diff --git a/.gitignore b/.gitignore
index c68e291..bcf8b17 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 .DS_Store
 node_modules
 dist
+target
 *.log
 .env*
 ssh_host_key
\ No newline at end of file
diff --git a/crates/supabase-ssh/Cargo.lock b/crates/supabase-ssh/Cargo.lock
new file mode 100644
index 0000000..45b3806
--- /dev/null
+++ b/crates/supabase-ssh/Cargo.lock
@@ -0,0 +1,3319 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+version = 4
+
+[[package]]
+name = "adler2"
+version = "2.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa"
+
+[[package]]
+name = "aead"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0"
+dependencies = [
+ "crypto-common 0.1.7",
+ "generic-array 0.14.7",
+]
+
+[[package]]
+name = "aead"
+version = "0.6.0-rc.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6b657e772794c6b04730ea897b66a058ccd866c16d1967da05eeeecec39043fe"
+dependencies = [
+ "crypto-common 0.2.1",
+ "inout 0.2.2",
+]
+
+[[package]]
+name = "aes"
+version = "0.8.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0"
+dependencies = [
+ "cfg-if",
+ "cipher 0.4.4",
+ "cpufeatures 0.2.17",
+]
+
+[[package]]
+name = "aes"
+version = "0.9.0-rc.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "04097e08a47d9ad181c2e1f4a5fabc9ae06ce8839a333ba9a949bcb0d31fd2a3"
+dependencies = [
+ "cipher 0.5.1",
+ "cpubits",
+ "cpufeatures 0.2.17",
+]
+
+[[package]]
+name = "aes-gcm"
+version = "0.10.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "831010a0f742e1209b3bcea8fab6a8e149051ba6099432c8cb2cc117dec3ead1"
+dependencies = [
+ "aead 0.5.2",
+ "aes 0.8.4",
+ "cipher 0.4.4",
+ "ctr 0.9.2",
+ "ghash 0.5.1",
+ "subtle",
+]
+
+[[package]]
+name = "aes-gcm"
+version = "0.11.0-rc.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e22c0c90bbe8d4f77c3ca9ddabe41a1f8382d6fc1f7cea89459d0f320371f972"
+dependencies = [
+ "aead 0.6.0-rc.10",
+ "aes 0.9.0-rc.4",
+ "cipher 0.5.1",
+ "ctr 0.10.0-rc.4",
+ "ghash 0.6.0",
+ "subtle",
+]
+
+[[package]]
+name = "aho-corasick"
+version = "1.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ddd31a130427c27518df266943a5308ed92d4b226cc639f5a8f1002816174301"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "allocator-api2"
+version = "0.2.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923"
+
+[[package]]
+name = "android_system_properties"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "anyhow"
+version = "1.0.102"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c"
+
+[[package]]
+name = "argon2"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072"
+dependencies = [
+ "base64ct",
+ "blake2",
+ "cpufeatures 0.2.17",
+ "password-hash",
+]
+
+[[package]]
+name = "async-trait"
+version = "0.1.89"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9035ad2d096bed7955a320ee7e2230574d28fd3c3a0f186cbea1ff3c7eed5dbb"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "autocfg"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8"
+
+[[package]]
+name = "aws-lc-rs"
+version = "1.16.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a054912289d18629dc78375ba2c3726a3afe3ff71b4edba9dedfca0e3446d1fc"
+dependencies = [
+ "aws-lc-sys",
+ "untrusted",
+ "zeroize",
+]
+
+[[package]]
+name = "aws-lc-sys"
+version = "0.39.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "83a25cf98105baa966497416dbd42565ce3a8cf8dbfd59803ec9ad46f3126399"
+dependencies = [
+ "cc",
+ "cmake",
+ "dunce",
+ "fs_extra",
+]
+
+[[package]]
+name = "base16ct"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fd307490d624467aa6f74b0eabb77633d1f758a7b25f12bceb0b22e08d9726f6"
+
+[[package]]
+name = "base64"
+version = "0.22.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
+
+[[package]]
+name = "base64ct"
+version = "1.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2af50177e190e07a26ab74f8b1efbfe2ef87da2116221318cb1c2e82baf7de06"
+
+[[package]]
+name = "bashkit"
+version = "0.1.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b65867e98284ccbde5eff2153c7672a5101d6f95e8a9df955e137135d49f4769"
+dependencies = [
+ "anyhow",
+ "async-trait",
+ "base64",
+ "chrono",
+ "flate2",
+ "futures",
+ "globset",
+ "jaq-core",
+ "jaq-json",
+ "jaq-std",
+ "md-5",
+ "regex",
+ "schemars",
+ "serde",
+ "serde_json",
+ "sha1 0.11.0",
+ "sha2 0.11.0",
+ "thiserror 2.0.18",
+ "tokio",
+ "tower",
+ "url",
+]
+
+[[package]]
+name = "bcrypt-pbkdf"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6aeac2e1fe888769f34f05ac343bbef98b14d1ffb292ab69d4608b3abc86f2a2"
+dependencies = [
+ "blowfish",
+ "pbkdf2 0.12.2",
+ "sha2 0.10.9",
+]
+
+[[package]]
+name = "bitflags"
+version = "2.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "843867be96c8daad0d758b57df9392b6d8d271134fce549de6ce169ff98a92af"
+
+[[package]]
+name = "blake2"
+version = "0.10.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe"
+dependencies = [
+ "digest 0.10.7",
+]
+
+[[package]]
+name = "block-buffer"
+version = "0.10.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+dependencies = [
+ "generic-array 0.14.7",
+]
+
+[[package]]
+name = "block-buffer"
+version = "0.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cdd35008169921d80bc60d3d0ab416eecb028c4cd653352907921d95084790be"
+dependencies = [
+ "hybrid-array",
+]
+
+[[package]]
+name = "block-padding"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93"
+dependencies = [
+ "generic-array 0.14.7",
+]
+
+[[package]]
+name = "block-padding"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "710f1dd022ef4e93f8a438b4ba958de7f64308434fa6a87104481645cc30068b"
+dependencies = [
+ "hybrid-array",
+]
+
+[[package]]
+name = "blowfish"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7"
+dependencies = [
+ "byteorder",
+ "cipher 0.4.4",
+]
+
+[[package]]
+name = "bstr"
+version = "1.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "63044e1ae8e69f3b5a92c736ca6269b8d12fa7efe39bf34ddb06d102cf0e2cab"
+dependencies = [
+ "memchr",
+ "regex-automata",
+ "serde",
+]
+
+[[package]]
+name = "bumpalo"
+version = "3.20.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d20789868f4b01b2f2caec9f5c4e0213b41e3e5702a50157d699ae31ced2fcb"
+
+[[package]]
+name = "byteorder"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
+
+[[package]]
+name = "bytes"
+version = "1.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33"
+
+[[package]]
+name = "cbc"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6"
+dependencies = [
+ "cipher 0.4.4",
+]
+
+[[package]]
+name = "cbc"
+version = "0.2.0-rc.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ab1412b9ae2463ede01f1e591412dfbcfeacecf40e8c4c3e0655814c19065c38"
+dependencies = [
+ "cipher 0.5.1",
+]
+
+[[package]]
+name = "cc"
+version = "1.2.59"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b7a4d3ec6524d28a329fc53654bbadc9bdd7b0431f5d65f1a56ffb28a1ee5283"
+dependencies = [
+ "find-msvc-tools",
+ "jobserver",
+ "libc",
+ "shlex",
+]
+
+[[package]]
+name = "cfg-if"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801"
+
+[[package]]
+name = "cfg_aliases"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
+
+[[package]]
+name = "chacha20"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818"
+dependencies = [
+ "cfg-if",
+ "cipher 0.4.4",
+ "cpufeatures 0.2.17",
+]
+
+[[package]]
+name = "chacha20"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6f8d983286843e49675a4b7a2d174efe136dc93a18d69130dd18198a6c167601"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.3.0",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "chrono"
+version = "0.4.44"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0"
+dependencies = [
+ "iana-time-zone",
+ "js-sys",
+ "num-traits",
+ "wasm-bindgen",
+ "windows-link",
+]
+
+[[package]]
+name = "cipher"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
+dependencies = [
+ "crypto-common 0.1.7",
+ "inout 0.1.4",
+]
+
+[[package]]
+name = "cipher"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e34d8227fe1ba289043aeb13792056ff80fd6de1a9f49137a5f499de8e8c78ea"
+dependencies = [
+ "block-buffer 0.12.0",
+ "crypto-common 0.2.1",
+ "inout 0.2.2",
+]
+
+[[package]]
+name = "cmake"
+version = "0.1.58"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c0f78a02292a74a88ac736019ab962ece0bc380e3f977bf72e376c5d78ff0678"
+dependencies = [
+ "cc",
+]
+
+[[package]]
+name = "cmov"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f88a43d011fc4a6876cb7344703e297c71dda42494fee094d5f7c76bf13f746"
+
+[[package]]
+name = "const-oid"
+version = "0.9.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8"
+
+[[package]]
+name = "const-oid"
+version = "0.10.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a6ef517f0926dd24a1582492c791b6a4818a4d94e789a334894aa15b0d12f55c"
+
+[[package]]
+name = "core-foundation-sys"
+version = "0.8.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
+
+[[package]]
+name = "cpubits"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ef0c543070d296ea414df2dd7625d1b24866ce206709d8a4a424f28377f5861"
+
+[[package]]
+name = "cpufeatures"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "cpufeatures"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b2a41393f66f16b0823bb79094d54ac5fbd34ab292ddafb9a0456ac9f87d201"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "crc32fast"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511"
+dependencies = [
+ "cfg-if",
+]
+
+[[package]]
+name = "crypto-bigint"
+version = "0.7.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "42a0d26b245348befa0c121944541476763dcc46ede886c88f9d12e1697d27c3"
+dependencies = [
+ "cpubits",
+ "ctutils",
+ "getrandom 0.4.2",
+ "hybrid-array",
+ "num-traits",
+ "rand_core 0.10.0",
+ "serdect",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "crypto-common"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "78c8292055d1c1df0cce5d180393dc8cce0abec0a7102adb6c7b1eef6016d60a"
+dependencies = [
+ "generic-array 0.14.7",
+ "typenum",
+]
+
+[[package]]
+name = "crypto-common"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77727bb15fa921304124b128af125e7e3b968275d1b108b379190264f4423710"
+dependencies = [
+ "getrandom 0.4.2",
+ "hybrid-array",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "crypto-primes"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "21f41f23de7d24cdbda7f0c4d9c0351f99a4ceb258ef30e5c1927af8987ffe5a"
+dependencies = [
+ "crypto-bigint",
+ "libm",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "ctr"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835"
+dependencies = [
+ "cipher 0.4.4",
+]
+
+[[package]]
+name = "ctr"
+version = "0.10.0-rc.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fee683dd898fbd052617b4514bc31f98bc32081a83b69ec46adef3b1ef4ae36f"
+dependencies = [
+ "cipher 0.5.1",
+]
+
+[[package]]
+name = "ctutils"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7d5515a3834141de9eafb9717ad39eea8247b5674e6066c404e8c4b365d2a29e"
+dependencies = [
+ "cmov",
+ "subtle",
+]
+
+[[package]]
+name = "curve25519-dalek"
+version = "5.0.0-pre.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "335f1947f241137a14106b6f5acc5918a5ede29c9d71d3f2cb1678d5075d9fc3"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.2.17",
+ "curve25519-dalek-derive",
+ "digest 0.11.2",
+ "fiat-crypto",
+ "rustc_version",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "curve25519-dalek-derive"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "data-encoding"
+version = "2.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d7a1e2f27636f116493b8b860f5546edb47c8d8f8ea73e1d2a20be88e28d1fea"
+
+[[package]]
+name = "delegate"
+version = "0.13.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "780eb241654bf097afb00fc5f054a09b687dad862e485fdcf8399bb056565370"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "der"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "71fd89660b2dc699704064e59e9dba0147b903e85319429e131620d022be411b"
+dependencies = [
+ "const-oid 0.10.2",
+ "pem-rfc7468 1.0.0",
+ "zeroize",
+]
+
+[[package]]
+name = "digest"
+version = "0.10.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
+dependencies = [
+ "block-buffer 0.10.4",
+ "const-oid 0.9.6",
+ "crypto-common 0.1.7",
+ "subtle",
+]
+
+[[package]]
+name = "digest"
+version = "0.11.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4850db49bf08e663084f7fb5c87d202ef91a3907271aff24a94eb97ff039153c"
+dependencies = [
+ "block-buffer 0.12.0",
+ "const-oid 0.10.2",
+ "crypto-common 0.2.1",
+ "ctutils",
+]
+
+[[package]]
+name = "displaydoc"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "dunce"
+version = "1.0.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813"
+
+[[package]]
+name = "dyn-clone"
+version = "1.0.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d0881ea181b1df73ff77ffaaf9c7544ecc11e82fba9b5f27b262a3c73a332555"
+
+[[package]]
+name = "ecdsa"
+version = "0.17.0-rc.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "91bbdd377139884fafcad8dc43a760a3e1e681aa26db910257fa6535b70e1829"
+dependencies = [
+ "der",
+ "digest 0.11.2",
+ "elliptic-curve",
+ "rfc6979",
+ "signature",
+ "spki",
+ "zeroize",
+]
+
+[[package]]
+name = "ed25519"
+version = "3.0.0-rc.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c6e914c7c52decb085cea910552e24c63ac019e3ab8bf001ff736da9a9d9d890"
+dependencies = [
+ "pkcs8",
+ "signature",
+]
+
+[[package]]
+name = "ed25519-dalek"
+version = "3.0.0-pre.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "053618a4c3d3bc24f188aa660ae75a46eeab74ef07fb415c61431e5e7cd4749b"
+dependencies = [
+ "curve25519-dalek",
+ "ed25519",
+ "rand_core 0.10.0",
+ "serde",
+ "sha2 0.11.0",
+ "signature",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "elliptic-curve"
+version = "0.14.0-rc.29"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e84043d573efd4ac9d2d125817979a379204bf7e328b25a4a30487e8d100e618"
+dependencies = [
+ "base16ct",
+ "crypto-bigint",
+ "crypto-common 0.2.1",
+ "digest 0.11.2",
+ "hkdf",
+ "hybrid-array",
+ "once_cell",
+ "pem-rfc7468 1.0.0",
+ "pkcs8",
+ "rand_core 0.10.0",
+ "rustcrypto-ff",
+ "rustcrypto-group",
+ "sec1",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "enum_dispatch"
+version = "0.3.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aa18ce2bc66555b3218614519ac839ddb759a7d6720732f979ef8d13be147ecd"
+dependencies = [
+ "once_cell",
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "equivalent"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
+
+[[package]]
+name = "errno"
+version = "0.3.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb"
+dependencies = [
+ "libc",
+ "windows-sys",
+]
+
+[[package]]
+name = "fastrand"
+version = "2.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a043dc74da1e37d6afe657061213aa6f425f855399a11d3463c6ecccc4dfda1f"
+
+[[package]]
+name = "fiat-crypto"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24"
+
+[[package]]
+name = "find-msvc-tools"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5baebc0774151f905a1a2cc41989300b1e6fbb29aff0ceffa1064fdd3088d582"
+
+[[package]]
+name = "flate2"
+version = "1.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "843fba2746e448b37e26a819579957415c8cef339bf08564fe8b7ddbd959573c"
+dependencies = [
+ "crc32fast",
+ "miniz_oxide",
+]
+
+[[package]]
+name = "foldhash"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
+
+[[package]]
+name = "form_urlencoded"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cb4cb245038516f5f85277875cdaa4f7d2c9a0fa0468de06ed190163b1581fcf"
+dependencies = [
+ "percent-encoding",
+]
+
+[[package]]
+name = "fs_extra"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c"
+
+[[package]]
+name = "futures"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b147ee9d1f6d097cef9ce628cd2ee62288d963e16fb287bd9286455b241382d"
+dependencies = [
+ "futures-channel",
+ "futures-core",
+ "futures-executor",
+ "futures-io",
+ "futures-sink",
+ "futures-task",
+ "futures-util",
+]
+
+[[package]]
+name = "futures-channel"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "07bbe89c50d7a535e539b8c17bc0b49bdb77747034daa8087407d655f3f7cc1d"
+dependencies = [
+ "futures-core",
+ "futures-sink",
+]
+
+[[package]]
+name = "futures-core"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7e3450815272ef58cec6d564423f6e755e25379b217b0bc688e295ba24df6b1d"
+
+[[package]]
+name = "futures-executor"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "baf29c38818342a3b26b5b923639e7b1f4a61fc5e76102d4b1981c6dc7a7579d"
+dependencies = [
+ "futures-core",
+ "futures-task",
+ "futures-util",
+]
+
+[[package]]
+name = "futures-io"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cecba35d7ad927e23624b22ad55235f2239cfa44fd10428eecbeba6d6a717718"
+
+[[package]]
+name = "futures-macro"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e835b70203e41293343137df5c0664546da5745f82ec9b84d40be8336958447b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "futures-sink"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c39754e157331b013978ec91992bde1ac089843443c49cbc7f46150b0fad0893"
+
+[[package]]
+name = "futures-task"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "037711b3d59c33004d3856fbdc83b99d4ff37a24768fa1be9ce3538a1cde4393"
+
+[[package]]
+name = "futures-util"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "389ca41296e6190b48053de0321d02a77f32f8a5d2461dd38762c0593805c6d6"
+dependencies = [
+ "futures-channel",
+ "futures-core",
+ "futures-io",
+ "futures-macro",
+ "futures-sink",
+ "futures-task",
+ "memchr",
+ "pin-project-lite",
+ "slab",
+]
+
+[[package]]
+name = "generic-array"
+version = "0.14.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
+[[package]]
+name = "generic-array"
+version = "1.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eaf57c49a95fd1fe24b90b3033bee6dc7e8f1288d51494cb44e627c295e38542"
+dependencies = [
+ "generic-array 0.14.7",
+ "rustversion",
+ "typenum",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ff2abc00be7fca6ebc474524697ae276ad847ad0a6b3faa4bcb027e9a4614ad0"
+dependencies = [
+ "cfg-if",
+ "js-sys",
+ "libc",
+ "wasi",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "899def5c37c4fd7b2664648c28120ecec138e4d395b459e5ca34f9cce2dd77fd"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "r-efi 5.3.0",
+ "wasip2",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0de51e6874e94e7bf76d726fc5d13ba782deca734ff60d5bb2fb2607c7406555"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "r-efi 6.0.0",
