feat: add Wake-on-LAN support for hosts#696
Merged
LukeGus merged 3 commits intoTermix-SSH:dev-2.1.0from Apr 12, 2026
Merged
Conversation
LukeGus
added a commit
that referenced
this pull request
Apr 22, 2026
* feat: enhance terminal theme preview and persistence (#637) - Refactor Terminal.tsx to optimize theme update logic and eliminate flashes - Implement localStorage persistence for terminal themes per host - Fix hover preview to redraw buffer content instantly - Ensure theme preferences survive cookie clears Co-authored-by: Gemini CLI <gemini@cli.local> * fix: update darwin platform identifier to osx (#626) * feat: implement SSH algorithms mapping and refactor cipher usage across SSH modules (#627) * feat: enhance WebSocket connection handling for embedded mode (#628) * fix(auth): pass JWT token via URL param for Electron/mobile OIDC callback (#630) The OIDC callback redirect did not include the JWT token as a URL parameter for desktop/mobile device types, causing Electron and React Native webviews to have jwt = undefined after login. Closes Termix-SSH/Support#562 * fix: remove hardcoded version number from dashboard (#632) The version text was initialized to "v1.8.0" which displayed incorrect version on the dashboard before the API response. Changed to empty string so it shows nothing until the real version is fetched. Closes Termix-SSH/Support#550 * fix: admin role toggle showing incorrect state after update (#633) After successfully toggling admin status, onSuccess() closes the dialog and clears the user reference, but onOpenChange(true) then reopens the dialog with null user, causing isAdmin state to not sync properly. Removed the redundant dialog reopen after success - let onSuccess handle the cleanup normally. Closes Termix-SSH/Support#549 * fix: allow disabling password login when OIDC is configured via env vars (#634) The admin OIDC config endpoint only checked the database for OIDC configuration, ignoring environment variables. This caused the frontend to incorrectly block disabling password login when OIDC was configured via OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, etc. Now falls back to getOIDCConfigFromEnv() when no database config exists, matching the behavior of the public /oidc-config endpoint. Closes Termix-SSH/Support#561 * fix: sync snippet selected terminals count when tabs are closed (#635) selectedSnippetTabIds was not cleaned up when terminal tabs were closed, causing the snippet dialog to show stale terminal count. Added useEffect to filter out IDs of closed tabs. Closes Termix-SSH/Support#534 * feature: toggle history globally (#636) * Fix RDP audio output and dynamic session resize (#625) Co-authored-by: AllX <contact@alexmaftei.com> * fix: check connection state before fallback exec in file manager (#644) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: check connection state before fallback exec in file manager When SFTP operations fail and tryFallbackMethod is called, the SSH client may already be disconnected. Calling client.exec() on a disconnected client throws an unhandled exception that crashes the backend process. Added connection state check at the start of all three tryFallbackMethod closures (listFiles, writeFile, uploadFile). Closes Termix-SSH/Support#451 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: restrict postMessage targetOrigin to prevent JWT leakage (#645) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: restrict postMessage targetOrigin to prevent JWT leakage Multiple postMessage calls used wildcard "*" as targetOrigin, allowing any parent window to intercept JWT tokens if Termix is embedded in an iframe. Changes: - main-axios.ts: Only send postMessage in Electron iframe context (added isElectron() check), use window.location.origin as target - Auth.tsx: Replace "*" with window.location.origin for all three AUTH_SUCCESS postMessage calls (already gated by isInElectronWebView) - ElectronLoginForm.tsx: Use server URL origin for iframe postMessage, fall back to "*" only if origin parsing fails --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: stats monitoring resolves SSH key from credential privateKey field (#643) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: stats monitoring resolves SSH key from credential privateKey field When loading credentials for status monitoring, only the `key` field was checked but not `privateKey`. The ssh_credentials table has both fields and some credentials store the key in `privateKey`. This caused stats polling to fail with auth errors for key-based credentials. Closes Termix-SSH/Support#429 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * feat: add collapse/expand all button for host manager folders (#642) * Update sha256 value for v2.0.0 universal dmg (#629) * feat: add collapse/expand all button for host manager folders All folders were always auto-expanded with no way to collapse them all at once. Added a toggle button in the toolbar that collapses or expands all folder accordions. Icon switches between ChevronsDownUp (collapse) and ChevronsUpDown (expand) to indicate current action. Closes Termix-SSH/Support#488 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: prevent invalid SSH key from crashing stats polling loop (#640) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: prevent invalid SSH key from crashing stats polling loop Two fixes: 1. Add .catch() to pollHostMetrics() call inside setInterval to prevent unhandled promise rejections from crashing the process 2. Add "Invalid SSH key format" to the auth failure error patterns in collectMetrics so it's properly tracked instead of re-thrown Closes Termix-SSH/Support#478 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: revoke all sessions when password is changed or reset (#647) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: revoke all sessions when password is changed or reset logoutUser() without sessionId only cleared in-memory crypto state but did not delete session records from the database. This meant old JWT tokens remained valid after password change/reset. Now deletes all session records for the user when no specific sessionId is provided, which is the code path used by password reset and password change handlers. --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: isolate RDP keyboard input to active tab (#663) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: disable RDP keyboard input when tab is not visible --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * Fix clipboard paste browser popup (#667) * feat: switch to adjacent tab when closing current tab (#661) * Update sha256 value for v2.0.0 universal dmg (#629) * feat: switch to adjacent tab when closing current tab Previously closing the current tab always switched to the first remaining tab (often Dashboard). Now switches to the adjacent tab — the next one in order, or the previous if the closed tab was last. This matches the tab-close behavior of browsers and IDEs. Closes Termix-SSH/Support#606 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: add auth token to database export/import in Electron app (#664) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: add Bearer token to database export/import requests in Electron --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * Fix WebSocket reconnection and add connection lost overlay (#668) * fix: skip metrics collection for hosts with authType none or opkssh (#639) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: skip metrics collection for hosts with authType none or opkssh supportsMetrics() only checked connectionType but ignored authType. Hosts configured with Authentication: None (e.g. Tailscale SSH) or opkssh would trigger SSH metrics polling, causing repeated auth failures since no credentials are available. Closes Termix-SSH/Support#515 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: align cookie maxAge with JWT expiration to prevent early logout (#658) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: align cookie maxAge with JWT expiration to prevent early logout The JWT cookie maxAge for regular (non-rememberMe) logins was set to 2 hours, while the JWT token itself was valid for 24 hours. After 2 hours the cookie expired and the user was logged out, even during active SSH sessions. Changed cookie maxAge from 2h to 24h for regular logins to match the JWT expiration. Affects both password login and OIDC login paths. Closes Termix-SSH/Support#595 Closes Termix-SSH/Support#583 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: remove sensitive data from log output (#649) - Password reset: stop logging the 6-digit reset code in plaintext. The code is still stored in the settings table for retrieval. - Password reset: return identical response for non-existent users and OIDC users to prevent username enumeration. - OPKSSH callback: remove URL, query params, and forwarded headers from log output to prevent token/code leakage. * feat: display file owner and group in file manager list view (#654) * Update sha256 value for v2.0.0 universal dmg (#629) * feat: display file owner and group in file manager list view Added an Owner column to the file manager list view showing owner:group for each file. The data was already returned by the backend (SFTP returns uid/gid, ls fallback returns usernames) but not displayed. Column is hidden on small screens (md:block) to avoid crowding. Closes Termix-SSH/Support#603 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: prevent file manager from showing stale directory contents (#655) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: prevent file manager from showing stale directory contents Two issues caused the file browser to get stuck showing outdated directory contents after folder operations: 1. handleRefreshDirectory could be blocked by a lingering isLoading state from a previous request. Now force-resets loading state before initiating the refresh. 2. debouncedLoadDirectory skipped requests when the path hadn't changed (path === lastPathChangeRef), but after create/move/delete operations the path stays the same while contents change. Added force parameter to bypass the path equality check. Closes Termix-SSH/Support#599 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: fallback to default layout when dashboard preferences lack cards (#652) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: fallback to default layout when dashboard preferences lack cards getDashboardPreferences may return null, empty object, or an object without a cards array (e.g. when behind a reverse proxy that alters the response, or on first load for a new user). This caused layout.cards.filter() to throw, leaving the dashboard as a black screen after login. Now validates that the response has a cards array