chore: remove SSH handshake secret residuals and fix agent memory#1403
Merged
Conversation
Removes three artifacts left behind by the NVIDIA#1274 removal of OPENSHELL_SSH_HANDSHAKE_SECRET, then corrects a sweep of stale and inaccurate notes in .claude/agent-memory/arch-doc-writer/MEMORY.md that were discovered during the audit. Artifact removal (Refs OS-174): - openshell.spec: stale comment claiming init-gateway-env.sh generates an SSH handshake secret - e2e/with-podman-gateway.sh: dead podman secret rm for openshell-handshake-<id>, which is never created since NVIDIA#1274 Agent memory corrections: - ssh_tunnel.rs no longer exists; replaced by ssh_sessions.rs - Object types list was missing service_endpoint and provider_profile - Pre-exec chain now includes harden_child_process() and uses the linux::prepare()/enforce() two-phase pattern on Linux - CLI SSH function list had nonexistent sandbox_rsync; corrected to actual exported functions - ExecSandbox is in grpc/sandbox.rs (not grpc.rs) and operates over a supervisor relay DuplexStream, not a direct TCP connection - resolve_ssh_gateway() moved to openshell-core/src/forward.rs - SSH transport note rewrote: NSSH1 is an OCSF-only label (not a live protocol preface); actual path is ForwardTcp -> DuplexStream -> RelayStream -> Unix socket; access gated by CreateSshSession token; TLS follows endpoint scheme (https:// = mTLS, http:// = plaintext; Podman driver does not yet inject mTLS client materials) - CLI flag note was self-contradictory; corrected to --gateway-endpoint with resolution priority chain
maxamillion
requested review from
a team,
derekwaynecarr and
mrunalp
as code owners
Collaborator
|
Thanks @maxamillion ; I had missed some of this. Thanks for cleaning this up |
TaylorMutch
previously approved these changes
May 15, 2026
Collaborator
Author
|
@TaylorMutch happy to! I was excited to see your original change and realized there were a couple artifacts left beyond so I thought I'd give it a try at cleaning them up |
|
Label |
Collaborator
|
/ok to test e65720f |
Three nested if blocks in connect_local_container_engine() were flagged by clippy after NVIDIA#1370. Collapse to single if-let chains using && as suggested.
TaylorMutch
approved these changes
May 15, 2026
Collaborator
|
/ok to test de77b99 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes three stale artifacts left behind by PR #1274 (removal of
OPENSHELL_SSH_HANDSHAKE_SECRET), then corrects a set of inaccurate notes in the arch-doc-writer agent memory uncovered during the audit.Related Issue
Refs OS-174.
Changes
Artifact removal:
openshell.spec: stale comment claiminginit-gateway-env.shgenerates an SSH handshake secrete2e/with-podman-gateway.sh: deadpodman secret rm openshell-handshake-<id>line — that secret is never created since refactor!(auth): drop SSH handshake secret #1274Agent memory corrections (
.claude/agent-memory/arch-doc-writer/MEMORY.md):ssh_tunnel.rsno longer exists; replaced byssh_sessions.rsservice_endpointandprovider_profileharden_child_process()and uses the two-phaselinux::prepare()/enforce()pattern on Linuxsandbox_rsync; corrected to actual exported functionsExecSandboxis ingrpc/sandbox.rs(notgrpc.rs) and operates over a supervisor relayDuplexStreamresolve_ssh_gateway()moved toopenshell-core/src/forward.rsForwardTcp→DuplexStream→RelayStream→ Unix socket; access gated byCreateSshSessiontoken; TLS follows endpoint scheme (https://= mTLS,http://= plaintext; Podman driver does not yet inject mTLS client materials)--openshell-endpoint NOT --openshell-endpoint); corrected to--gateway-endpointwith resolution priority chainTesting
mise run pre-commitpasses (non-Rust checks clean; pre-existing clippy failure inopenshell-driver-vmfrom feat(vm): fall back to Podman socket when Docker is unavailable #1370 on main, unrelated to these changes)Checklist