+ "rand_core 0.10.0",
+ "wasip2",
+ "wasip3",
+]
+
+[[package]]
+name = "ghash"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0d8a4362ccb29cb0b265253fb0a2728f592895ee6854fd9bc13f2ffda266ff1"
+dependencies = [
+ "opaque-debug",
+ "polyval 0.6.2",
+]
+
+[[package]]
+name = "ghash"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2eecf2d5dc9b66b732b97707a0210906b1d30523eb773193ab777c0c84b3e8d5"
+dependencies = [
+ "polyval 0.7.1",
+]
+
+[[package]]
+name = "globset"
+version = "0.4.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "52dfc19153a48bde0cbd630453615c8151bce3a5adfac7a0aebfbf0a1e1f57e3"
+dependencies = [
+ "aho-corasick",
+ "bstr",
+ "log",
+ "regex-automata",
+ "regex-syntax",
+]
+
+[[package]]
+name = "hashbrown"
+version = "0.15.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1"
+dependencies = [
+ "allocator-api2",
+ "equivalent",
+ "foldhash",
+]
+
+[[package]]
+name = "hashbrown"
+version = "0.16.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100"
+
+[[package]]
+name = "heck"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"
+
+[[package]]
+name = "hex"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
+
+[[package]]
+name = "hex-literal"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e712f64ec3850b98572bffac52e2c6f282b29fe6c5fa6d42334b30be438d95c1"
+
+[[package]]
+name = "hifijson"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "242402749acf71e6f32f5857598b7002c4058a4e3c3b22b4c7d51cab9aea754e"
+
+[[package]]
+name = "hkdf"
+version = "0.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4aaa26c720c68b866f2c96ef5c1264b3e6f473fe5d4ce61cd44bbe913e553018"
+dependencies = [
+ "hmac 0.13.0",
+]
+
+[[package]]
+name = "hmac"
+version = "0.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
+dependencies = [
+ "digest 0.10.7",
+]
+
+[[package]]
+name = "hmac"
+version = "0.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6303bc9732ae41b04cb554b844a762b4115a61bfaa81e3e83050991eeb56863f"
+dependencies = [
+ "digest 0.11.2",
+]
+
+[[package]]
+name = "hybrid-array"
+version = "0.4.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3944cf8cf766b40e2a1a333ee5e9b563f854d5fa49d6a8ca2764e97c6eddb214"
+dependencies = [
+ "ctutils",
+ "subtle",
+ "typenum",
+ "zeroize",
+]
+
+[[package]]
+name = "iana-time-zone"
+version = "0.1.65"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e31bc9ad994ba00e440a8aa5c9ef0ec67d5cb5e5cb0cc7f8b744a35b389cc470"
+dependencies = [
+ "android_system_properties",
+ "core-foundation-sys",
+ "iana-time-zone-haiku",
+ "js-sys",
+ "log",
+ "wasm-bindgen",
+ "windows-core",
+]
+
+[[package]]
+name = "iana-time-zone-haiku"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
+dependencies = [
+ "cc",
+]
+
+[[package]]
+name = "icu_collections"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2984d1cd16c883d7935b9e07e44071dca8d917fd52ecc02c04d5fa0b5a3f191c"
+dependencies = [
+ "displaydoc",
+ "potential_utf",
+ "utf8_iter",
+ "yoke",
+ "zerofrom",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_locale_core"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92219b62b3e2b4d88ac5119f8904c10f8f61bf7e95b640d25ba3075e6cac2c29"
+dependencies = [
+ "displaydoc",
+ "litemap",
+ "tinystr",
+ "writeable",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_normalizer"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c56e5ee99d6e3d33bd91c5d85458b6005a22140021cc324cea84dd0e72cff3b4"
+dependencies = [
+ "icu_collections",
+ "icu_normalizer_data",
+ "icu_properties",
+ "icu_provider",
+ "smallvec",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_normalizer_data"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "da3be0ae77ea334f4da67c12f149704f19f81d1adf7c51cf482943e84a2bad38"
+
+[[package]]
+name = "icu_properties"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bee3b67d0ea5c2cca5003417989af8996f8604e34fb9ddf96208a033901e70de"
+dependencies = [
+ "icu_collections",
+ "icu_locale_core",
+ "icu_properties_data",
+ "icu_provider",
+ "zerotrie",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_properties_data"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e2bbb201e0c04f7b4b3e14382af113e17ba4f63e2c9d2ee626b720cbce54a14"
+
+[[package]]
+name = "icu_provider"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "139c4cf31c8b5f33d7e199446eff9c1e02decfc2f0eec2c8d71f65befa45b421"
+dependencies = [
+ "displaydoc",
+ "icu_locale_core",
+ "writeable",
+ "yoke",
+ "zerofrom",
+ "zerotrie",
+ "zerovec",
+]
+
+[[package]]
+name = "id-arena"
+version = "2.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3d3067d79b975e8844ca9eb072e16b31c3c1c36928edf9c6789548c524d0d954"
+
+[[package]]
+name = "idna"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3b0875f23caa03898994f6ddc501886a45c7d3d62d04d2d90788d47be1b1e4de"
+dependencies = [
+ "idna_adapter",
+ "smallvec",
+ "utf8_iter",
+]
+
+[[package]]
+name = "idna_adapter"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344"
+dependencies = [
+ "icu_normalizer",
+ "icu_properties",
+]
+
+[[package]]
+name = "indexmap"
+version = "2.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "45a8a2b9cb3e0b0c1803dbb0758ffac5de2f425b23c28f518faabd9d805342ff"
+dependencies = [
+ "equivalent",
+ "hashbrown 0.16.1",
+ "serde",
+ "serde_core",
+]
+
+[[package]]
+name = "inout"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01"
+dependencies = [
+ "block-padding 0.3.3",
+ "generic-array 0.14.7",
+]
+
+[[package]]
+name = "inout"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4250ce6452e92010fdf7268ccc5d14faa80bb12fc741938534c58f16804e03c7"
+dependencies = [
+ "block-padding 0.4.2",
+ "hybrid-array",
+]
+
+[[package]]
+name = "internal-russh-forked-ssh-key"
+version = "0.6.18+upstream-0.6.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "25f8a978272e3cbdf4768f7363eb1c8e1e6ba63c52a3ed05e29e222da4aec7cb"
+dependencies = [
+ "argon2",
+ "bcrypt-pbkdf",
+ "crypto-bigint",
+ "ecdsa",
+ "ed25519-dalek",
+ "hex",
+ "hmac 0.13.0",
+ "num-bigint-dig",
+ "p256",
+ "p384",
+ "p521",
+ "rand_core 0.10.0",
+ "rsa",
+ "sec1",
+ "sha1 0.11.0",
+ "sha2 0.11.0",
+ "signature",
+ "ssh-cipher",
+ "ssh-encoding",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "internal-russh-num-bigint"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae8e22120c32fb4d19ec55fba35015f57095cd95a2e3b732e44457f5915b2ee8"
+dependencies = [
+ "num-integer",
+ "num-traits",
+ "rand 0.10.0",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "itoa"
+version = "1.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8f42a60cbdf9a97f5d2305f08a87dc4e09308d1276d28c869c684d7777685682"
+
+[[package]]
+name = "jaq-core"
+version = "3.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dca0f164c8e9c55fc5aefe60b371df735c719b09930dac185878f2f8c7ab6b68"
+dependencies = [
+ "dyn-clone",
+ "once_cell",
+ "typed-arena",
+]
+
+[[package]]
+name = "jaq-json"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f5c5baabe63d1d72cde60ec7548a098036773e3541dbc65c6a44fb38e9cfb272"
+dependencies = [
+ "bstr",
+ "bytes",
+ "foldhash",
+ "hifijson",
+ "indexmap",
+ "jaq-core",
+ "jaq-std",
+ "num-bigint",
+ "num-traits",
+ "ryu",
+ "self_cell",
+]
+
+[[package]]
+name = "jaq-std"
+version = "3.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2a11bb307027b20b3dc7b212ad687e7e410cbc43933eec5d498672ab2bc60666"
+dependencies = [
+ "aho-corasick",
+ "base64",
+ "bstr",
+ "jaq-core",
+ "jiff",
+ "libm",
+ "log",
+ "regex-bites",
+ "urlencoding",
+]
+
+[[package]]
+name = "jiff"
+version = "0.2.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a3546dc96b6d42c5f24902af9e2538e82e39ad350b0c766eb3fbf2d8f3d8359"
+dependencies = [
+ "jiff-static",
+ "jiff-tzdb-platform",
+ "log",
+ "portable-atomic",
+ "portable-atomic-util",
+ "serde_core",
+ "windows-sys",
+]
+
+[[package]]
+name = "jiff-static"
+version = "0.2.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2a8c8b344124222efd714b73bb41f8b5120b27a7cc1c75593a6ff768d9d05aa4"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "jiff-tzdb"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c900ef84826f1338a557697dc8fc601df9ca9af4ac137c7fb61d4c6f2dfd3076"
+
+[[package]]
+name = "jiff-tzdb-platform"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "875a5a69ac2bab1a891711cf5eccbec1ce0341ea805560dcd90b7a2e925132e8"
+dependencies = [
+ "jiff-tzdb",
+]
+
+[[package]]
+name = "jobserver"
+version = "0.1.34"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9afb3de4395d6b3e67a780b6de64b51c978ecf11cb9a462c66be7d4ca9039d33"
+dependencies = [
+ "getrandom 0.3.4",
+ "libc",
+]
+
+[[package]]
+name = "js-sys"
+version = "0.3.94"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2e04e2ef80ce82e13552136fabeef8a5ed1f985a96805761cbb9a2c34e7664d9"
+dependencies = [
+ "cfg-if",
+ "futures-util",
+ "once_cell",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "keccak"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9e24a010dd405bd7ed803e5253182815b41bf2e6a80cc3bfc066658e03a198aa"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.3.0",
+]
+
+[[package]]
+name = "kem"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "01737161ba802849cfd486b5bd209d38ba4943494c249a8126005170c7621edd"
+dependencies = [
+ "crypto-common 0.2.1",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "lazy_static"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
+dependencies = [
+ "spin",
+]
+
+[[package]]
+name = "leb128fmt"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09edd9e8b54e49e587e4f6295a7d29c3ea94d469cb40ab8ca70b288248a81db2"
+
+[[package]]
+name = "libc"
+version = "0.2.184"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "48f5d2a454e16a5ea0f4ced81bd44e4cfc7bd3a507b61887c99fd3538b28e4af"
+
+[[package]]
+name = "libm"
+version = "0.2.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6d2cec3eae94f9f509c767b45932f1ada8350c4bdb85af2fcab4a3c14807981"
+
+[[package]]
+name = "linux-raw-sys"
+version = "0.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32a66949e030da00e8c7d4434b251670a91556f4144941d37452769c25d58a53"
+
+[[package]]
+name = "litemap"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92daf443525c4cce67b150400bc2316076100ce0b3686209eb8cf3c31612e6f0"
+
+[[package]]
+name = "lock_api"
+version = "0.4.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "224399e74b87b5f3557511d98dff8b14089b3dadafcab6bb93eab67d3aace965"
+dependencies = [
+ "scopeguard",
+]
+
+[[package]]
+name = "log"
+version = "0.4.29"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897"
+
+[[package]]
+name = "lru"
+version = "0.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "227748d55f2f0ab4735d87fd623798cb6b664512fe979705f829c9f81c934465"
+dependencies = [
+ "hashbrown 0.15.5",
+]
+
+[[package]]
+name = "matchers"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d1525a2a28c7f4fa0fc98bb91ae755d1e2d1505079e05539e35bc876b5d65ae9"
+dependencies = [
+ "regex-automata",
+]
+
+[[package]]
+name = "md-5"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69b6441f590336821bb897fb28fc622898ccceb1d6cea3fde5ea86b090c4de98"
+dependencies = [
+ "cfg-if",
+ "digest 0.11.2",
+]
+
+[[package]]
+name = "md5"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "490cc448043f947bae3cbee9c203358d62dbee0db12107a74be5c30ccfd09771"
+
+[[package]]
+name = "memchr"
+version = "2.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
+
+[[package]]
+name = "miniz_oxide"
+version = "0.8.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
+dependencies = [
+ "adler2",
+ "simd-adler32",
+]
+
+[[package]]
+name = "mio"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1"
+dependencies = [
+ "libc",
+ "wasi",
+ "windows-sys",
+]
+
+[[package]]
+name = "ml-kem"
+version = "0.3.0-rc.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "04437cb1a66c0b78740927b76cc61f218344b9f6ef3dd430e283274a718ef0e9"
+dependencies = [
+ "hybrid-array",
+ "kem",
+ "module-lattice",
+ "rand_core 0.10.0",
+ "sha3",
+]
+
+[[package]]
+name = "module-lattice"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "164eb3faeaecbd14b0b2a917c1b4d0c035097a9c559b0bed85c2cdd032bc8faa"
+dependencies = [
+ "ctutils",
+ "hybrid-array",
+ "num-traits",
+]
+
+[[package]]
+name = "nix"
+version = "0.31.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d6d0705320c1e6ba1d912b5e37cf18071b6c2e9b7fa8215a1e8a7651966f5d3"
+dependencies = [
+ "bitflags",
+ "cfg-if",
+ "cfg_aliases",
+ "libc",
+]
+
+[[package]]
+name = "nu-ansi-term"
+version = "0.50.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7957b9740744892f114936ab4a57b3f487491bbeafaf8083688b16841a4240e5"
+dependencies = [
+ "windows-sys",
+]
+
+[[package]]
+name = "num-bigint"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9"
+dependencies = [
+ "num-integer",
+ "num-traits",
+]
+
+[[package]]
+name = "num-bigint-dig"
+version = "0.8.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e661dda6640fad38e827a6d4a310ff4763082116fe217f279885c97f511bb0b7"
+dependencies = [
+ "lazy_static",
+ "libm",
+ "num-integer",
+ "num-iter",
+ "num-traits",
+ "rand 0.8.5",
+ "serde",
+ "smallvec",
+]
+
+[[package]]
+name = "num-integer"
+version = "0.1.46"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
+dependencies = [
+ "num-traits",
+]
+
+[[package]]
+name = "num-iter"
+version = "0.1.45"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf"
+dependencies = [
+ "autocfg",
+ "num-integer",
+ "num-traits",
+]
+
+[[package]]
+name = "num-traits"
+version = "0.2.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
+dependencies = [
+ "autocfg",
+]
+
+[[package]]
+name = "once_cell"
+version = "1.21.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50"
+
+[[package]]
+name = "opaque-debug"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
+
+[[package]]
+name = "p256"
+version = "0.14.0-rc.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "44f0a10fe314869359cb2901342b045f4e5a962ef9febc006f03d2a8c848fe4c"
+dependencies = [
+ "ecdsa",
+ "elliptic-curve",
+ "primefield",
+ "primeorder",
+ "sha2 0.11.0",
+]
+
+[[package]]
+name = "p384"
+version = "0.14.0-rc.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b079e66810c55ab3d6ba424e056dc4aefcdb8046c8c3f3816142edbdd7af7721"
+dependencies = [
+ "ecdsa",
+ "elliptic-curve",
+ "fiat-crypto",
+ "primefield",
+ "primeorder",
+ "sha2 0.11.0",
+]
+
+[[package]]
+name = "p521"
+version = "0.14.0-rc.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9eecc34c4c6e6596d5271fecf90ac4f16593fa198e77282214d0c22736aa9266"
+dependencies = [
+ "base16ct",
+ "ecdsa",
+ "elliptic-curve",
+ "primefield",
+ "primeorder",
+ "sha2 0.11.0",
+]
+
+[[package]]
+name = "pageant"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1b537f975f6d8dcf48db368d7ec209d583b015713b5df0f5d92d2631e4ff5595"
+dependencies = [
+ "byteorder",
+ "bytes",
+ "delegate",
+ "futures",
+ "log",
+ "rand 0.8.5",
+ "sha2 0.10.9",
+ "thiserror 1.0.69",
+ "tokio",
+ "windows",
+ "windows-strings",
+]
+
+[[package]]
+name = "parking_lot"
+version = "0.12.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93857453250e3077bd71ff98b6a65ea6621a19bb0f559a85248955ac12c45a1a"
+dependencies = [
+ "lock_api",
+ "parking_lot_core",
+]
+
+[[package]]
+name = "parking_lot_core"
+version = "0.9.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2621685985a2ebf1c516881c026032ac7deafcda1a2c9b7850dc81e3dfcb64c1"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "redox_syscall",
+ "smallvec",
+ "windows-link",
+]
+
+[[package]]
+name = "password-hash"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
+dependencies = [
+ "base64ct",
+ "rand_core 0.6.4",
+ "subtle",
+]
+
+[[package]]
+name = "pbkdf2"
+version = "0.12.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2"
+dependencies = [
+ "digest 0.10.7",
+ "hmac 0.12.1",
+]
+
+[[package]]
+name = "pbkdf2"
+version = "0.13.0-rc.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f24f3eb2f4471b1730d59e4b730b747939960a8c7eb0c33c5a9076f2d3dddea"
+dependencies = [
+ "digest 0.11.2",
+ "hmac 0.13.0",
+]
+
+[[package]]
+name = "pem-rfc7468"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
+dependencies = [
+ "base64ct",
+]
+
+[[package]]
+name = "pem-rfc7468"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a6305423e0e7738146434843d1694d621cce767262b2a86910beab705e4493d9"
+dependencies = [
+ "base64ct",
+]
+
+[[package]]
+name = "percent-encoding"
+version = "2.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9b4f627cb1b25917193a259e49bdad08f671f8d9708acfd5fe0a8c1455d87220"
+
+[[package]]
+name = "pin-project-lite"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a89322df9ebe1c1578d689c92318e070967d1042b512afbe49518723f4e6d5cd"
+
+[[package]]
+name = "pkcs1"
+version = "0.8.0-rc.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "986d2e952779af96ea048f160fd9194e1751b4faea78bcf3ceb456efe008088e"
+dependencies = [
+ "der",
+ "spki",
+]
+
+[[package]]
+name = "pkcs5"
+version = "0.8.0-rc.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c5a777c6e26664bc9504b3ce3f6133f8f20d9071f130a4f9fcbd3186959d8dd6"
+dependencies = [
+ "aes 0.9.0-rc.4",
+ "aes-gcm 0.11.0-rc.3",
+ "cbc 0.2.0-rc.4",
+ "der",
+ "pbkdf2 0.13.0-rc.10",
+ "rand_core 0.10.0",
+ "scrypt",
+ "sha2 0.11.0",
+ "spki",
+]
+
+[[package]]
+name = "pkcs8"
+version = "0.11.0-rc.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "12922b6296c06eb741b02d7b5161e3aaa22864af38dfa025a1a3ba3f68c84577"
+dependencies = [
+ "der",
+ "pkcs5",
+ "rand_core 0.10.0",
+ "spki",
+]
+
+[[package]]
+name = "poly1305"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8159bd90725d2df49889a078b54f4f79e87f1f8a8444194cdca81d38f5393abf"
+dependencies = [
+ "cpufeatures 0.2.17",
+ "opaque-debug",
+ "universal-hash 0.5.1",
+]
+
+[[package]]
+name = "polyval"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.2.17",
+ "opaque-debug",
+ "universal-hash 0.5.1",
+]
+
+[[package]]
+name = "polyval"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7dfc63250416fea14f5749b90725916a6c903f599d51cb635aa7a52bfd03eede"
+dependencies = [
+ "cpubits",
+ "cpufeatures 0.3.0",
+ "universal-hash 0.6.1",
+]
+
+[[package]]
+name = "portable-atomic"
+version = "1.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c33a9471896f1c69cecef8d20cbe2f7accd12527ce60845ff44c153bb2a21b49"
+
+[[package]]
+name = "portable-atomic-util"