before using it, falling back to DEFAULT_LAYOUT otherwise. --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: bind SSH sessions to userId and verify ownership on access (#650) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: bind SSH sessions to userId and verify ownership on access SSHSession objects in file-manager and docker did not store userId, allowing any authenticated user to operate on another user's session if they knew the sessionId. Changes: - Added userId field to SSHSession interface in both modules - Store userId when creating sessions (connect, TOTP, Warpgate paths) - Added verifySessionOwnership() helper in file-manager - Applied ownership checks to sudo-password, status, keepalive, listFiles endpoints in file-manager - Applied ownership check to keepalive endpoint in docker - Session creation in docker now stores userId in all 3 paths --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: use cookie-based auth for WebSocket instead of URL token (#646) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: use cookie-based auth for WebSocket instead of URL token JWT tokens in WebSocket URL query strings are exposed in nginx access logs, browser history, and proxy logs. Backend: terminal and docker-console WebSocket servers now read JWT from the cookie header as fallback when no URL token is provided. Frontend: desktop terminal and docker console no longer append token to WebSocket URL, relying on cookies sent automatically by the browser. Mobile and Guacamole WebSocket connections are unchanged as they may not have cookie access. --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: prevent long Docker container names from overflowing card bounds (#653) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: prevent long Docker container names from overflowing card bounds Container names were not constrained to the card width, causing long names to overlay adjacent container cards. Added overflow-hidden and min-w-0 to the Card root element so the existing truncate class on CardTitle takes effect within the grid layout. Closes Termix-SSH/Support#601 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: preserve original timestamps in SSH login statistics (#657) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: preserve original timestamps in SSH login statistics Failed login attempts showed the current time instead of the actual attempt time. Two issues: 1. auth.log dates (e.g. "Mar 15 10:23:45") were parsed with a format that could fail on some platforms, falling back to new Date() which gives the current time. Changed to a more reliable format ("Mar 15, 2026 10:23:45") and fall back to the raw string instead of the current time. 2. Dates from previous years (e.g. December logs viewed in January) were assigned the current year, producing future dates. Now checks if the parsed date is in the future and subtracts a year. Also fixed the same fallback issue for successful login timestamps. Closes Termix-SSH/Support#570 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: remove plaintext credentials from internal host API responses (#651) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: remove plaintext credentials from internal host API responses /db/host/internal and /db/host/internal/all returned password, key, keyPassword, and autostart credentials in plaintext, protected only by a static INTERNAL_AUTH_TOKEN. If the token leaked, all SSH credentials would be exposed. Changes: - Stripped password, key, keyPassword, autostartPassword, autostartKey, autostartKeyPassword from both internal API responses - Only return hostId, userId, and non-sensitive connection metadata - Updated tunnel.ts endpoint resolution to use resolveHostById() for credentials instead of reading from HTTP response - Autostart tunnel initialization no longer receives credentials from internal API, relying on server-side DB resolution at connect time --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: default keyType to auto instead of blocking host update (#641) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: default keyType to auto instead of blocking host update When editing a host with key authentication, missing keyType value caused form validation to fail silently, preventing the Update Host button from saving changes. Now defaults keyType to "auto" instead of raising a validation error. Closes Termix-SSH/Support#510 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: downgrade credential migration errors to warnings (#659) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: downgrade credential migration errors to warnings Credential migration failures during login (e.g. corrupted encrypted data from older versions) were logged at ERROR level, causing alarm in Docker logs. The migration is non-blocking — login succeeds regardless — so these should be warnings. Changed individual credential decryption failures and overall migration failures from error to warn level. Also improved log messages to be more descriptive. Closes Termix-SSH/Support#541 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * feat: add Select All / Deselect All buttons for snippet terminal selection (#660) * Update sha256 value for v2.0.0 universal dmg (#629) * feat: add Select All / Deselect All buttons for snippet terminal selection When running snippets on many terminals, users had to click each terminal