Bayesian SSH is built with a modular architecture that separates concerns and provides a clean, maintainable codebase.
- Command parsing: Uses
clapfor robust command-line argument handling - Command modules: Each command is implemented in its own module
- Shell completions: Automatic generation for bash, zsh, fish, and more
- Shared utilities: Common CLI patterns extracted into
src/cli/utils.rs
- AppConfig: Central configuration structure
- File-based config: JSON configuration stored in
~/.config/bayesian-ssh/ - Environment overrides: Support for environment variable configuration
- Connection: Represents SSH connection configuration
- Session: Tracks active SSH sessions
- Serialization: Full serde support for JSON operations
- SQLite integration: Using
rusqlitefor data persistence - Modular design: Split into submodules -
connection,alias,session,search - Migration support: Schema versioning and updates
- SSH Service: Core SSH connection logic
- Kerberos integration: Automatic ticket management
- Process management: Safe process spawning and monitoring
- ratatui-based: Full-screen terminal interface
- Application state: Managed in
app.rs - Rendering: UI layout and drawing in
ui.rs
CREATE TABLE connections (
id TEXT PRIMARY KEY,
name TEXT NOT NULL UNIQUE,
host TEXT NOT NULL,
user TEXT NOT NULL,
port INTEGER NOT NULL,
bastion TEXT,
bastion_user TEXT,
use_kerberos BOOLEAN NOT NULL,
key_path TEXT,
created_at TEXT NOT NULL,
last_used TEXT,
tags TEXT NOT NULL
);CREATE TABLE sessions (
id TEXT PRIMARY KEY,
connection_id TEXT NOT NULL,
started_at TEXT NOT NULL,
ended_at TEXT,
status TEXT NOT NULL,
pid INTEGER,
exit_code INTEGER
);1. Parse command line arguments
2. Load application configuration
3. Search for connection in database (Bayesian-ranked or fuzzy)
4. Check aliases if no direct match
5. Verify Kerberos ticket (if enabled)
6. Automatically create ticket if needed
7. Build SSH command with proper flags
8. Execute SSH process
9. Monitor session status
10. Update database with results
11. Handle cleanup on exit
- Configuration errors: Invalid settings or missing files
- Database errors: Connection issues or schema problems
- SSH errors: Connection failures or authentication issues
- Kerberos errors: Ticket creation or renewal failures
- Graceful degradation: Fallback to basic SSH if features fail
- Automatic retry: Retry failed operations with exponential backoff
- User feedback: Clear error messages with suggested solutions
- Indexed queries for fast lookups by name and tags
- Efficient connection reuse
- Batch operations for grouped database operations
- Zero-copy operations to minimize memory allocations
- Efficient serialization with serde
- Proper cleanup of file descriptors and processes
- Ticket verification before use
- Automatic renewal when needed
- Forwardable ticket support
- Secure handling of SSH keys
- Bastion host support for jump connections
- Safe process spawning and monitoring
- Model validation and data structure integrity
- Service logic tested in isolation
- Error condition and recovery testing
- Full database workflow testing
- SSH connection testing
- Configuration file handling
- Extension points with hook system for custom functionality
- Stable plugin API for third-party extensions
- Runtime plugin loading and management
- REST API for remote management
- WebSocket support for real-time session monitoring
- Secure API access control