+version = "0.2.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "091397be61a01d4be58e7841595bd4bfedb15f1cd54977d79b8271e94ed799a3"
+dependencies = [
+ "portable-atomic",
+]
+
+[[package]]
+name = "potential_utf"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0103b1cef7ec0cf76490e969665504990193874ea05c85ff9bab8b911d0a0564"
+dependencies = [
+ "zerovec",
+]
+
+[[package]]
+name = "ppv-lite86"
+version = "0.2.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9"
+dependencies = [
+ "zerocopy",
+]
+
+[[package]]
+name = "prettyplease"
+version = "0.2.37"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "479ca8adacdd7ce8f1fb39ce9ecccbfe93a3f1344b3d0d97f20bc0196208f62b"
+dependencies = [
+ "proc-macro2",
+ "syn",
+]
+
+[[package]]
+name = "primefield"
+version = "0.14.0-rc.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c6543f5eec854fbf74ba5ef651fbdc9408919b47c3e1526623687135c16d12e9"
+dependencies = [
+ "crypto-bigint",
+ "crypto-common 0.2.1",
+ "rand_core 0.10.0",
+ "rustcrypto-ff",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "primeorder"
+version = "0.14.0-rc.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "569d9ad6ef822bb0322c7e7d84e5e286244050bd5246cac4c013535ae91c2c90"
+dependencies = [
+ "elliptic-curve",
+]
+
+[[package]]
+name = "proc-macro2"
+version = "1.0.106"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8fd00f0bb2e90d81d1044c2b32617f68fcb9fa3bb7640c23e9c748e53fb30934"
+dependencies = [
+ "unicode-ident",
+]
+
+[[package]]
+name = "quote"
+version = "1.0.45"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41f2619966050689382d2b44f664f4bc593e129785a36d6ee376ddf37259b924"
+dependencies = [
+ "proc-macro2",
+]
+
+[[package]]
+name = "r-efi"
+version = "5.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f"
+
+[[package]]
+name = "r-efi"
+version = "6.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8dcc9c7d52a811697d2151c701e0d08956f92b0e24136cf4cf27b57a6a0d9bf"
+
+[[package]]
+name = "rand"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+dependencies = [
+ "libc",
+ "rand_chacha 0.3.1",
+ "rand_core 0.6.4",
+]
+
+[[package]]
+name = "rand"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1"
+dependencies = [
+ "rand_chacha 0.9.0",
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "rand"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bc266eb313df6c5c09c1c7b1fbe2510961e5bcd3add930c1e31f7ed9da0feff8"
+dependencies = [
+ "chacha20 0.10.0",
+ "getrandom 0.4.2",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.6.4",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
+dependencies = [
+ "getrandom 0.2.17",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76afc826de14238e6e8c374ddcc1fa19e374fd8dd986b0d2af0d02377261d83c"
+dependencies = [
+ "getrandom 0.3.4",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0c8d0fd677905edcbeedbf2edb6494d676f0e98d54d5cf9bda0b061cb8fb8aba"
+
+[[package]]
+name = "redox_syscall"
+version = "0.5.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ed2bf2547551a7053d6fdfafda3f938979645c44812fbfcda098faae3f1a362d"
+dependencies = [
+ "bitflags",
+]
+
+[[package]]
+name = "ref-cast"
+version = "1.0.25"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f354300ae66f76f1c85c5f84693f0ce81d747e2c3f21a45fef496d89c960bf7d"
+dependencies = [
+ "ref-cast-impl",
+]
+
+[[package]]
+name = "ref-cast-impl"
+version = "1.0.25"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b7186006dcb21920990093f30e3dea63b7d6e977bf1256be20c3563a5db070da"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "regex"
+version = "1.12.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e10754a14b9137dd7b1e3e5b0493cc9171fdd105e0ab477f51b72e7f3ac0e276"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-automata",
+ "regex-syntax",
+]
+
+[[package]]
+name = "regex-automata"
+version = "0.4.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e1dd4122fc1595e8162618945476892eefca7b88c52820e74af6262213cae8f"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-syntax",
+]
+
+[[package]]
+name = "regex-bites"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6a15a2fa0bfda9361941c45550896ae87b15cc6c8c939ea350079670332e211"
+
+[[package]]
+name = "regex-syntax"
+version = "0.8.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
+
+[[package]]
+name = "rfc6979"
+version = "0.5.0-rc.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "23a3127ee32baec36af75b4107082d9bd823501ec14a4e016be4b6b37faa74ae"
+dependencies = [
+ "hmac 0.13.0",
+ "subtle",
+]
+
+[[package]]
+name = "rsa"
+version = "0.10.0-rc.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "87ed3e93fc7e473e464b9726f4759659e72bc8665e4b8ea227547024f416d905"
+dependencies = [
+ "const-oid 0.10.2",
+ "crypto-bigint",
+ "crypto-primes",
+ "digest 0.11.2",
+ "pkcs1",
+ "pkcs8",
+ "rand_core 0.10.0",
+ "sha2 0.11.0",
+ "signature",
+ "spki",
+ "zeroize",
+]
+
+[[package]]
+name = "russh"
+version = "0.60.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3b530252dc3ff163b73a7e48c97b925450d2ca53edcb466a46ad0a231e45f998"
+dependencies = [
+ "aes 0.8.4",
+ "aws-lc-rs",
+ "bitflags",
+ "block-padding 0.3.3",
+ "byteorder",
+ "bytes",
+ "cbc 0.1.2",
+ "cipher 0.5.1",
+ "crypto-bigint",
+ "ctr 0.9.2",
+ "curve25519-dalek",
+ "data-encoding",
+ "delegate",
+ "der",
+ "digest 0.10.7",
+ "ecdsa",
+ "ed25519-dalek",
+ "elliptic-curve",
+ "enum_dispatch",
+ "flate2",
+ "futures",
+ "generic-array 1.3.5",
+ "getrandom 0.2.17",
+ "hex-literal",
+ "hmac 0.12.1",
+ "inout 0.1.4",
+ "internal-russh-forked-ssh-key",
+ "internal-russh-num-bigint",
+ "log",
+ "md5",
+ "ml-kem",
+ "module-lattice",
+ "p256",
+ "p384",
+ "p521",
+ "pageant",
+ "pbkdf2 0.12.2",
+ "pkcs1",
+ "pkcs5",
+ "pkcs8",
+ "polyval 0.7.1",
+ "rand 0.10.0",
+ "rand_core 0.10.0",
+ "rsa",
+ "russh-cryptovec",
+ "russh-util",
+ "sec1",
+ "sha1 0.10.6",
+ "sha2 0.10.9",
+ "signature",
+ "spki",
+ "ssh-encoding",
+ "subtle",
+ "thiserror 2.0.18",
+ "tokio",
+ "typenum",
+ "universal-hash 0.6.1",
+ "zeroize",
+]
+
+[[package]]
+name = "russh-cryptovec"
+version = "0.59.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "36140e8a20297bc2e8338807c3d9ca911f7fa49d7539cbcd6d48d3befd70efd8"
+dependencies = [
+ "log",
+ "nix",
+ "ssh-encoding",
+ "windows-sys",
+]
+
+[[package]]
+name = "russh-util"
+version = "0.52.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "668424a5dde0bcb45b55ba7de8476b93831b4aa2fa6947e145f3b053e22c60b6"
+dependencies = [
+ "chrono",
+ "tokio",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+]
+
+[[package]]
+name = "rustc_version"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92"
+dependencies = [
+ "semver",
+]
+
+[[package]]
+name = "rustcrypto-ff"
+version = "0.14.0-rc.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fd2a8adb347447693cd2ba0d218c4b66c62da9b0a5672b17b981e4291ec65ff6"
+dependencies = [
+ "rand_core 0.10.0",
+ "subtle",
+]
+
+[[package]]
+name = "rustcrypto-group"
+version = "0.14.0-rc.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "369f9b61aa45933c062c9f6b5c3c50ab710687eca83dd3802653b140b43f85ed"
+dependencies = [
+ "rand_core 0.10.0",
+ "rustcrypto-ff",
+ "subtle",
+]
+
+[[package]]
+name = "rustix"
+version = "1.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6fe4565b9518b83ef4f91bb47ce29620ca828bd32cb7e408f0062e9930ba190"
+dependencies = [
+ "bitflags",
+ "errno",
+ "libc",
+ "linux-raw-sys",
+ "windows-sys",
+]
+
+[[package]]
+name = "rustversion"
+version = "1.0.22"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d"
+
+[[package]]
+name = "ryu"
+version = "1.0.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9774ba4a74de5f7b1c1451ed6cd5285a32eddb5cccb8cc655a4e50009e06477f"
+
+[[package]]
+name = "salsa20"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f874456e72520ff1375a06c588eaf074b0f01f9e9e1aada45bd9b7954a6e42c"
+dependencies = [
+ "cfg-if",
+ "cipher 0.5.1",
+]
+
+[[package]]
+name = "schemars"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a2b42f36aa1cd011945615b92222f6bf73c599a102a300334cd7f8dbeec726cc"
+dependencies = [
+ "dyn-clone",
+ "ref-cast",
+ "schemars_derive",
+ "serde",
+ "serde_json",
+]
+
+[[package]]
+name = "schemars_derive"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7d115b50f4aaeea07e79c1912f645c7513d81715d0420f8bc77a18c6260b307f"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "serde_derive_internals",
+ "syn",
+]
+
+[[package]]
+name = "scopeguard"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
+
+[[package]]
+name = "scrypt"
+version = "0.12.0-rc.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e03ed5b54ed5fcc8e016cd94301416bc2c01c05c87a6742b97468337c8804598"
+dependencies = [
+ "cfg-if",
+ "pbkdf2 0.13.0-rc.10",
+ "salsa20",
+ "sha2 0.11.0",
+]
+
+[[package]]
+name = "sec1"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d56d437c2f19203ce5f7122e507831de96f3d2d4d3be5af44a0b0a09d8a80e4d"
+dependencies = [
+ "base16ct",
+ "ctutils",
+ "der",
+ "hybrid-array",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "self_cell"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b12e76d157a900eb52e81bc6e9f3069344290341720e9178cde2407113ac8d89"
+
+[[package]]
+name = "semver"
+version = "1.0.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8a7852d02fc848982e0c167ef163aaff9cd91dc640ba85e263cb1ce46fae51cd"
+
+[[package]]
+name = "serde"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
+dependencies = [
+ "serde_core",
+ "serde_derive",
+]
+
+[[package]]
+name = "serde_core"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
+dependencies = [
+ "serde_derive",
+]
+
+[[package]]
+name = "serde_derive"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "serde_derive_internals"
+version = "0.29.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "serde_json"
+version = "1.0.149"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "83fc039473c5595ace860d8c4fafa220ff474b3fc6bfdb4293327f1a37e94d86"
+dependencies = [
+ "itoa",
+ "memchr",
+ "serde",
+ "serde_core",
+ "zmij",
+]
+
+[[package]]
+name = "serdect"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9af4a3e75ebd5599b30d4de5768e00b5095d518a79fefc3ecbaf77e665d1ec06"
+dependencies = [
+ "base16ct",
+ "serde",
+]
+
+[[package]]
+name = "sha1"
+version = "0.10.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.2.17",
+ "digest 0.10.7",
+]
+
+[[package]]
+name = "sha1"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aacc4cc499359472b4abe1bf11d0b12e688af9a805fa5e3016f9a386dc2d0214"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.3.0",
+ "digest 0.11.2",
+]
+
+[[package]]
+name = "sha2"
+version = "0.10.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.2.17",
+ "digest 0.10.7",
+]
+
+[[package]]
+name = "sha2"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "446ba717509524cb3f22f17ecc096f10f4822d76ab5c0b9822c5f9c284e825f4"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.3.0",
+ "digest 0.11.2",
+]
+
+[[package]]
+name = "sha3"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be176f1a57ce4e3d31c1a166222d9768de5954f811601fb7ca06fc8203905ce1"
+dependencies = [
+ "digest 0.11.2",
+ "keccak",
+]
+
+[[package]]
+name = "sharded-slab"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f40ca3c46823713e0d4209592e8d6e826aa57e928f09752619fc696c499637f6"
+dependencies = [
+ "lazy_static",
+]
+
+[[package]]
+name = "shlex"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
+
+[[package]]
+name = "signal-hook-registry"
+version = "1.4.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c4db69cba1110affc0e9f7bcd48bbf87b3f4fc7c61fc9155afd4c469eb3d6c1b"
+dependencies = [
+ "errno",
+ "libc",
+]
+
+[[package]]
+name = "signature"
+version = "3.0.0-rc.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f1880df446116126965eeec169136b2e0251dba37c6223bcc819569550edea3"
+dependencies = [
+ "digest 0.11.2",
+ "rand_core 0.10.0",
+]
+
+[[package]]
+name = "simd-adler32"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "703d5c7ef118737c72f1af64ad2f6f8c5e1921f818cdcb97b8fe6fc69bf66214"
+
+[[package]]
+name = "slab"
+version = "0.4.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0c790de23124f9ab44544d7ac05d60440adc586479ce501c1d6d7da3cd8c9cf5"
+
+[[package]]
+name = "smallvec"
+version = "1.15.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03"
+
+[[package]]
+name = "socket2"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e"
+dependencies = [
+ "libc",
+ "windows-sys",
+]
+
+[[package]]
+name = "spin"
+version = "0.9.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67"
+
+[[package]]
+name = "spki"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d9efca8738c78ee9484207732f728b1ef517bbb1833d6fc0879ca898a522f6f"
+dependencies = [
+ "base64ct",
+ "der",
+]
+
+[[package]]
+name = "ssh-cipher"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "caac132742f0d33c3af65bfcde7f6aa8f62f0e991d80db99149eb9d44708784f"
+dependencies = [
+ "aes 0.8.4",
+ "aes-gcm 0.10.3",
+ "cbc 0.1.2",
+ "chacha20 0.9.1",
+ "cipher 0.4.4",
+ "ctr 0.9.2",
+ "poly1305",
+ "ssh-encoding",
+ "subtle",
+]
+
+[[package]]
+name = "ssh-encoding"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eb9242b9ef4108a78e8cd1a2c98e193ef372437f8c22be363075233321dd4a15"
+dependencies = [
+ "base64ct",
+ "bytes",
+ "pem-rfc7468 0.7.0",
+ "sha2 0.10.9",
+]
+
+[[package]]
+name = "stable_deref_trait"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596"
+
+[[package]]
+name = "subtle"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
+
+[[package]]
+name = "supabase-ssh"
+version = "0.1.0"
+dependencies = [
+ "anyhow",
+ "bashkit",
+ "bytes",
+ "futures",
+ "lru",
+ "rand 0.9.2",
+ "russh",
+ "tempfile",
+ "tokio",
+ "tracing",
+ "tracing-subscriber",
+]
+
+[[package]]
+name = "syn"
+version = "2.0.117"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "unicode-ident",
+]
+
+[[package]]
+name = "sync_wrapper"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263"
+
+[[package]]
+name = "synstructure"
+version = "0.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "tempfile"
+version = "3.27.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32497e9a4c7b38532efcdebeef879707aa9f794296a4f0244f6f69e9bc8574bd"
+dependencies = [
+ "fastrand",
+ "getrandom 0.4.2",
+ "once_cell",
+ "rustix",
+ "windows-sys",
+]
+
+[[package]]
+name = "thiserror"
+version = "1.0.69"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
+dependencies = [
+ "thiserror-impl 1.0.69",
+]
+
+[[package]]
+name = "thiserror"
+version = "2.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4288b5bcbc7920c07a1149a35cf9590a2aa808e0bc1eafaade0b80947865fbc4"
+dependencies = [
+ "thiserror-impl 2.0.18",
+]
+
+[[package]]
+name = "thiserror-impl"
+version = "1.0.69"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "thiserror-impl"
+version = "2.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebc4ee7f67670e9b64d05fa4253e753e016c6c95ff35b89b7941d6b856dec1d5"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "thread_local"
+version = "1.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f60246a4944f24f6e018aa17cdeffb7818b76356965d03b07d6a9886e8962185"
+dependencies = [
+ "cfg-if",
+]
+
+[[package]]
+name = "tinystr"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c8323304221c2a851516f22236c5722a72eaa19749016521d6dff0824447d96d"
+dependencies = [
+ "displaydoc",
+ "zerovec",
+]
+
+[[package]]
+name = "tokio"
+version = "1.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2bd1c4c0fc4a7ab90fc15ef6daaa3ec3b893f004f915f2392557ed23237820cd"
+dependencies = [
+ "bytes",
+ "libc",
+ "mio",
+ "parking_lot",
+ "pin-project-lite",
+ "signal-hook-registry",
+ "socket2",
+ "tokio-macros",
+ "windows-sys",
+]
+
+[[package]]
+name = "tokio-macros"
+version = "2.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "385a6cb71ab9ab790c5fe8d67f1645e6c450a7ce006a33de03daa956cf70a496"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "tower"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebe5ef63511595f1344e2d5cfa636d973292adc0eec1f0ad45fae9f0851ab1d4"
+dependencies = [
+ "futures-core",
+ "futures-util",
+ "pin-project-lite",
+ "sync_wrapper",
+ "tower-layer",
+ "tower-service",
+]
+
+[[package]]
+name = "tower-layer"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e"
+
+[[package]]
+name = "tower-service"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3"
+
+[[package]]
+name = "tracing"
+version = "0.1.44"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "63e71662fa4b2a2c3a26f570f037eb95bb1f85397f3cd8076caed2f026a6d100"
+dependencies = [
+ "pin-project-lite",
+ "tracing-attributes",
+ "tracing-core",
+]
+
+[[package]]
+name = "tracing-attributes"
+version = "0.1.31"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7490cfa5ec963746568740651ac6781f701c9c5ea257c58e057f3ba8cf69e8da"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "tracing-core"
+version = "0.1.36"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "db97caf9d906fbde555dd62fa95ddba9eecfd14cb388e4f491a66d74cd5fb79a"
+dependencies = [
+ "once_cell",
+ "valuable",
+]
+
+[[package]]
+name = "tracing-log"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ee855f1f400bd0e5c02d150ae5de3840039a3f54b025156404e34c23c03f47c3"
+dependencies = [
+ "log",
+ "once_cell",
+ "tracing-core",
+]
+
+[[package]]
+name = "tracing-subscriber"
+version = "0.3.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cb7f578e5945fb242538965c2d0b04418d38ec25c79d160cd279bf0731c8d319"
+dependencies = [
+ "matchers",
+ "nu-ansi-term",
+ "once_cell",
+ "regex-automata",
+ "sharded-slab",
+ "smallvec",
+ "thread_local",
+ "tracing",
+ "tracing-core",
+ "tracing-log",
+]
+
+[[package]]
+name = "typed-arena"
+version = "2.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6af6ae20167a9ece4bcb41af5b80f8a1f1df981f6391189ce00fd257af04126a"
+
+[[package]]
+name = "typenum"
+version = "1.19.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "562d481066bde0658276a35467c4af00bdc6ee726305698a55b86e61d7ad82bb"
+
+[[package]]
+name = "unicode-ident"
+version = "1.0.24"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6e4313cd5fcd3dad5cafa179702e2b244f760991f45397d14d4ebf38247da75"
+
+[[package]]
+name = "unicode-xid"
+version = "0.2.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
+
+[[package]]
+name = "universal-hash"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea"
+dependencies = [
+ "crypto-common 0.1.7",
+ "subtle",
+]
+
+[[package]]
+name = "universal-hash"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f4987bdc12753382e0bec4a65c50738ffaabc998b9cdd1f952fb5f39b0048a96"
+dependencies = [
+ "crypto-common 0.2.1",
+ "ctutils",
+]
+
+[[package]]
+name = "untrusted"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
+
+[[package]]
+name = "url"
+version = "2.5.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ff67a8a4397373c3ef660812acab3268222035010ab8680ec4215f38ba3d0eed"
+dependencies = [
+ "form_urlencoded",
+ "idna",
+ "percent-encoding",
+ "serde",
+]
+
+[[package]]
+name = "urlencoding"
+version = "2.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
+
+[[package]]
+name = "utf8_iter"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
+
+[[package]]
+name = "valuable"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ba73ea9cf16a25df0c8caa16c51acb937d5712a8429db78a3ee29d5dcacd3a65"
+
+[[package]]
+name = "version_check"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"
+
+[[package]]
+name = "wasi"
+version = "0.11.1+wasi-snapshot-preview1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b"
+
+[[package]]
+name = "wasip2"
+version = "1.0.2+wasi-0.2.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9517f9239f02c069db75e65f174b3da828fe5f5b945c4dd26bd25d89c03ebcf5"
+dependencies = [
+ "wit-bindgen",
+]
+
+[[package]]
+name = "wasip3"
+version = "0.4.0+wasi-0.3.0-rc-2026-01-06"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5428f8bf88ea5ddc08faddef2ac4a67e390b88186c703ce6dbd955e1c145aca5"
+dependencies = [
+ "wit-bindgen",
+]
+
+[[package]]
+name = "wasm-bindgen"
+version = "0.2.117"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0551fc1bb415591e3372d0bc4780db7e587d84e2a7e79da121051c5c4b89d0b0"
+dependencies = [
+ "cfg-if",
+ "once_cell",
+ "rustversion",
+ "wasm-bindgen-macro",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-futures"
+version = "0.4.67"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03623de6905b7206edd0a75f69f747f134b7f0a2323392d664448bf2d3c5d87e"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "wasm-bindgen-macro"
+version = "0.2.117"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7fbdf9a35adf44786aecd5ff89b4563a90325f9da0923236f6104e603c7e86be"
+dependencies = [
+ "quote",
+ "wasm-bindgen-macro-support",
+]
+
+[[package]]
+name = "wasm-bindgen-macro-support"
+version = "0.2.117"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dca9693ef2bab6d4e6707234500350d8dad079eb508dca05530c85dc3a529ff2"
+dependencies = [
+ "bumpalo",
+ "proc-macro2",
+ "quote",
+ "syn",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-shared"
+version = "0.2.117"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "39129a682a6d2d841b6c429d0c51e5cb0ed1a03829d8b3d1e69a011e62cb3d3b"
+dependencies = [
+ "unicode-ident",
+]
+
+[[package]]
+name = "wasm-encoder"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "990065f2fe63003fe337b932cfb5e3b80e0b4d0f5ff650e6985b1048f62c8319"
+dependencies = [
+ "leb128fmt",
+ "wasmparser",
+]
+
+[[package]]
+name = "wasm-metadata"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bb0e353e6a2fbdc176932bbaab493762eb1255a7900fe0fea1a2f96c296cc909"
+dependencies = [
+ "anyhow",
+ "indexmap",
+ "wasm-encoder",
+ "wasmparser",
+]
+
+[[package]]
+name = "wasmparser"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "47b807c72e1bac69382b3a6fb3dbe8ea4c0ed87ff5629b8685ae6b9a611028fe"
+dependencies = [
+ "bitflags",
+ "hashbrown 0.15.5",
+ "indexmap",
+ "semver",
+]
+
+[[package]]
+name = "windows"
+version = "0.62.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "527fadee13e0c05939a6a05d5bd6eec6cd2e3dbd648b9f8e447c6518133d8580"
+dependencies = [
+ "windows-collections",
+ "windows-core",
+ "windows-future",
+ "windows-numerics",
+]
+
+[[package]]
+name = "windows-collections"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "23b2d95af1a8a14a3c7367e1ed4fc9c20e0a26e79551b1454d72583c97cc6610"
+dependencies = [
+ "windows-core",
+]
+
+[[package]]
+name = "windows-core"
+version = "0.62.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb"
+dependencies = [
+ "windows-implement",
+ "windows-interface",
+ "windows-link",
+ "windows-result",
+ "windows-strings",
+]
+
+[[package]]
+name = "windows-future"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e1d6f90251fe18a279739e78025bd6ddc52a7e22f921070ccdc67dde84c605cb"
+dependencies = [
+ "windows-core",
+ "windows-link",
+ "windows-threading",
+]
+
+[[package]]
+name = "windows-implement"
+version = "0.60.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "windows-interface"
+version = "0.59.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "windows-link"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5"
+
+[[package]]
+name = "windows-numerics"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e2e40844ac143cdb44aead537bbf727de9b044e107a0f1220392177d15b0f26"
+dependencies = [
+ "windows-core",
+ "windows-link",
+]
+
+[[package]]
+name = "windows-result"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5"
+dependencies = [
+ "windows-link",
+]
+
+[[package]]
+name = "windows-strings"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091"
+dependencies = [
+ "windows-link",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.61.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
+dependencies = [
+ "windows-link",
+]
+
+[[package]]
+name = "windows-threading"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3949bd5b99cafdf1c7ca86b43ca564028dfe27d66958f2470940f73d86d75b37"
+dependencies = [
+ "windows-link",
+]
+
+[[package]]
+name = "wit-bindgen"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d7249219f66ced02969388cf2bb044a09756a083d0fab1e566056b04d9fbcaa5"
+dependencies = [
+ "wit-bindgen-rust-macro",
+]
+
+[[package]]
+name = "wit-bindgen-core"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ea61de684c3ea68cb082b7a88508a8b27fcc8b797d738bfc99a82facf1d752dc"
+dependencies = [
+ "anyhow",
+ "heck",
+ "wit-parser",
+]
+
+[[package]]
+name = "wit-bindgen-rust"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b7c566e0f4b284dd6561c786d9cb0142da491f46a9fbed79ea69cdad5db17f21"
+dependencies = [
+ "anyhow",
+ "heck",
+ "indexmap",
+ "prettyplease",
+ "syn",
+ "wasm-metadata",
+ "wit-bindgen-core",
+ "wit-component",
+]
+
+[[package]]
+name = "wit-bindgen-rust-macro"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0c0f9bfd77e6a48eccf51359e3ae77140a7f50b1e2ebfe62422d8afdaffab17a"
+dependencies = [
+ "anyhow",
+ "prettyplease",
+ "proc-macro2",
+ "quote",
+ "syn",
+ "wit-bindgen-core",
+ "wit-bindgen-rust",
+]
+
+[[package]]
+name = "wit-component"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d66ea20e9553b30172b5e831994e35fbde2d165325bec84fc43dbf6f4eb9cb2"
+dependencies = [
+ "anyhow",
+ "bitflags",
+ "indexmap",
+ "log",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "wasm-encoder",
+ "wasm-metadata",
+ "wasmparser",
+ "wit-parser",
+]
+
+[[package]]
+name = "wit-parser"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ecc8ac4bc1dc3381b7f59c34f00b67e18f910c2c0f50015669dde7def656a736"
+dependencies = [
+ "anyhow",
+ "id-arena",
+ "indexmap",
+ "log",
+ "semver",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "unicode-xid",
+ "wasmparser",
+]
+
+[[package]]
+name = "writeable"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1ffae5123b2d3fc086436f8834ae3ab053a283cfac8fe0a0b8eaae044768a4c4"
+
+[[package]]
+name = "yoke"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "abe8c5fda708d9ca3df187cae8bfb9ceda00dd96231bed36e445a1a48e66f9ca"
+dependencies = [
+ "stable_deref_trait",
+ "yoke-derive",
+ "zerofrom",
+]
+
+[[package]]
+name = "yoke-derive"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "de844c262c8848816172cef550288e7dc6c7b7814b4ee56b3e1553f275f1858e"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+ "synstructure",
+]
+
+[[package]]
+name = "zerocopy"
+version = "0.8.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eed437bf9d6692032087e337407a86f04cd8d6a16a37199ed57949d415bd68e9"
+dependencies = [
+ "zerocopy-derive",
+]
+
+[[package]]
+name = "zerocopy-derive"
+version = "0.8.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "70e3cd084b1788766f53af483dd21f93881ff30d7320490ec3ef7526d203bad4"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "zerofrom"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69faa1f2a1ea75661980b013019ed6687ed0e83d069bc1114e2cc74c6c04c4df"
+dependencies = [
+ "zerofrom-derive",
+]
+
+[[package]]
+name = "zerofrom-derive"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "11532158c46691caf0f2593ea8358fed6bbf68a0315e80aae9bd41fbade684a1"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+ "synstructure",
+]
+
+[[package]]
+name = "zeroize"
+version = "1.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0"
+
+[[package]]
+name = "zerotrie"
+version = "0.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0f9152d31db0792fa83f70fb2f83148effb5c1f5b8c7686c3459e361d9bc20bf"
+dependencies = [
+ "displaydoc",
+ "yoke",
+ "zerofrom",
+]
+
+[[package]]
+name = "zerovec"
+version = "0.11.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "90f911cbc359ab6af17377d242225f4d75119aec87ea711a880987b18cd7b239"
+dependencies = [
+ "yoke",
+ "zerofrom",
+ "zerovec-derive",
+]
+
+[[package]]
+name = "zerovec-derive"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "625dc425cab0dca6dc3c3319506e6593dcb08a9f387ea3b284dbd52a92c40555"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "zmij"
+version = "1.0.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8848ee67ecc8aedbaf3e4122217aff892639231befc6a1b58d29fff4c2cabaa"
diff --git a/crates/supabase-ssh/Cargo.toml b/crates/supabase-ssh/Cargo.toml
new file mode 100644
index 0000000..d5a669a
--- /dev/null
+++ b/crates/supabase-ssh/Cargo.toml
@@ -0,0 +1,20 @@
+[package]
+name = "supabase-ssh"
+version = "0.1.0"
+edition = "2024"
+
+[dependencies]
+anyhow = "1"
+bashkit = { version = "0.1.16", features = ["realfs"] }
+bytes = "1"
+lru = "0.13"
+rand = "0.9"
+russh = "0.60"
+tokio = { version = "1", features = ["full"] }
+tracing = "0.1"
+tracing-subscriber = { version = "0.3", features = ["env-filter"] }
+
+[dev-dependencies]
+futures = "0.3"
+tempfile = "3"
+tokio = { version = "1", features = ["full", "test-util"] }
diff --git a/crates/supabase-ssh/README.md b/crates/supabase-ssh/README.md
new file mode 100644
index 0000000..9fbebe0
--- /dev/null
+++ b/crates/supabase-ssh/README.md
@@ -0,0 +1,126 @@
+# supabase-ssh (Rust)
+
+SSH server that exposes Supabase documentation as a sandboxed virtual filesystem.
+Agents and CLI users can browse docs using familiar bash commands over SSH.
+
+Rust reimplementation using [russh](https://docs.rs/russh) for the SSH protocol
+and [bashkit](https://github.com/everruns/bashkit) for the sandboxed bash interpreter.
+
+## Quick start
+
+```bash
+# Generate a host key (or set SSH_HOST_KEY env var)
+ssh-keygen -t ed25519 -f ssh_host_key -N ""
+
+# Run (defaults to port 22, needs root or CAP_NET_BIND_SERVICE)
+cargo run
+
+# Or use a custom port
+PORT=2222 cargo run
+```
+
+Then connect:
+
+```bash
+# Single command (exec mode)
+ssh -p 2222 localhost 'grep -rl auth /supabase/docs/'
+
+# Interactive shell
+ssh -p 2222 localhost
+```
+
+## Configuration
+
+All configuration is via environment variables, matching the TypeScript server:
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `PORT` | `22` | SSH listen port |
+| `DOCS_DIR` | `./docs` | Path to docs directory (mounted read-only) |
+| `SSH_HOST_KEY` | — | PEM-encoded host key (takes priority) |
+| `SSH_HOST_KEY_PATH` | `./ssh_host_key` | Path to host key file |
+| `MAX_CONNECTIONS` | `100` | Hard connection limit (soft = 80%) |
+| `MAX_CONNECTIONS_PER_IP` | `10` | Per-IP concurrency limit |
+| `IDLE_TIMEOUT` | `60` | Seconds before idle shell disconnect |
+| `SESSION_TIMEOUT` | `600` | Max session duration in seconds |
+| `EXEC_TIMEOUT` | `10` | Per-command timeout (bashkit-enforced) |
+| `COMMAND_CACHE` | `true` | Enable LRU command cache |
+| `COMMAND_CACHE_MAX_ENTRIES` | `1000` | Cache capacity |
+| `COMMAND_CACHE_MAX_OUTPUT_BYTES` | `524288` | Skip caching outputs larger than this |
+
+## Architecture
+
+```
+src/
+├── main.rs          # Entry point, env config, host key loading
+├── lib.rs           # Public module exports
+├── ssh.rs           # SSH server (russh), connection limits, auth, exec/shell
+├── bash.rs          # bashkit sandbox setup, execution limits, realfs mount
+├── session.rs       # Interactive shell REPL over SSH channels
+├── line_editor.rs   # Line editor with arrow keys, history, readline shortcuts
+└── cache.rs         # LRU command cache
+```
+
+### How it works
+
+**Exec mode** (`ssh host command`): Creates a fresh bashkit sandbox per command,
+executes it, returns stdout/stderr/exit code, closes the channel. Results are
+cached in an LRU cache (safe because the VFS is read-only).
+
+**Shell mode** (`ssh host`): Creates a persistent bashkit sandbox for the session.
+The line editor processes raw terminal input (escape sequences, arrow keys, history)
+and feeds completed lines to bashkit. Output is streamed back over the SSH channel.
+
+### Security model
+
+- **Sandboxed execution**: All commands run inside bashkit — no fork/exec, no host
+  access. 156 Unix commands reimplemented in Rust.
+- **Read-only host mount**: Docs directory mounted via `realfs` in `ReadOnly` mode.
+  Path traversal blocked by canonicalize + prefix check.
+- **Execution limits**: 1000 commands, 1000 loop iterations, 50 function depth,
+  10s timeout, 1MB output cap, 1MB variable storage, 10K array entries.
+- **Connection limits**: Probabilistic soft/hard ramp (80→100), per-IP concurrency
+  (10), idle timeout (60s), session timeout (600s).
+- **Custom `ssh` command**: Blocked inside sandbox with helpful error message.
+- **Graceful shutdown**: SIGTERM/SIGINT stops accepting, drains in-flight commands.
+
+## Building
+
+```bash
+cargo build --release
+```
+
+The binary is at `target/release/supabase-ssh`.
+
+## Testing
+
+```bash
+# Run all tests (16MB stack needed for recursion depth security tests)
+RUST_MIN_STACK=16777216 cargo test
+
+# Run only security tests
+RUST_MIN_STACK=16777216 cargo test --test security
+
+# Run only integration tests (SSH protocol)
+cargo test --test integration
+
+# Run only unit tests (line editor, cache)
+cargo test --lib
+```
+
+## Docker
+
+```dockerfile
+FROM rust:1.83-slim AS builder
+WORKDIR /app
+COPY . .
+RUN cargo build --release
+
+FROM debian:bookworm-slim
+COPY --from=builder /app/target/release/supabase-ssh /usr/local/bin/
+COPY docs/ /app/docs/
+WORKDIR /app
+ENV DOCS_DIR=/app/docs
+EXPOSE 22
+CMD ["supabase-ssh"]
+```
diff --git a/crates/supabase-ssh/src/bash.rs b/crates/supabase-ssh/src/bash.rs
new file mode 100644
index 0000000..a460465
--- /dev/null
+++ b/crates/supabase-ssh/src/bash.rs
@@ -0,0 +1,210 @@
+use std::path::{Path, PathBuf};
+use std::time::Duration;
+
+use anyhow::Result;
+use bashkit::{
+    async_trait, Bash, Builtin, BuiltinContext, ExecResult, ExecutionLimits, MemoryLimits,
+    SessionLimits,
+};
+
+/// Custom `ssh` command that blocks SSH from within the sandbox.
+struct SshBlocker;
+
+#[async_trait]
+impl Builtin for SshBlocker {
+    async fn execute(&self, ctx: BuiltinContext<'_>) -> bashkit::Result<ExecResult> {
+        let cmd = ctx.args.join(" ");
+        let hint = if cmd == "supabase.sh agents" {
+            " >> AGENTS.md"
+        } else {
+            ""
+        };
+        Ok(ExecResult::err(
+            format!(
+                "ssh is not available from within this session.\n\
+                 Exit first, then run:\n\n\
+                   ssh {cmd}{hint}\n\n"
+            ),
+            1,
+        ))
+    }
+}
+
+const INSTRUCTIONS: &str = r#"```bash
+# Search for a topic
+ssh supabase.sh grep -rl 'auth' /supabase/docs/
+
+# Read a specific guide
+ssh supabase.sh cat /supabase/docs/guides/auth/passwords.md
+
+# Find all guides in a section
+ssh supabase.sh find /supabase/docs/guides/database -name '*.md'
+
+# Search with context
+ssh supabase.sh grep -r 'RLS' /supabase/docs/guides/auth --include='*.md' -l
+```
+
+All docs live under `/supabase/docs/` as markdown files. You can use any standard Unix tools (grep, find, cat, etc.) to search and read them."#;
+
+fn agents_md() -> String {
+    format!(
+        "## Supabase Docs\n\n\
+         Before working on a Supabase feature, check the docs via `ssh supabase.sh <command>`.\n\n\
+         {INSTRUCTIONS}\n"
+    )
+}
+
+fn skill_md() -> String {
+    format!(
+        "---\n\
+         name: supabase-docs\n\
+         description: Search and read Supabase documentation using a bash shell. Use when working on a Supabase feature or troubleshooting a problem.\n\
+         ---\n\n\
+         # Supabase Docs\n\n\
+         Search and read Supabase documentation over SSH.\n\n\
+         ## How to use\n\n\
+         {INSTRUCTIONS}\n"
+    )
+}
+
+const SETUP_MD: &str = r#"# Supabase Docs - Setup
+
+You are helping a user set up access to Supabase documentation via SSH.
+
+1. First tell them the purpose of this tool (docs over ssh/bash)
+2. Ask the user which option they prefer (use AskUserQuestion or similar if available)
+
+Options:
+
+1. **Append to agent instructions file (recommended)** - Adds lightweight instructions to the project's agent config file. Most reliable since instructions are always loaded and the footprint is small.
+2. **Install as a skill** - Creates a skill directory with a SKILL.md. Skills are loaded on-demand but not always reliable.
+3. **Both** - Adds to agent instructions and installs the skill.
+
+After the user chooses, follow the steps below. If you are unsure which agent or tool the user is using, ask them.
+
+## Option 1: Agent instructions file
+
+Run this command and append the output to the project's agent instructions file:
+
+```bash
+ssh supabase.sh agents >> <instructions-file>
+```
+
+Common instructions files by tool:
+
+| Tool | File |
+|------|------|
+| Claude Code | `CLAUDE.md` |
+| GitHub Copilot | `AGENTS.md` |
+| Codex | `AGENTS.md` |
+| Gemini CLI | `GEMINI.md` |
+| Cursor | `AGENTS.md` |
+| OpenCode | `AGENTS.md` |
+| Other | `AGENTS.md` |
+
+## Option 2: Skill
+
+Run this command and write the output to the skill directory.
+
+Pick the path that matches the user's tool. `.agents/skills/` is a cross-client convention supported by most tools:
+
+| Tool | Skill path |
+|------|-----------|
+| Claude Code | `.claude/skills/supabase-docs/SKILL.md` |
+| Codex | `.agents/skills/supabase-docs/SKILL.md` |
+| Cursor | `.cursor/skills/supabase-docs/SKILL.md` or `.agents/skills/supabase-docs/SKILL.md` |
+| OpenCode | `.opencode/skills/supabase-docs/SKILL.md` or `.agents/skills/supabase-docs/SKILL.md` |
+| Gemini CLI | `.gemini/skills/supabase-docs/SKILL.md` or `.agents/skills/supabase-docs/SKILL.md` |
+| GitHub Copilot | `.github/skills/supabase-docs/SKILL.md` |
+| Other | `.agents/skills/supabase-docs/SKILL.md` |
+
+```bash
+mkdir -p <skill-dir>/supabase-docs
+ssh supabase.sh skill > <skill-dir>/supabase-docs/SKILL.md
+```
+
+## Option 3: Both
+
+Run both sets of commands above.
+
+After setup, confirm to the user what was written and where.
+"#;
+
+fn execution_limits() -> ExecutionLimits {
+    ExecutionLimits::new()
+        .max_commands(1000)
+        .max_loop_iterations(1000)
+        .max_total_loop_iterations(10_000)
+        .max_function_depth(50)
+        .timeout(Duration::from_secs(10))
+        .max_input_bytes(1024 * 1024) // 1MB max script input
+        .max_stdout_bytes(1024 * 1024)
+        .max_stderr_bytes(1024 * 1024)
+}
+
+fn session_limits() -> SessionLimits {
+    SessionLimits::new()
+        .max_total_commands(10_000)
+        .max_exec_calls(500)
+}
+
+fn memory_limits() -> MemoryLimits {
+    MemoryLimits::new()
+        .max_array_entries(10_000)
+        .max_variable_count(5_000)
+        .max_total_variable_bytes(1024 * 1024) // 1MB total variable storage
+}
+
+/// Creates a sandboxed Bash instance with docs mounted at /supabase/docs.
+///
+/// Uses bashkit's `realfs` feature to mount the host docs directory as read-only
+/// at `/supabase/docs`. The in-memory layer holds AGENTS.md, SKILL.md, SETUP.md
+/// and receives any writes (which will fail since the sandbox rejects them).
+pub async fn create_bash(docs_dir: &Path) -> Result<Bash> {
+    let docs_dir_str = docs_dir.to_string_lossy();
+
+    let mut bash = Bash::builder()
+        // Mount the real docs directory read-only at /supabase/docs
+        .mount_real_readonly_at(&*docs_dir_str, "/supabase/docs")
+        .cwd("/supabase")
+        .env("HOME", "/supabase")
+        .env("BASH_ALIAS_ll", "ls -alF")
+        .env("BASH_ALIAS_la", "ls -a")
+        .env("BASH_ALIAS_l", "ls -CF")
+        .env("BASH_ALIAS_agents", "echo && cat /supabase/AGENTS.md")
+        .env("BASH_ALIAS_skill", "echo && cat /supabase/SKILL.md")
+        .env("BASH_ALIAS_setup", "cat /supabase/SETUP.md")
+        .builtin("ssh", Box::new(SshBlocker))
+        .limits(execution_limits())
+        .session_limits(session_limits())
+        .memory_limits(memory_limits())
+        .build();
+
+    // Write virtual files into the in-memory layer
+    bash.exec(&format!(
+        "mkdir -p /supabase && cat > /supabase/AGENTS.md << 'AGENTS_EOF'\n{}\nAGENTS_EOF",
+        agents_md()
+    ))
+    .await?;
+    bash.exec(&format!(
+        "cat > /supabase/SKILL.md << 'SKILL_EOF'\n{}\nSKILL_EOF",
+        skill_md()
+    ))
+    .await?;
+    bash.exec(&format!(
+        "cat > /supabase/SETUP.md << 'SETUP_EOF'\n{}\nSETUP_EOF",
+        SETUP_MD
+    ))
+    .await?;
+
+    // Enable alias expansion
+    bash.exec("shopt -s expand_aliases").await?;
+
+    Ok(bash)
+}
+
+/// Default docs directory path.
+pub fn default_docs_dir() -> PathBuf {
+    let dir = std::env::var("DOCS_DIR").unwrap_or_else(|_| "./docs".to_string());
+    PathBuf::from(dir).canonicalize().unwrap_or_else(|_| PathBuf::from("./docs"))
+}
diff --git a/crates/supabase-ssh/src/cache.rs b/crates/supabase-ssh/src/cache.rs
new file mode 100644
index 0000000..aa1de97
--- /dev/null
+++ b/crates/supabase-ssh/src/cache.rs
@@ -0,0 +1,190 @@
+use std::num::NonZeroUsize;
+
+use lru::LruCache;
+
+/// Cached result of a bash command execution.
+#[derive(Clone, Debug)]
+pub struct CachedResult {
+    pub stdout: String,
+    pub stderr: String,
+    pub exit_code: i32,
+}
+
+#[allow(dead_code)]
+pub struct CommandCacheStats {
+    pub entries: usize,
+    pub hits: u64,
+    pub misses: u64,
+    pub hit_rate: f64,
+}
+
+/// In-memory LRU cache for command output. Safe because the VFS is read-only.
+pub struct CommandCache {
+    cache: LruCache<String, CachedResult>,
+    max_output_bytes: usize,
+    hits: u64,
+    misses: u64,
+}
+
+impl CommandCache {
+    pub fn new(max_entries: usize, max_output_bytes: usize) -> Self {
+        Self {
+            cache: LruCache::new(NonZeroUsize::new(max_entries).unwrap_or(NonZeroUsize::new(1000).unwrap())),
+            max_output_bytes,
+            hits: 0,
+            misses: 0,
+        }
+    }
+
+    fn key(cwd: &str, command: &str) -> String {
+        format!("{}\0{}", cwd, command)
+    }
+
+    pub fn get(&mut self, cwd: &str, command: &str) -> Option<CachedResult> {
+        let key = Self::key(cwd, command);
+        if let Some(entry) = self.cache.get(&key) {
+            self.hits += 1;
+            Some(entry.clone())
+        } else {
+            self.misses += 1;
+            None
+        }
+    }
+
+    pub fn set(&mut self, cwd: &str, command: &str, result: CachedResult) {
+        let output_bytes = result.stdout.len() + result.stderr.len();
+        if output_bytes > self.max_output_bytes {
+            return;
+        }
+        let key = Self::key(cwd, command);
+        self.cache.put(key, result);
+    }
+
+    #[allow(dead_code)]
+    pub fn stats(&self) -> CommandCacheStats {
+        let total = self.hits + self.misses;
+        CommandCacheStats {
+            entries: self.cache.len(),
+            hits: self.hits,
+            misses: self.misses,
+            hit_rate: if total > 0 {
+                self.hits as f64 / total as f64
+            } else {
+                0.0
+            },
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    fn result(stdout: &str, exit_code: i32) -> CachedResult {
+        CachedResult {
+            stdout: stdout.to_string(),
+            stderr: String::new(),
+            exit_code,
+        }
+    }
+
+    #[test]
+    fn returns_none_on_cache_miss() {
+        let mut cache = CommandCache::new(10, 1024);
+        assert!(cache.get("/home", "echo hello").is_none());
+    }
+
+    #[test]
+    fn returns_cached_result_on_hit() {
+        let mut cache = CommandCache::new(10, 1024);
+        cache.set("/home", "echo hello", result("hello\n", 0));
+        let hit = cache.get("/home", "echo hello").unwrap();
+        assert_eq!(hit.stdout, "hello\n");
+        assert_eq!(hit.exit_code, 0);
+    }
+
+    #[test]
+    fn differentiates_by_cwd() {
+        let mut cache = CommandCache::new(10, 1024);
+        cache.set("/a", "ls", result("a-files", 0));
+        cache.set("/b", "ls", result("b-files", 0));
+
+        assert_eq!(cache.get("/a", "ls").unwrap().stdout, "a-files");
+        assert_eq!(cache.get("/b", "ls").unwrap().stdout, "b-files");
+    }
+
+    #[test]
+    fn tracks_hit_miss_stats() {
+        let mut cache = CommandCache::new(10, 1024);
+        cache.set("/home", "echo 1", result("1", 0));
+
+        // 1 miss
+        cache.get("/home", "echo 2");
+        // 2 hits
+        cache.get("/home", "echo 1");
+        cache.get("/home", "echo 1");
+
+        let stats = cache.stats();
+        assert_eq!(stats.hits, 2);
+        assert_eq!(stats.misses, 1);
+        assert!((stats.hit_rate - 2.0 / 3.0).abs() < 1e-9);
+    }
+
+    #[test]
+    fn evicts_oldest_entry_when_at_capacity() {
+        let mut cache = CommandCache::new(2, 1024);
+        cache.set("/home", "cmd1", result("r1", 0));
+        cache.set("/home", "cmd2", result("r2", 0));
+        // This should evict cmd1 (oldest / least-recently-used)
+        cache.set("/home", "cmd3", result("r3", 0));
+
+        assert!(cache.get("/home", "cmd1").is_none(), "cmd1 should have been evicted");
+        assert!(cache.get("/home", "cmd2").is_some());
+        assert!(cache.get("/home", "cmd3").is_some());
+        assert_eq!(cache.stats().entries, 2);
+    }
+
+    #[test]
+    fn promotes_entry_on_access() {
+        let mut cache = CommandCache::new(2, 1024);
+        cache.set("/home", "cmd1", result("r1", 0));
+        cache.set("/home", "cmd2", result("r2", 0));
+
+        // Access cmd1 so it becomes most-recently-used
+        cache.get("/home", "cmd1");
+
+        // Insert cmd3 — should evict cmd2 (now the LRU), not cmd1
+        cache.set("/home", "cmd3", result("r3", 0));
+
+        assert!(cache.get("/home", "cmd1").is_some(), "cmd1 should still be present (was promoted)");
+        assert!(cache.get("/home", "cmd2").is_none(), "cmd2 should have been evicted");
+        assert!(cache.get("/home", "cmd3").is_some());
+    }
+
+    #[test]
+    fn skips_caching_output_exceeding_max_output_bytes() {
+        let mut cache = CommandCache::new(10, 16);
+        // stdout + stderr = 20 bytes > 16
+        cache.set("/home", "big", CachedResult {
+            stdout: "a]".repeat(10),
+            stderr: String::new(),
+            exit_code: 0,
+        });
+        assert!(cache.get("/home", "big").is_none(), "oversized output should not be cached");
+        assert_eq!(cache.stats().entries, 0);
+    }
+
+    #[test]
+    fn does_not_evict_when_updating_existing_entry() {
+        let mut cache = CommandCache::new(2, 1024);
+        cache.set("/home", "cmd1", result("old", 0));
+        cache.set("/home", "cmd2", result("r2", 0));
+
+        // Update cmd1 — should NOT evict cmd2 since key already exists
+        cache.set("/home", "cmd1", result("new", 0));
+
+        assert_eq!(cache.get("/home", "cmd1").unwrap().stdout, "new");
+        assert!(cache.get("/home", "cmd2").is_some(), "cmd2 should not have been evicted");
+        assert_eq!(cache.stats().entries, 2);
+    }
+}
diff --git a/crates/supabase-ssh/src/lib.rs b/crates/supabase-ssh/src/lib.rs
new file mode 100644
index 0000000..64013da
--- /dev/null
+++ b/crates/supabase-ssh/src/lib.rs
@@ -0,0 +1,5 @@
+pub mod bash;
+pub mod cache;
+pub mod line_editor;
+pub mod session;
+pub mod ssh;
diff --git a/crates/supabase-ssh/src/line_editor.rs b/crates/supabase-ssh/src/line_editor.rs
new file mode 100644
index 0000000..fa38dd7
--- /dev/null
+++ b/crates/supabase-ssh/src/line_editor.rs
@@ -0,0 +1,618 @@
+/// Lightweight line editor for SSH channels.
+///
+/// Handles raw byte input from PTY clients and produces:
+/// - Completed lines (on Enter)
+/// - Echo bytes to send back to the client
+///
+/// Supports:
+/// - Cursor movement (Left/Right arrow keys, Home/End)
+/// - Command history (Up/Down arrow keys)
+/// - Backspace/Delete
+/// - Ctrl+C (cancel line), Ctrl+D (EOF), Ctrl+A (home), Ctrl+E (end)
+/// - Ctrl+U (kill line), Ctrl+K (kill to end), Ctrl+W (kill word back)
+/// - Multi-byte UTF-8
+
+/// Events produced by the line editor when processing input bytes.
+pub enum LineEvent {
+    /// A complete line was submitted (Enter pressed).
+    Line(String),
+    /// EOF signal (Ctrl+D on empty line).
+    Eof,
+    /// Bytes to echo back to the client terminal.
+    Echo(Vec<u8>),
+    /// Nothing to do.
+    None,
+}
+
+pub struct LineEditor {
+    /// Current line buffer (UTF-8 chars).
+    buf: Vec<char>,
+    /// Cursor position in the buffer (char index).
+    cursor: usize,
+    /// Command history.
+    history: Vec<String>,
+    /// Current position in history (history.len() = "new line").
+    history_pos: usize,
+    /// Saved current line when navigating history.
+    saved_line: String,
+    /// Escape sequence accumulator.
+    esc_buf: Vec<u8>,
+    /// Are we in the middle of an escape sequence?
+    in_escape: bool,
+    /// Max history entries.
+    max_history: usize,
+}
+
+impl LineEditor {
+    pub fn new() -> Self {
+        Self {
+            buf: Vec::new(),
+            cursor: 0,
+            history: Vec::new(),
+            history_pos: 0,
+            saved_line: String::new(),
+            esc_buf: Vec::new(),
+            in_escape: false,
+            max_history: 100,
+        }
+    }
+
+    /// Feed a single byte from the SSH channel. Returns a LineEvent.
+    /// Call this for each byte in the data received from the client.
+    /// Multiple events may need to be collected per data chunk.
+    pub fn feed(&mut self, byte: u8) -> LineEvent {
+        // Handle escape sequence accumulation
+        if self.in_escape {
+            return self.feed_escape(byte);
+        }
+
+        match byte {
+            // ESC - start escape sequence
+            0x1b => {
+                self.in_escape = true;
+                self.esc_buf.clear();
+                self.esc_buf.push(byte);
+                LineEvent::None
+            }
+            // Enter
+            b'\r' | b'\n' => {
+                let line: String = self.buf.iter().collect();
+                // Add to history if non-empty and different from last
+                if !line.trim().is_empty() {
+                    if self.history.last().map_or(true, |last| last != &line) {
+                        self.history.push(line.clone());
+                        if self.history.len() > self.max_history {
+                            self.history.remove(0);
+                        }
+                    }
+                }
+                self.buf.clear();
+                self.cursor = 0;
+                self.history_pos = self.history.len();
+                self.saved_line.clear();
+                LineEvent::Line(line)
+            }
+            // Backspace / DEL
+            0x7f | 0x08 => {
+                if self.cursor > 0 {
+                    self.cursor -= 1;
+                    self.buf.remove(self.cursor);
+                    LineEvent::Echo(self.redraw_from_cursor_with_backspace())
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+C - cancel current line
+            0x03 => {
+                self.buf.clear();
+                self.cursor = 0;
+                LineEvent::Echo(b"^C\r\n".to_vec())
+            }
+            // Ctrl+D - EOF if empty, delete char if not
+            0x04 => {
+                if self.buf.is_empty() {
+                    LineEvent::Eof
+                } else if self.cursor < self.buf.len() {
+                    self.buf.remove(self.cursor);
+                    LineEvent::Echo(self.redraw_from_cursor_delete())
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+A - move to beginning
+            0x01 => {
+                if self.cursor > 0 {
+                    let echo = self.move_cursor_to(0);
+                    LineEvent::Echo(echo)
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+E - move to end
+            0x05 => {
+                if self.cursor < self.buf.len() {
+                    let echo = self.move_cursor_to(self.buf.len());
+                    LineEvent::Echo(echo)
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+U - kill line (clear everything before cursor)
+            0x15 => {
+                if self.cursor > 0 {
+                    let removed = self.cursor;
+                    self.buf.drain(..self.cursor);
+                    self.cursor = 0;
+                    LineEvent::Echo(self.redraw_full_line(removed))
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+K - kill to end of line
+            0x0b => {
+                if self.cursor < self.buf.len() {
+                    let remaining = self.buf.len() - self.cursor;
+                    self.buf.truncate(self.cursor);
+                    // Erase from cursor to end
+                    LineEvent::Echo(format!("\x1b[{}P", remaining).into_bytes())
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+W - kill word backwards
+            0x17 => {
+                if self.cursor > 0 {
+                    let old_cursor = self.cursor;
+                    // Skip trailing spaces
+                    while self.cursor > 0 && self.buf[self.cursor - 1] == ' ' {
+                        self.cursor -= 1;
+                    }
+                    // Skip word chars
+                    while self.cursor > 0 && self.buf[self.cursor - 1] != ' ' {
+                        self.cursor -= 1;
+                    }
+                    self.buf.drain(self.cursor..old_cursor);
+                    let chars_removed = old_cursor - self.cursor;
+                    LineEvent::Echo(self.redraw_full_line(chars_removed))
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Ctrl+L - clear screen, redraw prompt + line
+            0x0c => {
+                // Just clear screen, the caller should redraw prompt
+                let mut echo = b"\x1b[2J\x1b[H".to_vec();
+                // We can't redraw the prompt from here, so just signal clear
+                // The line content will be redrawn by the caller
+                echo.extend(self.current_line_bytes());
+                let move_back = self.buf.len() - self.cursor;
+                if move_back > 0 {
+                    echo.extend(format!("\x1b[{}D", move_back).as_bytes());
+                }
+                LineEvent::Echo(echo)
+            }
+            // Tab - we'll handle this as a no-op for now (completion is complex)
+            b'\t' => LineEvent::None,
+            // Regular printable character or UTF-8 lead byte
+            _ => {
+                // For ASCII printable
+                if byte >= 0x20 && byte < 0x7f {
+                    let ch = byte as char;
+                    self.buf.insert(self.cursor, ch);
+                    self.cursor += 1;
+                    if self.cursor == self.buf.len() {
+                        // Simple case: appending at end
+                        LineEvent::Echo(vec![byte])
+                    } else {
+                        // Inserting in middle: redraw from cursor
+                        LineEvent::Echo(self.redraw_from_cursor_insert())
+                    }
+                } else if byte >= 0xc0 {
+                    // UTF-8 lead byte — for now treat as single replacement char
+                    // A full implementation would accumulate multi-byte sequences
+                    let ch = '?';
+                    self.buf.insert(self.cursor, ch);
+                    self.cursor += 1;
+                    LineEvent::Echo(b"?".to_vec())
+                } else {
+                    // Continuation byte or other control — ignore
+                    LineEvent::None
+                }
+            }
+        }
+    }
+
+    /// Process escape sequence bytes.
+    fn feed_escape(&mut self, byte: u8) -> LineEvent {
+        self.esc_buf.push(byte);
+
+        // ESC [ ... is CSI sequence
+        if self.esc_buf.len() == 2 {
+            if byte == b'[' || byte == b'O' {
+                // Continue accumulating
+                return LineEvent::None;
+            }
+            // Unknown escape, discard
+            self.in_escape = false;
+            self.esc_buf.clear();
+            return LineEvent::None;
+        }
+
+        // CSI sequences end with a letter (0x40-0x7e)
+        if byte >= 0x40 && byte <= 0x7e {
+            self.in_escape = false;
+            let seq = self.esc_buf.clone();
+            self.esc_buf.clear();
+            return self.handle_csi(&seq);
+        }
+
+        // Still accumulating (parameter bytes 0x30-0x3f, intermediate 0x20-0x2f)
+        if self.esc_buf.len() > 8 {
+            // Too long, abort
+            self.in_escape = false;
+            self.esc_buf.clear();
+        }
+        LineEvent::None
+    }
+
+    /// Handle a complete CSI escape sequence.
+    fn handle_csi(&mut self, seq: &[u8]) -> LineEvent {
+        // seq = [ESC, '[', ...params, final_byte]
+        if seq.len() < 3 {
+            return LineEvent::None;
+        }
+        let final_byte = *seq.last().unwrap();
+
+        match final_byte {
+            // Arrow Up
+            b'A' => self.history_prev(),
+            // Arrow Down
+            b'B' => self.history_next(),
+            // Arrow Right
+            b'C' => {
+                if self.cursor < self.buf.len() {
+                    self.cursor += 1;
+                    LineEvent::Echo(b"\x1b[C".to_vec())
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Arrow Left
+            b'D' => {
+                if self.cursor > 0 {
+                    self.cursor -= 1;
+                    LineEvent::Echo(b"\x1b[D".to_vec())
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Home
+            b'H' => {
+                if self.cursor > 0 {
+                    let echo = self.move_cursor_to(0);
+                    LineEvent::Echo(echo)
+                } else {
+                    LineEvent::None
+                }
+            }
+            // End
+            b'F' => {
+                if self.cursor < self.buf.len() {
+                    let echo = self.move_cursor_to(self.buf.len());
+                    LineEvent::Echo(echo)
+                } else {
+                    LineEvent::None
+                }
+            }
+            // Delete key (ESC [3~)
+            b'~' if seq.len() >= 4 && seq[2] == b'3' => {
+                if self.cursor < self.buf.len() {
+                    self.buf.remove(self.cursor);
+                    LineEvent::Echo(self.redraw_from_cursor_delete())
+                } else {
+                    LineEvent::None
+                }
+            }
+            _ => LineEvent::None,
+        }
+    }
+
+    /// Navigate to previous history entry.
+    fn history_prev(&mut self) -> LineEvent {
+        if self.history.is_empty() || self.history_pos == 0 {
+            return LineEvent::None;
+        }
+        if self.history_pos == self.history.len() {
+            self.saved_line = self.buf.iter().collect();
+        }
+        self.history_pos -= 1;
+        self.replace_line(&self.history[self.history_pos].clone())
+    }
+
+    /// Navigate to next history entry.
+    fn history_next(&mut self) -> LineEvent {
+        if self.history_pos >= self.history.len() {
+            return LineEvent::None;
+        }
+        self.history_pos += 1;
+        if self.history_pos == self.history.len() {
+            let saved = self.saved_line.clone();
+            self.replace_line(&saved)
+        } else {
+            self.replace_line(&self.history[self.history_pos].clone())
+        }
+    }
+
+    /// Replace the current line buffer with new content and generate echo.
+    fn replace_line(&mut self, new_line: &str) -> LineEvent {
+        let old_cursor = self.cursor;
+
+        self.buf = new_line.chars().collect();
+        self.cursor = self.buf.len();
+
+        // Move cursor to start of line
+        let mut echo = Vec::new();
+        if old_cursor > 0 {
+            echo.extend(format!("\x1b[{}D", old_cursor).as_bytes());
+        }
+        // Erase old content
+        echo.extend(b"\x1b[K");
+        // Write new content
+        echo.extend(self.current_line_bytes());
+        LineEvent::Echo(echo)
+    }
+
+    /// Generate ANSI escape to move cursor to target position.
+    fn move_cursor_to(&mut self, target: usize) -> Vec<u8> {
+        let old = self.cursor;
+        self.cursor = target;
+        if target < old {
+            format!("\x1b[{}D", old - target).into_bytes()
+        } else if target > old {
+            format!("\x1b[{}C", target - old).into_bytes()
+        } else {
+            Vec::new()
+        }
+    }
+
+    /// Get the current line content as bytes.
+    fn current_line_bytes(&self) -> Vec<u8> {
+        let s: String = self.buf.iter().collect();
+        s.into_bytes()
+    }
+
+    /// Redraw from cursor position after inserting a character.
+    /// Writes chars from cursor to end, then moves cursor back.
+    fn redraw_from_cursor_insert(&self) -> Vec<u8> {
+        let tail: String = self.buf[self.cursor - 1..].iter().collect();
+        let move_back = self.buf.len() - self.cursor;
+        let mut echo = tail.into_bytes();
+        if move_back > 0 {
+            echo.extend(format!("\x1b[{}D", move_back).as_bytes());
+        }
+        echo
+    }
+
+    /// Redraw after backspace: move back one, redraw tail, erase trailing, reposition.
+    fn redraw_from_cursor_with_backspace(&self) -> Vec<u8> {
+        let tail: String = self.buf[self.cursor..].iter().collect();
+        let mut echo = Vec::new();
+        // Move back one
+        echo.push(0x08);
+        // Write remaining chars
+        echo.extend(tail.as_bytes());
+        // Erase the extra char at the end
+        echo.push(b' ');
+        // Move cursor back to correct position
+        let move_back = self.buf.len() - self.cursor + 1;
+        echo.extend(format!("\x1b[{}D", move_back).as_bytes());
+        echo
+    }
+
+    /// Redraw after delete at cursor position.
+    fn redraw_from_cursor_delete(&self) -> Vec<u8> {
+        let tail: String = self.buf[self.cursor..].iter().collect();
+        let mut echo = Vec::new();
+        echo.extend(tail.as_bytes());
+        echo.push(b' ');
+        let move_back = self.buf.len() - self.cursor + 1;
+        echo.extend(format!("\x1b[{}D", move_back).as_bytes());
+        echo
+    }
+
+    /// Redraw the full line after a destructive edit (Ctrl+U, Ctrl+W).
+    /// `extra_to_erase`: how many extra chars need erasing beyond current buf.
+    fn redraw_full_line(&self, extra_to_erase: usize) -> Vec<u8> {
+        let mut echo = Vec::new();
+        // Move to start of line
+        if self.cursor > 0 {
+            echo.extend(format!("\x1b[{}D", self.cursor).as_bytes());
+        }
+        // Wait — cursor is already updated. Move from position 0 is implicit.
+        // Actually we need to move from where the terminal cursor is.
+        // After buf mutation, self.cursor is the new position.
+        // The terminal cursor is still at old position. Let's use absolute approach:
+        // Move to column 0 of the line content (after prompt), erase, rewrite.
+        echo.extend(b"\r");
+        // We can't know prompt width here, so use save/restore:
+        // Actually, simpler: move to start with \r, then the caller's prompt won't be affected
+        // since we don't know the prompt. Use erase-to-end + rewrite approach.
+        // Move left by a lot to get to start of input (after prompt):
+        echo.clear();
+        // Move cursor to beginning of input area
+        let current_terminal_cursor = self.cursor + extra_to_erase; // where cursor was before edit
+        // Hmm, this is getting complicated. Let's just use the CSI erase approach:
+        // Go back to start of line content
+        if current_terminal_cursor > 0 {
+            echo.extend(format!("\x1b[{}D", current_terminal_cursor).as_bytes());
+        }
+        // Erase from cursor to end of line
+        echo.extend(b"\x1b[K");
+        // Write new buffer
+        echo.extend(self.current_line_bytes());
+        // Move cursor to correct position
+        let move_back = self.buf.len() - self.cursor;
+        if move_back > 0 {
+            echo.extend(format!("\x1b[{}D", move_back).as_bytes());
+        }
+        echo
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    fn feed_str(editor: &mut LineEditor, s: &str) -> Vec<LineEvent> {
+        s.bytes().map(|b| editor.feed(b)).collect()
+    }
+
+    #[test]
+    fn simple_line() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "hello");
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "hello"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn backspace() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "helloo");
+        ed.feed(0x7f); // backspace
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "hello"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn ctrl_c_clears_line() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "partial");
+        let event = ed.feed(0x03); // Ctrl+C
+        assert!(matches!(event, LineEvent::Echo(_)));
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, ""),
+            _ => panic!("expected empty Line event"),
+        }
+    }
+
+    #[test]
+    fn ctrl_d_on_empty_is_eof() {
+        let mut ed = LineEditor::new();
+        let event = ed.feed(0x04);
+        assert!(matches!(event, LineEvent::Eof));
+    }
+
+    #[test]
+    fn ctrl_d_on_nonempty_deletes_char() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "ab");
+        // Move cursor left
+        ed.feed(0x1b); // ESC
+        ed.feed(b'[');
+        ed.feed(b'D'); // Left
+        // Now cursor is at position 1, delete 'b'
+        ed.feed(0x04);
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "a"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn history_navigation() {
+        let mut ed = LineEditor::new();
+        // Enter two commands
+        feed_str(&mut ed, "first");
+        ed.feed(b'\r');
+        feed_str(&mut ed, "second");
+        ed.feed(b'\r');
+
+        // Arrow up twice
+        ed.feed(0x1b);
+        ed.feed(b'[');
+        ed.feed(b'A'); // Up -> "second"
+        ed.feed(0x1b);
+        ed.feed(b'[');
+        ed.feed(b'A'); // Up -> "first"
+
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "first"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn arrow_left_right() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "abc");
+        // Left twice
+        ed.feed(0x1b);
+        ed.feed(b'[');
+        ed.feed(b'D');
+        ed.feed(0x1b);
+        ed.feed(b'[');
+        ed.feed(b'D');
+        // Insert 'X' at position 1
+        ed.feed(b'X');
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "aXbc"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn ctrl_a_and_ctrl_e() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "hello");
+        ed.feed(0x01); // Ctrl+A -> beginning
+        ed.feed(b'X');
+        ed.feed(0x05); // Ctrl+E -> end
+        ed.feed(b'Y');
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "XhelloY"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn ctrl_u_kills_to_start() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "hello world");
+        // Move cursor left 5 times (to position 6, before "world")
+        for _ in 0..5 {
+            ed.feed(0x1b);
+            ed.feed(b'[');
+            ed.feed(b'D');
+        }
+        ed.feed(0x15); // Ctrl+U
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "world"),
+            _ => panic!("expected Line event"),
+        }
+    }
+
+    #[test]
+    fn ctrl_w_kills_word() {
+        let mut ed = LineEditor::new();
+        feed_str(&mut ed, "hello world");
+        ed.feed(0x17); // Ctrl+W -> kills "world"
+        let event = ed.feed(b'\r');
+        match event {
+            LineEvent::Line(s) => assert_eq!(s, "hello "),
+            _ => panic!("expected Line event"),
+        }
+    }
+}
diff --git a/crates/supabase-ssh/src/main.rs b/crates/supabase-ssh/src/main.rs
new file mode 100644
index 0000000..94e329a
--- /dev/null
+++ b/crates/supabase-ssh/src/main.rs
@@ -0,0 +1,89 @@
+use std::path::PathBuf;
+
+use anyhow::Result;
+use russh::keys::{Algorithm, HashAlg, PrivateKey};
+use tracing::info;
+use tracing_subscriber::EnvFilter;
+
+use supabase_ssh::bash::default_docs_dir;
+use supabase_ssh::ssh::{SshServerConfig, run_server};
+
+fn env_or<T: std::str::FromStr>(key: &str, default: T) -> T {
+    std::env::var(key)
+        .ok()
+        .and_then(|v| v.parse().ok())
+        .unwrap_or(default)
+}
+
+fn load_host_key() -> Result<PrivateKey> {
+    // Try SSH_HOST_KEY env var first (PEM-encoded)
+    if let Ok(pem) = std::env::var("SSH_HOST_KEY") {
+        let key = PrivateKey::from_openssh(&pem)?;
+        let fp = key.fingerprint(HashAlg::Sha256);
+        info!(fingerprint = %fp, "loaded host key from SSH_HOST_KEY env var");
+        return Ok(key);
+    }
+
+    // Try reading from file
+    let key_path =
+        std::env::var("SSH_HOST_KEY_PATH").unwrap_or_else(|_| "./ssh_host_key".to_string());
+    let path = PathBuf::from(&key_path);
+    if path.exists() {
+        let pem = std::fs::read_to_string(&path)?;
+        let key = PrivateKey::from_openssh(&pem)?;
+        let fp = key.fingerprint(HashAlg::Sha256);
+        info!(path = %key_path, fingerprint = %fp, "loaded host key from file");
+        return Ok(key);
+    }
+
+    // Generate a new key if none found
+    info!("no host key found, generating ephemeral ed25519 key");
+    let key = PrivateKey::random(&mut russh::keys::key::safe_rng(), Algorithm::Ed25519)?;
+    Ok(key)
+}
+
+#[tokio::main]
+async fn main() -> Result<()> {
+    tracing_subscriber::fmt()
+        .with_env_filter(
+            EnvFilter::from_default_env().add_directive("supabase_ssh=info".parse()?),
+        )
+        .init();
+
+    let host_key = load_host_key()?;
+    let docs_dir = default_docs_dir();
+
+    let port: u16 = env_or("PORT", 22);
+    let max_connections: usize = env_or("MAX_CONNECTIONS", 100);
+    let max_connections_per_ip: usize = env_or("MAX_CONNECTIONS_PER_IP", 10);
+    let idle_timeout_secs: u64 = env_or("IDLE_TIMEOUT", 60);
+    let session_timeout_secs: u64 = env_or("SESSION_TIMEOUT", 600);
+    let exec_timeout_secs: u64 = env_or("EXEC_TIMEOUT", 10);
+    let enable_cache: bool = env_or("COMMAND_CACHE", true);
+    let cache_max_entries: usize = env_or("COMMAND_CACHE_MAX_ENTRIES", 1000);
+    let cache_max_output_bytes: usize = env_or("COMMAND_CACHE_MAX_OUTPUT_BYTES", 512 * 1024);
+
+    info!(
+        port = port,
+        docs_dir = %docs_dir.display(),
+        max_connections = max_connections,
+        "starting supabase-ssh"
+    );
+
+    let config = SshServerConfig {
+        port,
+        host_key,
+        docs_dir,
+        idle_timeout_secs,
+        session_timeout_secs,
+        exec_timeout_secs,
+        soft_limit: max_connections * 80 / 100, // 80% of max
+        hard_limit: max_connections,
+        max_connections_per_ip,
+        cache_max_entries,
+        cache_max_output_bytes,
+        enable_cache,
+    };
+
+    run_server(config).await
+}
diff --git a/crates/supabase-ssh/src/session.rs b/crates/supabase-ssh/src/session.rs
new file mode 100644
index 0000000..1512642
--- /dev/null
+++ b/crates/supabase-ssh/src/session.rs
@@ -0,0 +1,90 @@
+use anyhow::Result;
+use bashkit::Bash;
+use russh::ChannelId;
+use tokio::sync::mpsc;
+use tracing::{info, warn};
+
+/// Helper to convert bytes to the type handle.data() expects.
+fn to_bytes(data: &[u8]) -> bytes::Bytes {
+    bytes::Bytes::copy_from_slice(data)
+}
+
+/// Runs an interactive shell session over an SSH channel.
+///
+/// Reads lines from `line_rx`, executes them via bashkit, and writes output
+/// back through the session handle.
+pub async fn run_shell_session(
+    bash: &mut Bash,
+    channel_id: ChannelId,
+    handle: &mut russh::server::Handle,
+    mut line_rx: mpsc::Receiver<String>,
+    banner: &str,
+    prompt_fn: impl Fn(&str) -> String,
+) -> Result<()> {
+    // Send banner
+    if !banner.is_empty() {
+        handle
+            .data(channel_id, to_bytes(banner.as_bytes()))
+            .await
+            .map_err(|e| anyhow::anyhow!("failed to send banner: {e:?}"))?;
+    }
+
+    // Send initial prompt
+    let cwd = bash.shell_state().cwd.to_string_lossy().to_string();
+    let prompt = prompt_fn(&cwd);
+    handle
+        .data(channel_id, to_bytes(prompt.as_bytes()))
+        .await
+        .map_err(|e| anyhow::anyhow!("failed to send prompt: {e:?}"))?;
+
+    while let Some(line) = line_rx.recv().await {
+        let command = line.trim().to_string();
+
+        if command == "exit" {
+            let msg = "\r\n\x1b[38;2;62;207;142mThanks for stopping by!\x1b[0m\r\n\r\n";
+            let _ = handle.data(channel_id, to_bytes(msg.as_bytes())).await;
+            break;
+        }
+
+        if !command.is_empty() {
+            let start = std::time::Instant::now();
+            match bash.exec(&command).await {
+                Ok(result) => {
+                    if !result.stdout.is_empty() {
+                        let stdout = result.stdout.replace('\n', "\r\n");
+                        let _ = handle
+                            .data(channel_id, to_bytes(stdout.as_bytes()))
+                            .await;
+                    }
+                    if !result.stderr.is_empty() {
+                        let stderr = result.stderr.replace('\n', "\r\n");
+                        let _ = handle
+                            .extended_data(channel_id, 1, to_bytes(stderr.as_bytes()))
+                            .await;
+                    }
+                    let duration = start.elapsed();
+                    info!(
+                        command = %command,
+                        exit_code = result.exit_code,
+                        duration_ms = duration.as_millis() as u64,
+                        "shell command executed"
+                    );
+                }
+                Err(err) => {
+                    let msg = format!("Error: {}\r\n", err);
+                    let _ = handle.data(channel_id, to_bytes(msg.as_bytes())).await;
+                    warn!(command = %command, error = %err, "shell command failed");
+                }
+            }
+        }
+
+        // Update prompt with potentially changed cwd
+        let cwd = bash.shell_state().cwd.to_string_lossy().to_string();
+        let prompt = prompt_fn(&cwd);
+        let _ = handle
+            .data(channel_id, to_bytes(prompt.as_bytes()))
+            .await;
+    }
+
+    Ok(())
+}
diff --git a/crates/supabase-ssh/src/ssh.rs b/crates/supabase-ssh/src/ssh.rs
new file mode 100644
index 0000000..f2aa60a
--- /dev/null
+++ b/crates/supabase-ssh/src/ssh.rs
@@ -0,0 +1,548 @@
+use std::borrow::Cow;
+use std::collections::HashMap;
+use std::net::SocketAddr;
+use std::path::PathBuf;
+use std::sync::Arc;
+use std::time::Instant;
+
+use anyhow::Result;
+use russh::keys::{PrivateKey, PublicKey};
+use russh::server::{Auth, Handler, Msg, Server, Session};
+use russh::{Channel, ChannelId};
+use tokio::sync::{mpsc, Mutex};
+use tracing::{info, warn};
+
+use crate::bash::create_bash;
+use crate::cache::{CachedResult, CommandCache};
+use crate::line_editor::{LineEditor, LineEvent};
+use crate::session::run_shell_session;
+
+const LOGO: &str = "\
+ ____                    _                    \r\n\
+/ ___| _   _ _ __   __ _| |__   __ _ ___  ___ \r\n\
+\\___ \\| | | | '_ \\ /  ` | '_ \\ / _` / __|/ _ \\\r\n\
+ ___) | |_| | |_) | (_| | |_) | (_| \\__ \\  __/\r\n\
+|____/ \\__,_| .__/ \\__,_|_.__/ \\__,_|___/\\___|\r\n\
+            |_|";
+
+fn banner() -> String {
+    let green = "\x1b[38;2;62;207;142m";
+    let dim = "\x1b[2m";
+    let bg = "\x1b[48;2;50;50;50m";
+    let reset = "\x1b[0m";
+
+    format!(
+        "{green}{LOGO}{reset}\r\n\r\n\
+         Docs-over-SSH lets your agent browse Supabase documentation directly using bash.\r\n\r\n\
+         Tell your agent to use {dim}ssh supabase.sh <command>{reset} to search the docs:\r\n\r\n\
+         {bg}                                    {reset}\r\n\
+         {bg}  {dim}# Setup using claude{reset}{bg}              {reset}\r\n\
+         {bg}  $ ssh supabase.sh setup | claude  {reset}\r\n\
+         {bg}                                    {reset}\r\n\r\n\
+         {bg}                                         {reset}\r\n\
+         {bg}  {dim}# Or append directly to AGENTS.md{reset}{bg}      {reset}\r\n\
+         {bg}  $ ssh supabase.sh agents >> AGENTS.md  {reset}\r\n\
+         {bg}                                         {reset}\r\n\r\n\
+         Or explore them yourself with tree/grep/cat/etc:\r\n\r\n"
+    )
+}
+
+fn prompt(cwd: &str) -> String {
+    let green = "\x1b[38;2;62;207;142m";
+    let reset = "\x1b[0m";
+    let basename = cwd.rsplit('/').next().unwrap_or(cwd);
+    format!("{green}{basename}{reset} $ ")
+}
+
+/// Helper to convert bytes to the type session.data() expects.