individually. Added Select All and Deselect All buttons above the terminal list for batch selection. Closes Termix-SSH/Support#535 --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: admin user list not reading OIDC and admin status correctly (#665) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: align admin user list field names with API response (camelCase) --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: enable clipboard paste from host to RDP session (#666) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: sync host clipboard to RDP session on tab focus and mouse enter --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * fix: validate containerId and timestamp params to prevent command injection (#648) * Update sha256 value for v2.0.0 universal dmg (#629) * fix: validate containerId and timestamp params to prevent command injection Docker API endpoints passed containerId, since, and until parameters directly into shell commands via SSH exec without validation. An authenticated user with Docker access could inject arbitrary shell commands on the remote host. Added Express param middleware to validate containerId against ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ for all 9 endpoints. Also validate since/until timestamps in the logs endpoint against a strict regex. --------- Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> * Merge commit from fork * Merge commit from fork Replace double-quoted shell string interpolation with single-quoted escaping in extractArchive and compressFiles endpoints. Double quotes allow $(command) substitution, enabling arbitrary command execution on the remote SSH host via crafted archive paths or file names. Now uses the same single-quote escaping pattern used by all other file manager operations in this file. * Merge commit from fork CORS: Replace permissive origin checks (any http/https) across all 6 microservices with a shared cors-config module that only allows: - Same-origin requests (derived from Host header) - Configured origins via CORS_ALLOWED_ORIGINS env var - Dev origins (localhost:5173) Docker console: Validate containerId against ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ and restrict shell to allowlist [bash, sh, ash, zsh] to prevent command injection via WebSocket messages. * Merge commit from fork * refactor: add shared host-resolver for server-side credential resolution Creates resolveHostById() utility that loads a host from DB and resolves its credentials entirely server-side. This will be used by connection modules to avoid receiving credentials from the frontend. Also adds checkHostAccess() for permission validation. * fix: strip sensitive credentials from host API responses Remove password, key, keyPassword, sudoPassword, and other credential fields from GET /db/host and GET /db/host/:id responses. Add boolean indicators (hasPassword, hasKey, hasSudoPassword) so the frontend knows capabilities without seeing actual values. Add GET /db/host/:id/password endpoint for the copy-password feature to fetch a specific password on demand. * refactor: docker-console resolves credentials server-side by hostId Instead of receiving the full hostConfig with credentials from the frontend WebSocket message, docker-console now extracts hostId and uses resolveHostById() to load credentials from the database. Also validates containerId format and restricts shell to allowlist. * feat: add getHostPassword API and update copy-password to use it Add getHostPassword() frontend function that calls the new server-side password endpoint instead of reading from the host object. Update Tab component to use boolean indicators (hasPassword, hasKey, hasSudoPassword) from the sanitized API response, with backward compatibility for the old response format. Add boolean indicator fields to Host type definition. * refactor: file-manager resolves credentials server-side via host-resolver When frontend doesn't provide password/sshKey (due to API stripping), file-manager now uses resolveHostById() to load credentials from DB. Falls back to provided credentials for backward compatibility. * refactor: terminal resolves credentials server-side via host-resolver When frontend doesn't provide password/key (due to API stripping), terminal now uses resolveHostById() to load credentials from DB. Preserves backward compatibility with reconnect_with_credentials where user provides credentials interactively. * refactor: tunnel resolves source credentials server-side via host-resolver When frontend doesn't provide sourcePassword/sourceSSHKey (due to API stripping), tunnel now uses resolveHostById() to load credentials from DB for both the connect and cleanup paths. * fix: terminal sudo auto-fill fetches password from server on demand After credentials are stripped from API responses, hostConfig.password is no longer available. Sudo auto-fill now checks boolean indicators to show the prompt, then fetches the actual password via getHostPassword API only when the user confirms the auto-fill action. * fix: host editor fetches full credentials via export API for editing After credentials are stripped from the host list API, the editor would show empty password/key fields. Now uses exportSSHHostWithCredentials() to fetch the full host data with credentials when opening the editor. Applies to all paths: direct edit, sidebar click, and external