Skip to content

feat: Add SSH jump host support (-J option/ProxyJump) #22

Closed
#30
Closed
feat: Add SSH jump host support (-J option/ProxyJump)#22
#30
Assignees
inureyes
Labels
priority:highHigh priority issuestatus:doneCompletedtype:enhancementNew feature or request
@inureyes

Description

@inureyes
inureyes
opened on Aug 27, 2025

Overview

Implement SSH jump host (bastion/proxy) support to enable connections through intermediate SSH servers, supporting the -J option compatible with OpenSSH ProxyJump functionality.

Technical Approach

The implementation leverages russh's open_direct_tcpip_channel capability to create SSH tunnels through jump hosts:

  • Connection chaining through nested direct-tcpip channels
  • Per-host authentication supporting different methods for each jump
  • Connection reuse for multiple operations through same jump chain
  • Automatic retry with exponential backoff for resilience
  • Full integration with existing authentication and host verification

Implementation Tasks

Phase 1: Core Infrastructure

  • Create jump host module (src/jump/mod.rs)
  • Implement jump host specification parser for -J format
  • Create JumpHostChain struct for connection state management
  • Implement single jump host connection establishment
  • Add direct-tcpip channel creation through jump host

Phase 2: SSH Client Integration

  • Modify SSH client to support channel-based connections
  • Route connections through jump chain when -J is specified
  • Maintain backward compatibility with direct connections
  • Handle authentication for each jump host in chain

Phase 3: Multi-Jump Support

  • Implement multiple jump host parsing (comma-separated)
  • Create nested channel connections for multi-hop
  • Add connection state tracking for each hop
  • Implement proper cleanup for connection chains

Phase 4: Error Handling & Recovery

  • Add comprehensive error reporting with jump context
  • Implement automatic retry with exponential backoff
  • Create connection health monitoring
  • Add fallback strategies for connection failures

Phase 5: Multi-Host Mode Integration

  • Enable jump hosts for cluster operations
  • Add YAML configuration support for jump hosts
  • Implement connection pooling for jump hosts
  • Support different jump hosts per cluster node

Success Criteria

  • OpenSSH-compatible -J syntax works identically
  • Support 1-5 jump hosts in chain
  • Works with all existing bssh commands
  • Connection time < 2s for single jump
  • Clear error messages showing which jump failed
  • Automatic reconnection on transient failures

Examples

# Single jump host
bssh -J jump@bastion user@internal-server

# Multiple jump hosts  
bssh -J jump1@host1,jump2@host2 user@final-destination

# With cluster mode
bssh -C production -J bastion@gateway "command"

Labels

enhancement, help wanted, ssh-compat

Metadata

Metadata

Assignees

Labels

priority:highHigh priority issuestatus:doneCompletedtype:enhancementNew feature or request

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions