overview.md)
|
|
- ADR-002: ProtocolHandler trait
|
|
- ADR-004: Auth as shared core
|
|
- russh reference: `docs/research/references/ssh/russh/` |