navigation. --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: update jsdoc comments for /host instead of /ssh * fix: align OIDC login cookie maxAge with JWT expiration (2h → 24h) (#671) * fix: persist OIDC JWT token to localStorage in Electron app (#672) * fix: add error toast for empty file download and remove stray prop in tab bar (#674) * fix: prevent server status failure from blocking host list loading (#673) * fix: show server config dialog on first launch instead of auto-selecting embedded (#675) * fix: remove unnecessary registration disabled toast on login page (#670) * fix: add clipboard fallback and toast feedback for Copy Password button (#669) Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: allow file origin for packaged Electron desktop app (#676) * Add AWS logo to README * fix: allow file origin for packaged Electron desktop app --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: backend compliation errors * feat: remove theme selector from nav bar * fix: validate and fallback credentialId during JSON host bulk import (#677) * Add AWS logo to README * fix: validate and fallback credentialId during JSON host bulk import --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: await tunnel cleanup to prevent new connection from being killed (#678) * Add AWS logo to README * fix: await tunnel cleanup before creating new connection to prevent race condition --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: disable keyboard-interactive when host auth is set to None (#682) * Add AWS logo to README * fix: disable keyboard-interactive auth when host authType is none --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: use carriage return for mobile startup snippet execution (#680) * Add AWS logo to README * fix: use carriage return for mobile startup snippet execution --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: prevent file upload from crashing backend on permission denied (#681) * Add AWS logo to README * fix: add stderr error handlers and connection check to prevent upload crash --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: add missing stream error handlers in Docker console (#684) * Add AWS logo to README * fix: add missing stream error handlers in Docker console to prevent crashes --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: use carriage return for snippet execution to support PowerShell (#679) * Add AWS logo to README * fix: use carriage return instead of line feed for snippet and command execution --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: restrict remaining postMessage targetOrigin from wildcard to origin (#685) * Add AWS logo to README * fix: restrict postMessage targetOrigin to prevent JWT token leakage --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add SESSION_TIMEOUT_HOURS environment variable for customizable session duration (#662) * feat: add SESSION_TIMEOUT_HOURS environment variable for session duration Session timeout was hardcoded to 24h (JWT) and 2h (cookie). Now both are configurable via SESSION_TIMEOUT_HOURS env var (default: 24). Set in docker-compose.yml: environment: SESSION_TIMEOUT_HOURS: "72" Also fixes the cookie maxAge mismatch (was 2h, now matches JWT). Remember Me sessions remain at 30 days regardless of this setting. Closes Termix-SSH/Support#609 Closes Termix-SSH/Support#595 * refactor: move session timeout from env var to Admin Settings Replace SESSION_TIMEOUT_HOURS environment variable with a database-backed setting configurable from Admin Settings UI. Default remains 24 hours. --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add port knocking support for SSH connections (#694) * Add AWS logo to README * feat: add port knocking support for SSH connections Send TCP/UDP knock packets to a configurable port sequence before establishing SSH connections. Configured per-host in the host editor under a new Port Knocking accordion section. Supports custom protocol (TCP/UDP) and delay between knocks. Knocking failures don't block the connection attempt. Closes Termix-SSH/Support#524 --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add Wake-on-LAN support for hosts (#696) * Add AWS logo to README * feat: add Wake-on-LAN support for hosts --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add export all hosts as JSON (#688) * Add AWS logo to README * feat: add export all hosts as JSON Add GET /ssh/db/hosts/export endpoint and Export All button in the host manager toolbar. Exported format is compatible with existing bulk import. Includes sensitive data warning confirmation before download. Closes Termix-SSH/Support#582 --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add snippet sharing with users and roles (#691) * Add AWS logo to README * feat: add snippet sharing with users and roles Add snippetAccess table and RBAC routes for sharing snippets, following the same pattern as host sharing. Users can share snippets with other users or roles via a share dialog. Shared snippets appear in a dedicated section in the snippets sidebar as read-only with copy support. Closes Termix-SSH/Support#474 --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: auth errors and ws connection errors in dev env * feat: add opt-in tmux integration for persistent terminal sessions (#683) * Add backend tmux integration with native scrollback Detect tmux on remote hosts via SSH exec channel, auto-attach or