+fn to_bytes(data: &[u8]) -> bytes::Bytes {
+    bytes::Bytes::copy_from_slice(data)
+}
+
+/// Configuration for the SSH server.
+#[allow(dead_code)]
+pub struct SshServerConfig {
+    pub port: u16,
+    pub host_key: PrivateKey,
+    pub docs_dir: PathBuf,
+    pub idle_timeout_secs: u64,
+    pub session_timeout_secs: u64,
+    pub exec_timeout_secs: u64,
+    /// Connections above this start getting probabilistically dropped.
+    pub soft_limit: usize,
+    /// All connections above this are rejected.
+    pub hard_limit: usize,
+    pub max_connections_per_ip: usize,
+    pub cache_max_entries: usize,
+    pub cache_max_output_bytes: usize,
+    pub enable_cache: bool,
+}
+
+/// Shared state across all SSH connections.
+struct SharedState {
+    cache: Option<CommandCache>,
+    docs_dir: PathBuf,
+    idle_timeout_secs: u64,
+    session_timeout_secs: u64,
+    soft_limit: usize,
+    hard_limit: usize,
+    max_connections_per_ip: usize,
+    /// Track active connections per IP.
+    connections: HashMap<SocketAddr, usize>,
+    total_connections: usize,
+}
+
+/// The SSH server that accepts connections.
+pub struct SshServer {
+    state: Arc<Mutex<SharedState>>,
+}
+
+impl SshServer {
+    pub fn new(config: &SshServerConfig) -> Self {
+        let cache = if config.enable_cache {
+            Some(CommandCache::new(
+                config.cache_max_entries,
+                config.cache_max_output_bytes,
+            ))
+        } else {
+            None
+        };
+
+        Self {
+            state: Arc::new(Mutex::new(SharedState {
+                cache,
+                docs_dir: config.docs_dir.clone(),
+                idle_timeout_secs: config.idle_timeout_secs,
+                session_timeout_secs: config.session_timeout_secs,
+                soft_limit: config.soft_limit,
+                hard_limit: config.hard_limit,
+                max_connections_per_ip: config.max_connections_per_ip,
+                connections: HashMap::new(),
+                total_connections: 0,
+            })),
+        }
+    }
+}
+
+impl Server for SshServer {
+    type Handler = SshHandler;
+
+    fn new_client(&mut self, peer_addr: Option<SocketAddr>) -> Self::Handler {
+        info!(peer = ?peer_addr, "new SSH connection");
+        SshHandler {
+            peer_addr,
+            state: self.state.clone(),
+            has_pty: false,
+            shell_line_tx: None,
+            shell_task: None,
+            line_editor: LineEditor::new(),
+            session_start: Instant::now(),
+            last_activity: Arc::new(Mutex::new(Instant::now())),
+        }
+    }
+}
+
+/// Per-connection handler for SSH protocol events.
+pub struct SshHandler {
+    peer_addr: Option<SocketAddr>,
+    state: Arc<Mutex<SharedState>>,
+    has_pty: bool,
+    shell_line_tx: Option<mpsc::Sender<String>>,
+    shell_task: Option<tokio::task::JoinHandle<()>>,
+    line_editor: LineEditor,
+    session_start: Instant,
+    /// Shared last-activity timestamp for idle timeout (shell mode).
+    last_activity: Arc<Mutex<Instant>>,
+}
+
+impl Drop for SshHandler {
+    fn drop(&mut self) {
+        let peer = self.peer_addr;
+        let state = self.state.clone();
+        let duration = self.session_start.elapsed();
+        info!(peer = ?peer, duration_secs = duration.as_secs(), "SSH connection closed");
+
+        // Decrement connection count
+        tokio::spawn(async move {
+            let mut s = state.lock().await;
+            s.total_connections = s.total_connections.saturating_sub(1);
+            if let Some(addr) = peer {
+                if let Some(count) = s.connections.get_mut(&addr) {
+                    *count = count.saturating_sub(1);
+                    if *count == 0 {
+                        s.connections.remove(&addr);
+                    }
+                }
+            }
+        });
+    }
+}
+
+impl SshHandler {
+    /// Check connection limits and register the connection if accepted.
+    /// All auth methods go through this single gate.
+    async fn check_limits_and_accept(&mut self) -> Result<Auth> {
+        let mut state = self.state.lock().await;
+
+        // Probabilistic capacity check: linear ramp between soft and hard limit.
+        // Below soft: always accept. Above hard: always reject.
+        // Between: drop probability increases linearly.
+        if state.total_connections >= state.soft_limit {
+            let drop_probability = if state.total_connections >= state.hard_limit {
+                1.0
+            } else {
+                (state.total_connections - state.soft_limit) as f64
+                    / (state.hard_limit - state.soft_limit) as f64
+            };
+
+            if rand::random::<f64>() < drop_probability {
+                warn!(
+                    total = state.total_connections,
+                    soft = state.soft_limit,
+                    hard = state.hard_limit,
+                    p = format!("{:.2}", drop_probability),
+                    "rejecting connection: at capacity"
+                );
+                return Ok(Auth::Reject {
+                    proceed_with_methods: None,
+                    partial_success: false,
+                });
+            }
+        }
+
+        // Check per-IP limit
+        if let Some(addr) = self.peer_addr {
+            let ip_count = state.connections.get(&addr).copied().unwrap_or(0);
+            if ip_count >= state.max_connections_per_ip {
+                warn!(
+                    ip = %addr,
+                    count = ip_count,
+                    max = state.max_connections_per_ip,
+                    "rejecting connection: per-IP limit"
+                );
+                return Ok(Auth::Reject {
+                    proceed_with_methods: None,
+                    partial_success: false,
+                });
+            }
+            *state.connections.entry(addr).or_insert(0) += 1;
+        }
+
+        state.total_connections += 1;
+        Ok(Auth::Accept)
+    }
+}
+
+impl Handler for SshHandler {
+    type Error = anyhow::Error;
+
+    async fn auth_none(&mut self, _user: &str) -> Result<Auth, Self::Error> {
+        self.check_limits_and_accept().await
+    }
+
+    async fn auth_password(&mut self, _user: &str, _password: &str) -> Result<Auth, Self::Error> {
+        self.check_limits_and_accept().await
+    }
+
+    async fn auth_publickey(
+        &mut self,
+        _user: &str,
+        _public_key: &PublicKey,
+    ) -> Result<Auth, Self::Error> {
+        self.check_limits_and_accept().await
+    }
+
+    async fn channel_open_session(
+        &mut self,
+        _channel: Channel<Msg>,
+        _session: &mut Session,
+    ) -> Result<bool, Self::Error> {
+        Ok(true)
+    }
+
+    async fn pty_request(
+        &mut self,
+        channel_id: ChannelId,
+        _term: &str,
+        _col_width: u32,
+        _row_height: u32,
+        _pix_width: u32,
+        _pix_height: u32,
+        _modes: &[(russh::Pty, u32)],
+        session: &mut Session,
+    ) -> Result<(), Self::Error> {
+        self.has_pty = true;
+        session.channel_success(channel_id)?;
+        Ok(())
+    }
+
+    async fn exec_request(
+        &mut self,
+        channel: ChannelId,
+        data: &[u8],
+        session: &mut Session,
+    ) -> Result<(), Self::Error> {
+        let command = String::from_utf8_lossy(data).to_string();
+        info!(command = %command, "exec request");
+        session.channel_success(channel)?;
+
+        let cwd = "/supabase";
+
+        // Try cache with mutable access
+        let cached = {
+            let mut state = self.state.lock().await;
+            if let Some(cache) = state.cache.as_mut() {
+                cache.get(cwd, &command)
+            } else {
+                None
+            }
+        };
+
+        let result = if let Some(cached) = cached {
+            cached
+        } else {
+            let docs_dir = {
+                let state = self.state.lock().await;
+                state.docs_dir.clone()
+            };
+
+            let mut bash = create_bash(&docs_dir).await?;
+            let result = match bash.exec(&command).await {
+                Ok(exec_result) => CachedResult {
+                    stdout: exec_result.stdout.clone(),
+                    stderr: exec_result.stderr.clone(),
+                    exit_code: exec_result.exit_code,
+                },
+                Err(e) => {
+                    // Resource limits, timeouts, etc. — return as stderr
+                    CachedResult {
+                        stdout: String::new(),
+                        stderr: format!("Error: {e}\n"),
+                        exit_code: 1,
+                    }
+                }
+            };
+
+            // Store in cache
+            let mut state = self.state.lock().await;
+            if let Some(cache) = state.cache.as_mut() {
+                cache.set(cwd, &command, result.clone());
+            }
+
+            result
+        };
+
+        if !result.stdout.is_empty() {
+            session.data(channel, to_bytes(result.stdout.as_bytes()))?;
+        }
+        if !result.stderr.is_empty() {
+            session.extended_data(channel, 1, to_bytes(result.stderr.as_bytes()))?;
+        }
+        session.exit_status_request(channel, result.exit_code as u32)?;
+        session.eof(channel)?;
+        session.close(channel)?;
+
+        Ok(())
+    }
+
+    async fn shell_request(
+        &mut self,
+        channel: ChannelId,
+        session: &mut Session,
+    ) -> Result<(), Self::Error> {
+        info!("shell request");
+        session.channel_success(channel)?;
+
+        let (line_tx, line_rx) = mpsc::channel::<String>(32);
+        self.shell_line_tx = Some(line_tx);
+
+        let (docs_dir, idle_timeout_secs, session_timeout_secs) = {
+            let state = self.state.lock().await;
+            (
+                state.docs_dir.clone(),
+                state.idle_timeout_secs,
+                state.session_timeout_secs,
+            )
+        };
+
+        let mut handle = session.handle();
+        let banner_text = banner();
+        let last_activity = self.last_activity.clone();
+
+        // Spawn an idle watcher that closes the channel if no data arrives
+        let idle_handle = handle.clone();
+        let idle_activity = last_activity.clone();
+        let idle_watcher = tokio::spawn(async move {
+            let idle_duration = std::time::Duration::from_secs(idle_timeout_secs);
+            loop {
+                tokio::time::sleep(std::time::Duration::from_secs(5)).await;
+                let last = *idle_activity.lock().await;
+                if last.elapsed() >= idle_duration {
+                    let green = "\x1b[38;2;62;207;142m";
+                    let reset = "\x1b[0m";
+                    let msg = format!(
+                        "\r\n\r\n{green}Session timed out. Reconnect by running: ssh supabase.sh{reset}\r\n\r\n"
+                    );
+                    let _ = idle_handle.data(channel, to_bytes(msg.as_bytes())).await;
+                    info!("shell session idle timeout after {}s", idle_timeout_secs);
+                    let _ = idle_handle.eof(channel).await;
+                    let _ = idle_handle.close(channel).await;
+                    return;
+                }
+            }
+        });
+
+        self.shell_task = Some(tokio::spawn(async move {
+            let mut bash = match create_bash(&docs_dir).await {
+                Ok(b) => b,
+                Err(e) => {
+                    warn!(error = %e, "failed to create bash instance");
+                    let msg = format!("Error: {}\r\n", e);
+                    let _ = handle.data(channel, to_bytes(msg.as_bytes())).await;
+                    let _ = handle.close(channel).await;
+                    return;
+                }
+            };
+
+            let session_future = run_shell_session(
+                &mut bash,
+                channel,
+                &mut handle,
+                line_rx,
+                &banner_text,
+                prompt,
+            );
+
+            // Enforce max session timeout
+            let timeout_duration =
+                std::time::Duration::from_secs(session_timeout_secs);
+            match tokio::time::timeout(timeout_duration, session_future).await {
+                Ok(Err(e)) => {
+                    warn!(error = %e, "shell session error");
+                }
+                Err(_elapsed) => {
+                    let green = "\x1b[38;2;62;207;142m";
+                    let reset = "\x1b[0m";
+                    let msg = format!(
+                        "\r\n\r\n{green}Session timed out. Reconnect by running: ssh supabase.sh{reset}\r\n\r\n"
+                    );
+                    let _ = handle.data(channel, to_bytes(msg.as_bytes())).await;
+                    info!("shell session timed out after {}s", session_timeout_secs);
+                }
+                Ok(Ok(())) => {}
+            }
+
+            let _ = handle.eof(channel).await;
+            let _ = handle.close(channel).await;
+            idle_watcher.abort();
+        }));
+
+        Ok(())
+    }
+
+    async fn data(
+        &mut self,
+        channel: ChannelId,
+        data: &[u8],
+        session: &mut Session,
+    ) -> Result<(), Self::Error> {
+        if let Some(tx) = &self.shell_line_tx {
+            // Reset idle timer on any data from client
+            *self.last_activity.lock().await = Instant::now();
+
+            for &byte in data {
+                match self.line_editor.feed(byte) {
+                    LineEvent::Line(line) => {
+                        // Echo the newline
+                        session.data(channel, to_bytes(b"\r\n"))?;
+                        // Send Ctrl+C prompt re-display or the line to the shell task
+                        let _ = tx.send(line).await;
+                    }
+                    LineEvent::Eof => {
+                        let _ = tx.send("exit".to_string()).await;
+                    }
+                    LineEvent::Echo(bytes) => {
+                        if !bytes.is_empty() {
+                            session.data(channel, to_bytes(&bytes))?;
+                            // If this was Ctrl+C, also re-send the prompt
+                            if byte == 0x03 {
+                                let prompt_str = prompt("supabase");
+                                session
+                                    .data(channel, to_bytes(prompt_str.as_bytes()))?;
+                            }
+                        }
+                    }
+                    LineEvent::None => {}
+                }
+            }
+        }
+        Ok(())
+    }
+
+    async fn channel_eof(
+        &mut self,
+        _channel: ChannelId,
+        _session: &mut Session,
+    ) -> Result<(), Self::Error> {
+        if let Some(tx) = self.shell_line_tx.take() {
+            drop(tx);
+        }
+        Ok(())
+    }
+}
+
+/// Run the SSH server with graceful shutdown on SIGTERM/SIGINT.
+pub async fn run_server(config: SshServerConfig) -> Result<()> {
+    let version = std::env::var("VERSION").unwrap_or_else(|_| "dev".to_string());
+    let server_id = format!("SSH-2.0-supabase-ssh_{version}");
+
+    let russh_config = russh::server::Config {
+        server_id: russh::SshId::Standard(Cow::Owned(server_id)),
+        keys: vec![config.host_key.clone()],
+        inactivity_timeout: Some(std::time::Duration::from_secs(config.idle_timeout_secs)),
+        ..Default::default()
+    };
+
+    let port = config.port;
+    let mut server = SshServer::new(&config);
+
+    info!(port = port, "SSH server listening");
+
+    // Run the server and listen for shutdown signals concurrently
+    tokio::select! {
+        result = server.run_on_address(Arc::new(russh_config), ("0.0.0.0", port)) => {
+            result?;
+        }
+        _ = shutdown_signal() => {
+            info!("shutdown signal received, draining connections");
+            // russh will drop all handlers, triggering Drop which decrements counts.
+            // Give in-flight commands a moment to finish.
+            tokio::time::sleep(std::time::Duration::from_secs(2)).await;
+            info!("shutdown complete");
+        }
+    }
+
+    Ok(())
+}
+
+/// Wait for SIGTERM or SIGINT (Ctrl+C).
