v0.57.0

Fixes

• fdf2925: fixed #625 - rand crate breakage (#628) (Eugene) #628
  • Note that this bumps the internal rand-core dependency. The stable rand-core dependency is still re-exported as russh::keys::ssh_key::rand_core.
• e265845: Make Config accessor methods for user/port/host public (#620) (Adam Chappell) #620

v0.56.0

Changes

• f1e1e1a: Add server side ping (#610) (Mark Bundschuh) #610

Fixes

• de9a452: fixed #337, fixed #597 - upgrade rsa crate to mitigate Marvin attack (#613) (Eugene) #613
• 70cce56: fixed #611 - prevent extension algos from being selected as a real kex (#612) (Eugene) #612
• 372f387: Fix comments handling of russh_config::parse_ssh_config. (#609) (tayu0110) #609
• bbaf489: Clean up of known_hosts_path() (#605) (Roger Knecht) #605

v0.55.0

Changes

• kex: add shared secret retrieval and kex_done callback (#604) #604 (stevenparkerco3)
• 08e1007: Bump Rust edition (#587) #587
• Implement NamedPipes-based stream (#472) #472 (Adrian Müller (DTT))
• 63f779c: Error on unsupported authentication method instead of panicking (#600) (lgmugnier) #600
• 1332a31: Update generic-array from 0.14 to 1.x (#586) (Kenny Root) #586
• 4bf0a0d: Implement better error messages for invalid configs during ssh connection setup. (#589) (Lucy) #589

Fixes

• upgrade libcrux-ml-kem since 0.0.3 was yanked (#606) #606 (Gaëtan) / (#608) (Kenny Root) #608
• 5b0c70f: Fix clippy lints to fix CI (#596) (Lucas Kent) #596
• 79e76af: Remove unneeded deps (#595) (Lucas Kent) #595
• 7acf9c5: Resolve warning: macro-expanded 'macro_export' macros from the current crate cannot be referred to by absolute paths (#592) (iamjpotts) #592

v0.54.6

Commits

• 140e482: Add ML-KEM post-quantum hybrid key exchange support (#585) (Kenny Root)

v0.54.5

Changes

• 6878bf1: A send_ping method for measuring latency (#576) (Môshe van der Sterre) #576
• adhere to ssh_config more strictly (#570) #570 (Philippe Laflamme)

Fixes

• strict kex sequence number check should only apply to initial exchange (#577) #577 (Kenny Root)
• add compile_error! when no crypto backend is enabled (#569) #569 (DCjanus)
• use sha256 as the default hashing algorithm when running agent tests (#573) #573 (Simon THOBY)
• handle empty ssh config files (#578) #578 (Philippe Laflamme)
• b6a446d: Update globset in russh-config to 0.4 (#568) (Pierce Bartine) #568
• e491140: [FIX] Ignore window adjustment after channel EOF (#580) (Eric Rodrigues Pires) #580
• 00b80b5: Addresses race condition from #226 (#579) (Lucy) #579

v0.54.4

Fixes

• 1ed8ca7: pageant fixes

v0.54.2

Fixes

• 98b7e91: fixed #558 - zlib compression fails after key renegotiation
• f0881aa: fixed #500 - Including TTY_OP_END in terminal_modes triggers ‘Packet integrity error’ due to duplicate sentinel

v0.54.1

Security fixes

• 0eb5e40: fixed CVE-2025-54804 - missing overflow check in channel window adjust
  • This vulnerability has allowed a malicious authenticated client or server to trigger a Rust panic in the russh server/client via a checked integer overflow

Fixes

• 2d0a418: Fix channels being closed prematurely (#554) (Eric Rodrigues Pires) #554

v0.54.0

Features

• 75459ca: Graceful server shutdown (#539)
  • run_on_socket now returns RunningServer instead of an opaque Future.
  • Call RunningServer.handle() to obtain an asynchronous handle.
  • Use RunningServerHandle.shutdown() to request a graceful server shutdown which will send MSG_DISCONNECT to all clients and wait for the sessions to close.
• make Config Clone (#544) (Philippe Laflamme)
• add a feature toggle for rsa (#550) (Philippe Laflamme)
• 43a09c9: Add Config.nodelay option for client (#551) (Tom) #551

Bug Fixes

• allow Stream to connect to multiple addresses (#545) (Philippe Laflamme)
• 5c3ac6e: Fix off-by-one error for keepalive timer (#543) (Eric Rodrigues Pires) #543

v0.53.0

Major changes

• c41d4f6: Use aws-lc-rs/ring implementation for AEAD ciphers (#535) (Eric Rodrigues Pires) #535

This improves AES-GCM encryption/decryption performance by 10x and ChaCha20-Poly1305 by at least 2x on commonly used targets.

aws-lc-rs is the default implementation, but you can opt to use ring instead by enabling the ring crate feature. On WASM, you will have to use russh with default-features = false, features = ["ring"] as the default features cannot be controlled per target, and aws-lc-rs does not support WASM.

Fixes

• 1d7e52f: Fail when accept() returns an Error (#518) (Pascal Grange) #518
• Dead loop when client receives messages (#524) #524 (wyhaya)
• 052109c: fixed #531 - merge fix from RustCrypto/SSH#351 (Eugene)

Features

• 04e529e: added aes128-gcm@openssh.com cipher support (#526) (handewo) #526
• cfe45e5: Support sending "no-more-sessions@openssh.com" requests (#527) (handewo) #527
• 1d49e7d: #323 - direct-streamlocal support on server side (#529) (Eugene) #529