Skip to content

Releases: sshlog/agent

Release v1.1.0

01 Feb 21:16
@matthill matthill
v1.1.0
3ff912b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v1.1.0 Latest
Latest

Here is the release note converted into a clean, structured Markdown format.

Release v1.1.0

This release introduces significant enhancements to observability and deployment, shifting to a Docker-first distribution model. It includes a new diagnostic web interface, multi-architecture support (x86_64 & ARM64), and improved compatibility with modern OpenSSH versions.

🚀 New Features

  • Diagnostic Web Interface
    A new built-in web dashboard (default port 5000) allows administrators to view active SSH sessions and stream terminal output in real-time via WebSockets.

  • Enable via: --enable-diagnostic-web or SSHLOG_ENABLE_DIAGNOSTIC_WEB=1

  • Session Injection
    Added the capability to inject keystrokes into active SSH sessions from the CLI or Web UI.

Security Note: This feature is disabled by default. It must be explicitly enabled via --enable-session-injection or SSHLOG_ENABLE_SESSION_INJECTION=1.

  • Docker-First Deployment
    Official images are now published to the GitHub Container Registry (ghcr.io/sshlog/agent). The documentation has been overhauled to prioritize containerized deployment.

⚡ Performance Improvements

  • Reduced CPU Utilization
    Significant optimizations have been made to the event polling loop and BPF communication, resulting in drastically lower CPU usage for the sshlog daemon, especially on idle systems.

🛠 Improvements

  • Multi-Architecture Support
    Docker images are now built for both linux/amd64 and linux/arm64.

  • Added "Read-Only Mode" toggle to the web terminal (enabled by default).

  • Updated production documentation to recommend read-only mounts for /dev/pts and /var/log/btmp.

  • Dependency Updates
    Upgraded build toolchain to Clang 19 and updated Python dependencies (Flask, SocketIO, etc.).

🐛 Bug Fixes

  • OpenSSH Compatibility: Fixed session detection logic to support newer OpenSSH versions that use the sshd-session process name.
  • Build System: Resolved bpftool bootstrap compilation errors (undefined reference to do_btf) during Docker builds.
  • CLI: Fixed TypeError crashes related to timestamp formatting in the sessions command.
  • Web Server: Fixed attribute access errors in the session tracker integration.

📦 How to Run

# Diagnostic Mode (Web UI enabled)
docker run --privileged \
  -e SSHLOG_ENABLE_DIAGNOSTIC_WEB=1 \
  -e SSHLOG_ENABLE_SESSION_INJECTION=1 \
  -v /usr/src:/usr/src:ro \
  -v /lib/modules:/lib/modules:ro \
  -v /var/log/btmp:/var/log/btmp:ro \
  -v /etc/passwd:/etc/passwd:ro \
  -v /etc/group:/etc/group:ro \
  -v /dev/pts:/dev/pts:rw \
  -v /sys/kernel/debug:/sys/kernel/debug:rw \
  --net=host --pid=host \
  --rm -it ghcr.io/sshlog/agent:1.1.0
Assets 2
Loading

v1.0.0

18 Apr 01:43
@matthill matthill
v1.0.0
a6d6f0c

Choose a tag to compare

View all tags
v1.0.0

First release of SSHLog daemon. Supported on RedHat, Debian, and Docker.

Loading