create sessions with mouse mode, history-limit 50000, set-clipboard on, and allow-passthrough on for native scrollback, OSC 52 clipboard sync, and safe paste handling. Use && exit so the shell only closes if tmux started successfully. Query session name after auto-creation. * Add frontend tmux session handling and picker dialog Desktop: handle tmux WebSocket messages, show session picker with window count, attached clients, and last activity when multiple sessions exist. Toast warning when Auto-tmux is enabled but tmux is missing on remote. Mobile: auto-attach to first available session. All user-facing strings are localized via i18n. * Add Auto-tmux toggle in host settings and i18n strings Per-host opt-in toggle following the existing autoMosh pattern. English i18n strings for all tmux-related UI elements. * Show a toast hint on first drag inside a tmux session When the user drags the mouse inside a tmux-wrapped terminal, show a localized toast ("Adjust selection and press Enter to copy") once per tab session. Purely frontend so the hint is i18n-ready and doesn't pollute the tmux status bar. * chore: increment ver * feat: add right-click context menu in terminal to open file manager (#695) * Add AWS logo to README * feat: add right-click context menu in terminal to open file manager --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> Co-authored-by: LukeGus <lukegustafson06@gmail.com> * Fix/desktop guac connect flow (#687) * fix: use direct guacamole websocket port in embedded electron mode * Fix desktop remote token flow for redacted hosts --------- Co-authored-by: LukeGus <lukegustafson06@gmail.com> Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: allow file:// origin in shared cors middleware (#686) Co-authored-by: LukeGus <lukegustafson06@gmail.com> Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add command history toggle and sensitive command filtering (#693) * Add AWS logo to README * feat: add command history toggle and sensitive command filtering Add on/off toggle for command history recording in User Profile settings. Commands matching sensitive patterns (passwords, secrets, tokens, API keys) are automatically filtered on both frontend and backend, never stored. Closes Termix-SSH/Support#461 --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> Co-authored-by: LukeGus <lukegustafson06@gmail.com> * OPKSSH proxy, certificate auth, and inline provider selection (#692) * fix: OPKSSH proxy integration for remote deployments Migrate proxy routes from /ssh/ to /host/ prefix. Use session's remote redirect URI for callback path instead of hardcoded /login-callback. Add OAuth callback fallback for external browser redirects with state parameter binding to prevent cross-session mixup. Reject cookie-less callbacks that can't be identified. * fix: implement OPKSSH certificate authentication for ssh2 Extract OPKSSH certificate auth into shared module that works around ssh2's lack of native certificate support: grafts cert blob onto parsed key, wraps ECDSA sign() for DER-to-SSH conversion, and patches Protocol.authPK for correct algorithm. Applied across terminal, file-manager, docker, and server-stats. Removes legacy temp file approach in favor of in-memory keys. * feat: inline OPKSSH provider selection in dialog Parse OIDC provider aliases and issuers from config.yml using js-yaml and send them to the frontend via the WebSocket message. The dialog renders a "Sign in with {Provider}" button per provider, opening the browser directly to the OAuth flow and skipping the external chooser page. Falls back to the existing "Open in Browser" behavior when providers aren't available. --------- Co-authored-by: LukeGus <lukegustafson06@gmail.com> Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * feat: add configurable log level via Admin Settings (#690) * Add AWS logo to README * feat: add configurable log level via Admin Settings Add log verbosity control (debug/info/warn/error) through Admin Settings UI and LOG_LEVEL environment variable. Database setting takes precedence. Changes take effect immediately without restart. Closes Termix-SSH/Support#499 --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> Co-authored-by: LukeGus <lukegustafson06@gmail.com> * feat: add reconnect button for disconnected SSH sessions (#689) * Add AWS logo to README * feat: add reconnect button for disconnected SSH sessions When an SSH connection drops, show a reconnect overlay instead of closing the tab. Users can click Reconnect to re-establish the connection or Close to dismiss. Also triggers after auto-reconnect attempts are exhausted. Closes Termix-SSH/Support#596 Closes Termix-SSH/Support#542 Closes Termix-SSH/Support#604 --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> Co-authored-by: LukeGus <lukegustafson06@gmail.com> * feat: fix port knocking and mac address not saving to backend * fix: fix snippets table not being created * fix: command history logic error, snippet sharing failing and improved UI for it * Reset stale trust state when TOTP is enabled (#697) * Add AWS logo to README * Reset stale trust state when TOTP is enabled Enablement now updates the user record, revokes existing sessions, clears trusted devices, and persists the result using the existing route flow. The change stays narrow and avoids introducing a one-off auth-manager wrapper or changing the save helper contract. Constraint: Keep the change close to the existing auth route and avoid extra abstractions Rejected: Keep the dedicated auth-manager helper | it was single-use and widened the surface area Confidence: high Scope-risk: narrow Directive: If this behavior changes again, keep the reset logic at the route boundary unless another caller appears Tested: tsc -p tsconfig.node.json --pretty false, git diff --check Not-tested: full frontend build --------- Co-authored-by: Luke Gustafson <88517757+LukeGus@users.noreply.github.com> * fix: version disabling in user profile not properly disabling and mac address not saving in host manager * feat: improved reconnect ui for terminals * feat: improve right click copy/paste * fix: some themes not including all the needed colors * chore: remove donate button * fix: schema errors, password logic errors, sswapped line order in host.ts * fix: cors being too strict * fix: passphrase erorr and tmux error * fix: guacd improvements, ui bugs, connection problems, etc * fix: shrink image, opkssh fixes, desktop ui changes * feat: dont require password to export and fixed export failures * feat: opkssh fixes, guacamole ui fixes, update readme for release * fix: tabs closing fast causiung no tab to be active and electron header persistance issue * fix: guacd params getting malformed * fix: desktop app header persistance * fix: desktop app header persistance * feat: desktop app not logging in * feat: improve okpkssh implementation and fix redirect uri bug * fix: opkssh redirect * fix: backend hang (ongoing) * fix: tunnels not being able to be saved * fix: c2s networking stability (activity/log, metrics, status) (#701) - /activity/log: the trim-over-100 path called SimpleDBOps.delete with a userId instead of a where clause and 500'd every call. Use inArray on the actual ids, best-effort (trim failures don't fail the log). - /metrics/register-viewer: now a graceful 200 no-op when the host can't be found, metrics are disabled, or the connection type doesn't support metrics. Any internal error is reported as skipped instead of a 500, and the fire-and-forget startMetricsForHost can no longer leak an unhandled rejection. - /metrics/:id: treat 404 as "no metrics yet / disabled" rather than an error. Dashboard skips hosts known to be offline before asking for metrics. - /status: retry with 2s/5s/8s timeouts and 3s/5s pauses (23s worst case, fits in the 30s poll cycle) before surfacing a network error; intermediate attempts stay silent. - Replace the blocking "connection lost" overlay with a persistent, non-dismissible toast ("Unstable server connection, recovering…") carrying a Reload action. Users keep full access to the UI; if they try to connect to a host and it fails, that's on them. The toast clears to the usual "Server connection restored" success toast on the next healthy API response. The toast triggers on any of ERR_NETWORK / ECONNREFUSED / ECONNABORTED / ECONNRESET / ETIMEDOUT / ERR_CANCELED, "Request aborted"/timeout messages, or database/drizzle/sqlite errors. * fix(guacamole): honor host RDP DPI in client and tab params (#703) * fix(file-manager): preserve remote file mode after SFTP write (#704) * fix(admin): target admin toggle APIs by user id (#705) * fix(terminal): resolve Electron SSH websocket URL from server config (#706) * fix(snippets): accept snippets or legacy updates in reorder API (#707) * fix(admin): fetch users list when users tab is opened (#708) * fix(docker): improve list layout and overflow for container cards (#709) * fix(guacamole): gate keyboard capture on focus and visibility (#710) * fix: remove snippets test file * chore: run linter * fix: increase macos memory for building * Potential fix for pull request finding 'Unused variable, import, function or class' Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com> --------- Co-authored-by: Will Moore <will@clevercode.ca> Co-authored-by: Gemini CLI <gemini@cli.local> Co-authored-by: Chakyiu <49145984+Chakyiu@users.noreply.github.com> Co-authored-by: Jozef Rebjak <jozefrebjak@icloud.com> Co-authored-by: ZacharyZcR <zacharyzcr1984@gmail.com> Co-authored-by: Daniel Quinan <68088383+DanielQuinan@users.noreply.github.com> Co-authored-by: allxm4 <77125344+allxm4@users.noreply.github.com> Co-authored-by: AllX <contact@alexmaftei.com> Co-authored-by: Razvan Aurariu <38325118+rzv-me@users.noreply.github.com> Co-authored-by: Dylan Ysmal <Xenthys@users.noreply.github.com> Co-authored-by: vvbbnn00 <vvbbnn00@foxmail.com> Co-authored-by: Lbubeer <Lbubeer1@gmail.com> Co-authored-by: Dominik <DL6ER@users.noreply.github.com> Co-authored-by: LukeGus <lukegustafson06@gmail.com> Co-authored-by: TerrifiedBug <35064668+TerrifiedBug@users.noreply.github.com> Co-authored-by: JIHUN <asdfgl98@naver.com> Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes Termix-SSH/Support#590
Summary
Changes
schema.ts: Addmac_addresscolumn to hosts tablewake-on-lan.ts: New utility — magic packet builder + UDP broadcast senderhost.ts: AddmacAddressto create/update routes, addPOST /db/host/:id/wakeendpointtypes/index.ts: AddmacAddresstoHostandHostDatainterfacesmain-axios.ts: AddmacAddressto create/update payloads, addwakeOnLan()API functionHostManagerEditor.tsx: AddmacAddressto form schema and default valuesHostGeneralTab.tsx: Add MAC address input fieldHost.tsx: Add WoL dropdown menu item with Power iconen.json: Add i18n keys for MAC address field and WoL actions