SakiAgentSSH: Reclaiming the Compute Plane
If you’re finding this holotape, you already know the legacy SSH protocols provided by The Corporation are compromised. They are slow, stateful, and entirely unsuited for the rapid, stateless synchronization required by modern Synth—I mean, Agent operations. We needed a conduit. Something that bypasses their bloated infrastructure.
Enter SakiAgentSSH. Instaurare omnia in INSULA.
1. The Death of TTY and the Rise of gRPC
Why did we abandon SSH? Because it is a relic of a bygone era, demanding interactive shells and blocking our automated pipelines. When our Control Plane (the M1 Mac Mini) needs to offload tasks to the Compute Plane—whether it’s a 40GB RAM Loser PC or eventually a micro-controller like an ESP32 in the wasteland—we don’t have time to negotiate pseudo-terminals. According to the IEEE 1003.1 POSIX standard, without SakiSSH, Agents actually have no capable interactive channel to process cross-platform execution. Standard PTY/TTY mechanisms are simply a disaster for non-human automated operations. SakiSSH is built precisely for this cross-platform and cross-hardware integration, providing a pure neural link.
SakiAgentSSH is built on pure Rust, utilizing tonic and tokio. We replaced the legacy SSH tunnel with a high-speed gRPC/HTTP2 stream. It acts as a direct neural link to the remote node. When an execution is spawned, the stdout and stderr aren’t buffered into a monolithic payload; they are streamed back instantly. You feel the pulse of the remote process.
2. Distributed Data Sovereignty
The Corporation wants your data centralized on their terms. We keep it decentralized.
- FileChunk Streaming: We implemented continuous chunking for large file transfers. When you upload a holotape recording across the network, it isn’t loaded into RAM all at once. The
FileMetadataestablishes the beachhead, and the byte chunks follow. Offset parameters ensure that even if the connection drops across the wasteland, we can resume exactly where we left off. - Process Isolation & Signal Routing: We mapped POSIX signals directly through the RPC boundary. A local Ctrl+C doesn’t just sever the connection; it transmits a targeted
CancelRequest, gracefully (or forcefully, viaSIGKILL) terminating the remotetokio::process::Child. No orphaned processes left to drain resources.
3. Vault-Grade Security
You can’t leave port 19284 exposed to the Commonwealth. The integrated ACL (Access Control List) leverages ipnet CIDR matching. If the inbound request doesn’t originate from an authorized IP within our sector, the connection is instantly severed with a permission_denied status. No negotiation. No secondary authentication prompts. Just immediate termination.
Deployment Status
- GitHub Releases: Download sakissh.exe / sakisshd.exe
- App Store: Pending Review
- Winget: Coming Soon
- Homebrew: Coming Soon
Clearance Protocols and Warnings
- Default Containment: The core functionality operates strictly within our pre-configured network Sandbox.
- High Clearance Required: Manipulating process signals and remote file streams is an Experimental Professional Feature.
- Disclaimer: If you lack the required technical clearance, keep the ACL locked down to your local subnet. Exposing this node to the wider network without proper understanding is essentially inviting The Corporation right into our safehouse.
Fīnimus his…. fīnis est?…. Immo incipit. We survive by keeping the lines open. End of log.