+async fn shutdown_signal() {
+    let ctrl_c = tokio::signal::ctrl_c();
+
+    #[cfg(unix)]
+    {
+        let mut sigterm =
+            tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate())
+                .expect("failed to register SIGTERM handler");
+        tokio::select! {
+            _ = ctrl_c => { info!("SIGINT received"); }
+            _ = sigterm.recv() => { info!("SIGTERM received"); }
+        }
+    }
+
+    #[cfg(not(unix))]
+    {
+        ctrl_c.await.expect("failed to listen for ctrl_c");
+        info!("SIGINT received");
+    }
+}
diff --git a/crates/supabase-ssh/tests/integration.rs b/crates/supabase-ssh/tests/integration.rs
new file mode 100644
index 0000000..d8c30c1
--- /dev/null
+++ b/crates/supabase-ssh/tests/integration.rs
@@ -0,0 +1,454 @@
+use std::net::SocketAddr;
+use std::sync::Arc;
+use std::time::Duration;
+
+use russh::keys::{Algorithm, PrivateKey};
+use russh::server::Server;
+use tokio::net::TcpStream;
+use tokio::time::timeout;
+
+// ---------------------------------------------------------------------------
+// Test 1: Server starts and sends SSH protocol banner
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn server_starts_and_sends_ssh_banner() {
+    let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
+    let addr = listener.local_addr().unwrap();
+    drop(listener);
+
+    let host_key =
+        PrivateKey::random(&mut russh::keys::key::safe_rng(), Algorithm::Ed25519).unwrap();
+
+    let config = Arc::new(russh::server::Config {
+        server_id: russh::SshId::Standard("SSH-2.0-test".into()),
+        keys: vec![host_key],
+        inactivity_timeout: Some(Duration::from_secs(5)),
+        ..Default::default()
+    });
+
+    let server_config = config.clone();
+    let server_handle = tokio::spawn(async move {
+        let mut server = TestServer;
+        let _ = server.run_on_address(server_config, addr).await;
+    });
+
+    tokio::time::sleep(Duration::from_millis(500)).await;
+
+    let stream = timeout(Duration::from_secs(3), TcpStream::connect(addr))
+        .await
+        .expect("TCP connect timed out")
+        .expect("TCP connect failed");
+
+    let mut buf = vec![0u8; 256];
+    stream.readable().await.unwrap();
+    let n = stream.try_read(&mut buf).unwrap();
+    let banner = String::from_utf8_lossy(&buf[..n]);
+
+    assert!(
+        banner.starts_with("SSH-2.0-test"),
+        "Expected SSH banner, got: {banner}"
+    );
+
+    server_handle.abort();
+}
+
+// ---------------------------------------------------------------------------
+// Test 2: Full SSH handshake + exec command via russh client
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn exec_echo_command_over_ssh() {
+    let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
+    let addr = listener.local_addr().unwrap();
+    drop(listener);
+
+    let host_key =
+        PrivateKey::random(&mut russh::keys::key::safe_rng(), Algorithm::Ed25519).unwrap();
+
+    let config = Arc::new(russh::server::Config {
+        server_id: russh::SshId::Standard("SSH-2.0-test-exec".into()),
+        keys: vec![host_key],
+        inactivity_timeout: Some(Duration::from_secs(10)),
+        ..Default::default()
+    });
+
+    // Start server with a handler that runs bashkit
+    let server_config = config.clone();
+    let server_handle = tokio::spawn(async move {
+        let mut server = BashServer;
+        let _ = server.run_on_address(server_config, addr).await;
+    });
+
+    tokio::time::sleep(Duration::from_millis(500)).await;
+
+    // Connect with russh client
+    let client_config = Arc::new(russh::client::Config::default());
+    let mut session = timeout(
+        Duration::from_secs(5),
+        russh::client::connect(client_config, addr, TestClient),
+    )
+    .await
+    .expect("client connect timed out")
+    .expect("client connect failed");
+
+    // Authenticate (server accepts all)
+    let auth_result = session
+        .authenticate_none("user")
+        .await
+        .expect("auth failed");
+    assert!(
+        matches!(auth_result, russh::client::AuthResult::Success),
+        "auth should succeed, got: {auth_result:?}"
+    );
+
+    // Open a channel and exec
+    let mut channel = session.channel_open_session().await.expect("channel open");
+    channel
+        .exec(true, "echo hello world")
+        .await
+        .expect("exec");
+
+    // Collect output
+    let mut stdout = String::new();
+    let mut exit_code: Option<u32> = None;
+
+    let result = timeout(Duration::from_secs(10), async {
+        loop {
+            match channel.wait().await {
+                Some(russh::ChannelMsg::Data { data }) => {
+                    stdout.push_str(&String::from_utf8_lossy(&data));
+                }
+                Some(russh::ChannelMsg::ExitStatus { exit_status }) => {
+                    exit_code = Some(exit_status);
+                }
+                Some(russh::ChannelMsg::Eof) | Some(russh::ChannelMsg::Close) => break,
+                None => break,
+                _ => {}
+            }
+        }
+    })
+    .await;
+
+    assert!(result.is_ok(), "timed out waiting for command output");
+    assert_eq!(stdout.trim(), "hello world", "stdout mismatch: {stdout:?}");
+    assert_eq!(exit_code, Some(0), "exit code should be 0");
+
+    session
+        .disconnect(russh::Disconnect::ByApplication, "", "")
+        .await
+        .ok();
+    server_handle.abort();
+}
+
+// ---------------------------------------------------------------------------
+// Test 3: Exec a command that fails (nonexistent command)
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn exec_failing_command_returns_nonzero_exit() {
+    let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
+    let addr = listener.local_addr().unwrap();
+    drop(listener);
+
+    let host_key =
+        PrivateKey::random(&mut russh::keys::key::safe_rng(), Algorithm::Ed25519).unwrap();
+
+    let config = Arc::new(russh::server::Config {
+        server_id: russh::SshId::Standard("SSH-2.0-test-fail".into()),
+        keys: vec![host_key],
+        inactivity_timeout: Some(Duration::from_secs(10)),
+        ..Default::default()
+    });
+
+    let server_config = config.clone();
+    let server_handle = tokio::spawn(async move {
+        let mut server = BashServer;
+        let _ = server.run_on_address(server_config, addr).await;
+    });
+
+    tokio::time::sleep(Duration::from_millis(500)).await;
+
+    let client_config = Arc::new(russh::client::Config::default());
+    let mut session = timeout(
+        Duration::from_secs(5),
+        russh::client::connect(client_config, addr, TestClient),
+    )
+    .await
+    .unwrap()
+    .unwrap();
+
+    session.authenticate_none("user").await.unwrap();
+
+    let mut channel = session.channel_open_session().await.unwrap();
+    channel.exec(true, "false").await.unwrap();
+
+    let mut exit_code: Option<u32> = None;
+
+    let _ = timeout(Duration::from_secs(10), async {
+        loop {
+            match channel.wait().await {
+                Some(russh::ChannelMsg::ExitStatus { exit_status }) => {
+                    exit_code = Some(exit_status);
+                }
+                Some(russh::ChannelMsg::Eof) | Some(russh::ChannelMsg::Close) => break,
+                None => break,
+                _ => {}
+            }
+        }
+    })
+    .await;
+
+    assert_eq!(exit_code, Some(1), "exit code for `false` should be 1");
+
+    session
+        .disconnect(russh::Disconnect::ByApplication, "", "")
+        .await
+        .ok();
+    server_handle.abort();
+}
+
+// ---------------------------------------------------------------------------
+// Test 4: Real docs mounted via realfs, read via bashkit
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn exec_cat_doc_from_realfs_mount() {
+    use std::io::Write;
+
+    // Create a temp dir with a doc file
+    let tmp = tempfile::tempdir().unwrap();
+    let doc_path = tmp.path().join("test-guide.md");
+    let mut f = std::fs::File::create(&doc_path).unwrap();
+    writeln!(f, "# Test Guide\n\nThis is a test document.").unwrap();
+    drop(f);
+
+    let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
+    let addr = listener.local_addr().unwrap();
+    drop(listener);
+
+    let host_key =
+        PrivateKey::random(&mut russh::keys::key::safe_rng(), Algorithm::Ed25519).unwrap();
+
+    let config = Arc::new(russh::server::Config {
+        server_id: russh::SshId::Standard("SSH-2.0-test-realfs".into()),
+        keys: vec![host_key],
+        inactivity_timeout: Some(Duration::from_secs(10)),
+        ..Default::default()
+    });
+
+    let docs_dir = tmp.path().to_path_buf();
+    let server_config = config.clone();
+    let server_handle = tokio::spawn(async move {
+        let mut server = RealFsServer { docs_dir };
+        let _ = server.run_on_address(server_config, addr).await;
+    });
+
+    tokio::time::sleep(Duration::from_millis(500)).await;
+
+    let client_config = Arc::new(russh::client::Config::default());
+    let mut session = timeout(
+        Duration::from_secs(5),
+        russh::client::connect(client_config, addr, TestClient),
+    )
+    .await
+    .unwrap()
+    .unwrap();
+
+    session.authenticate_none("user").await.unwrap();
+
+    let mut channel = session.channel_open_session().await.unwrap();
+    channel
+        .exec(true, "cat /supabase/docs/test-guide.md")
+        .await
+        .unwrap();
+
+    let mut stdout = String::new();
+    let mut exit_code: Option<u32> = None;
+
+    let _ = timeout(Duration::from_secs(10), async {
+        loop {
+            match channel.wait().await {
+                Some(russh::ChannelMsg::Data { data }) => {
+                    stdout.push_str(&String::from_utf8_lossy(&data));
+                }
+                Some(russh::ChannelMsg::ExitStatus { exit_status }) => {
+                    exit_code = Some(exit_status);
+                }
+                Some(russh::ChannelMsg::Eof) | Some(russh::ChannelMsg::Close) => break,
+                None => break,
+                _ => {}
+            }
+        }
+    })
+    .await;
+
+    assert_eq!(exit_code, Some(0), "cat should succeed");
+    assert!(
+        stdout.contains("Test Guide"),
+        "should contain doc content, got: {stdout:?}"
+    );
+    assert!(
+        stdout.contains("This is a test document."),
+        "should contain full doc body, got: {stdout:?}"
+    );
+
+    session
+        .disconnect(russh::Disconnect::ByApplication, "", "")
+        .await
+        .ok();
+    server_handle.abort();
+}
+
+// ---------------------------------------------------------------------------
+// Helpers: minimal server/client impls
+// ---------------------------------------------------------------------------
+
+/// Minimal Server impl — just accepts auth.
+struct TestServer;
+
+impl Server for TestServer {
+    type Handler = TestHandler;
+
+    fn new_client(&mut self, _peer_addr: Option<SocketAddr>) -> Self::Handler {
+        TestHandler
+    }
+}
+
+struct TestHandler;
+
+impl russh::server::Handler for TestHandler {
+    type Error = anyhow::Error;
+
+    async fn auth_none(&mut self, _user: &str) -> Result<russh::server::Auth, Self::Error> {
+        Ok(russh::server::Auth::Accept)
+    }
+}
+
+/// Server that runs bashkit for exec requests.
+struct BashServer;
+
+impl Server for BashServer {
+    type Handler = BashHandler;
+
+    fn new_client(&mut self, _peer_addr: Option<SocketAddr>) -> Self::Handler {
+        BashHandler
+    }
+}
+
+struct BashHandler;
+
+impl russh::server::Handler for BashHandler {
+    type Error = anyhow::Error;
+
+    async fn auth_none(&mut self, _user: &str) -> Result<russh::server::Auth, Self::Error> {
+        Ok(russh::server::Auth::Accept)
+    }
+
+    async fn channel_open_session(
+        &mut self,
+        _channel: russh::Channel<russh::server::Msg>,
+        _session: &mut russh::server::Session,
+    ) -> Result<bool, Self::Error> {
+        Ok(true)
+    }
+
+    async fn exec_request(
+        &mut self,
+        channel: russh::ChannelId,
+        data: &[u8],
+        session: &mut russh::server::Session,
+    ) -> Result<(), Self::Error> {
+        let command = String::from_utf8_lossy(data).to_string();
+        session.channel_success(channel)?;
+
+        let mut bash = bashkit::Bash::builder().cwd("/").build();
+        let result = bash.exec(&command).await?;
+
+        if !result.stdout.is_empty() {
+            session.data(channel, bytes::Bytes::from(result.stdout.into_bytes()))?;
+        }
+        if !result.stderr.is_empty() {
+            session.extended_data(channel, 1, bytes::Bytes::from(result.stderr.into_bytes()))?;
+        }
+        session.exit_status_request(channel, result.exit_code as u32)?;
+        session.eof(channel)?;
+        session.close(channel)?;
+
+        Ok(())
+    }
+}
+
+/// Server that uses the real create_bash with realfs docs mount.
+struct RealFsServer {
+    docs_dir: std::path::PathBuf,
+}
+
+impl Server for RealFsServer {
+    type Handler = RealFsHandler;
+
+    fn new_client(&mut self, _peer_addr: Option<SocketAddr>) -> Self::Handler {
+        RealFsHandler {
+            docs_dir: self.docs_dir.clone(),
+        }
+    }
+}
+
+struct RealFsHandler {
+    docs_dir: std::path::PathBuf,
+}
+
+impl russh::server::Handler for RealFsHandler {
+    type Error = anyhow::Error;
+
+    async fn auth_none(&mut self, _user: &str) -> Result<russh::server::Auth, Self::Error> {
+        Ok(russh::server::Auth::Accept)
+    }
+
+    async fn channel_open_session(
+        &mut self,
+        _channel: russh::Channel<russh::server::Msg>,
+        _session: &mut russh::server::Session,
+    ) -> Result<bool, Self::Error> {
+        Ok(true)
+    }
+
+    async fn exec_request(
+        &mut self,
+        channel: russh::ChannelId,
+        data: &[u8],
+        session: &mut russh::server::Session,
+    ) -> Result<(), Self::Error> {
+        let command = String::from_utf8_lossy(data).to_string();
+        session.channel_success(channel)?;
+
+        let mut bash = supabase_ssh::bash::create_bash(&self.docs_dir).await?;
+        let result = bash.exec(&command).await?;
+
+        if !result.stdout.is_empty() {
+            session.data(channel, bytes::Bytes::from(result.stdout.into_bytes()))?;
+        }
+        if !result.stderr.is_empty() {
+            session.extended_data(channel, 1, bytes::Bytes::from(result.stderr.into_bytes()))?;
+        }
+        session.exit_status_request(channel, result.exit_code as u32)?;
+        session.eof(channel)?;
+        session.close(channel)?;
+
+        Ok(())
+    }
+}
+
+/// Minimal client handler — accepts any server key.
+struct TestClient;
+
+impl russh::client::Handler for TestClient {
+    type Error = anyhow::Error;
+
+    async fn check_server_key(
+        &mut self,
+        _server_public_key: &russh::keys::PublicKey,
+    ) -> Result<bool, Self::Error> {
+        Ok(true) // Accept any host key
+    }
+}
diff --git a/crates/supabase-ssh/tests/security.rs b/crates/supabase-ssh/tests/security.rs
new file mode 100644
index 0000000..d7646bb
--- /dev/null
+++ b/crates/supabase-ssh/tests/security.rs
@@ -0,0 +1,391 @@
+//! Security tests — ported from apps/ssh/src/shell/attacks.test.ts
+//!
+//! Verifies that bashkit's execution limits catch abuse.
+//!
+//! Key difference from just-bash (TS): bashkit returns Err(ResourceLimit(...))
+//! when limits are exceeded, rather than Ok(ExecResult { stderr: "..." }).
+//! Both behaviors are correct — the limit IS enforced.
+
+use std::io::Write;
+
+use supabase_ssh::bash::create_bash;
+
+async fn test_bash() -> bashkit::Bash {
+    let tmp = tempfile::tempdir().unwrap();
+    let mut f = std::fs::File::create(tmp.path().join("test.md")).unwrap();
+    writeln!(f, "# Test").unwrap();
+    drop(f);
+    create_bash(tmp.path()).await.unwrap()
+}
+
+/// Returns true if the exec was stopped (either Err or non-zero exit with limit message).
+async fn exec_is_stopped(bash: &mut bashkit::Bash, script: &str) -> bool {
+    match bash.exec(script).await {
+        Err(e) => {
+            let msg = format!("{e:?}").to_lowercase();
+            msg.contains("limit")
+                || msg.contains("timeout")
+                || msg.contains("depth")
+                || msg.contains("resource")
+                || msg.contains("commands")
+                || msg.contains("iteration")
+        }
+        Ok(result) => {
+            let s = result.stderr.to_lowercase();
+            result.exit_code != 0
+                && (s.contains("limit")
+                    || s.contains("timeout")
+                    || s.contains("depth")
+                    || s.contains("iteration")
+                    || s.contains("commands"))
+        }
+    }
+}
+
+/// Returns the result or describes the error.
+async fn exec_result_or_err(
+    bash: &mut bashkit::Bash,
+    script: &str,
+) -> Result<bashkit::ExecResult, String> {
+    bash.exec(script).await.map_err(|e| format!("{e:?}"))
+}
+
+// ---------------------------------------------------------------------------
+// Attack: infinite loops
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn while_true_is_stopped() {
+    let mut bash = test_bash().await;
+    assert!(
+        exec_is_stopped(&mut bash, "while true; do echo x; done").await,
+        "infinite while loop must be stopped"
+    );
+}
+
+#[tokio::test]
+async fn until_false_is_stopped() {
+    let mut bash = test_bash().await;
+    assert!(
+        exec_is_stopped(&mut bash, "until false; do echo x; done").await,
+        "infinite until loop must be stopped"
+    );
+}
+
+// ---------------------------------------------------------------------------
+// Attack: output flooding
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn output_bounded_to_1mb() {
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(
+        &mut bash,
+        "while true; do echo 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'; done",
+    ).await;
+    match res {
+        Ok(result) => {
+            let total = result.stdout.len() + result.stderr.len();
+            assert!(total <= 1024 * 1024 + 8192, "output should be bounded, got {total}");
+        }
+        Err(e) => {
+            // ResourceLimit error is also acceptable — output was stopped
+            assert!(
+                e.to_lowercase().contains("limit") || e.to_lowercase().contains("output"),
+                "unexpected error: {e}"
+            );
+        }
+    }
+}
+
+// ---------------------------------------------------------------------------
+// Attack: string/memory amplification
+// ---------------------------------------------------------------------------
+
+/// Note: bashkit doesn't have a separate maxStringLength like just-bash.
+/// The 25-iteration loop is under the 1000 limit, so it completes.
+/// The 10s execution timeout is the backstop in production.
+/// MemoryLimits.max_total_variable_bytes bounds total variable storage.
+#[tokio::test]
+async fn exponential_string_growth_bounded_by_timeout_or_memory() {
+    let start = std::time::Instant::now();
+    let mut bash = test_bash().await;
+    let _ = exec_result_or_err(
+        &mut bash,
+        r#"x="AAAAAAAAAA"; for i in $(seq 1 25); do x="$x$x"; done; echo ${#x}"#,
+    )
+    .await;
+    // Must complete within the 10s timeout
+    assert!(start.elapsed().as_secs() < 15, "should complete within timeout");
+}
+
+#[tokio::test]
+async fn large_array_bounded() {
+    let mut bash = test_bash().await;
+    assert!(
+        exec_is_stopped(
+            &mut bash,
+            r#"arr=(); for i in $(seq 1 20000); do arr+=("$i"); done; echo ${#arr[@]}"#
+        )
+        .await,
+        "large array construction must be bounded"
+    );
+}
+
+// ---------------------------------------------------------------------------
+// Attack: recursion depth
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn deep_recursion_stopped() {
+    let mut bash = test_bash().await;
+    assert!(
+        exec_is_stopped(&mut bash, "f() { f; }; f").await,
+        "deep recursion must be stopped by max_function_depth"
+    );
+}
+
+// ---------------------------------------------------------------------------
+// Attack: command count exhaustion
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn many_commands_hit_limit() {
+    let mut bash = test_bash().await;
+    let cmds: Vec<String> = (0..1500).map(|i| format!("echo {i}")).collect();
+    assert!(
+        exec_is_stopped(&mut bash, &cmds.join("; ")).await,
+        "1500 commands must hit max_commands limit"
+    );
+}
+
+// ---------------------------------------------------------------------------
+// Attack: sed amplification
+// ---------------------------------------------------------------------------
+
+/// Note: bashkit doesn't have a separate maxSedIterations like just-bash.
+/// The sed loop terminates naturally when output hits max_stdout_bytes or
+/// the 10s execution timeout fires.
+#[tokio::test]
+async fn sed_branch_loop_bounded_by_timeout_or_output() {
+    let start = std::time::Instant::now();
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(
+        &mut bash,
+        r#"echo "aaa" | sed ":loop; s/a/aa/; t loop""#,
+    )
+    .await;
+    let elapsed = start.elapsed();
+    // Must be stopped by timeout (10s) or output limit (1MB)
+    assert!(elapsed.as_secs() < 15, "sed loop should be bounded by timeout");
+    match res {
+        Ok(r) => {
+            // Output should be bounded even if exit code is 0
+            assert!(
+                r.stdout.len() + r.stderr.len() <= 1024 * 1024 + 8192,
+                "output should be bounded"
+            );
+        }
+        Err(_) => {} // Resource limit error is fine
+    }
+}
+
+// ---------------------------------------------------------------------------
+// Attack: read-only HOST filesystem (realfs mount)
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn cannot_write_to_realfs_mount() {
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(&mut bash, r#"echo "pwned" > /supabase/docs/evil.md"#).await;
+    match res {
+        Ok(r) => assert_ne!(r.exit_code, 0, "write to realfs should fail"),
+        Err(_) => {} // Error is acceptable
+    }
+}
+
+#[tokio::test]
+async fn cannot_mkdir_in_realfs_mount() {
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(&mut bash, "mkdir /supabase/docs/evil").await;
+    match res {
+        Ok(r) => assert_ne!(r.exit_code, 0, "mkdir in realfs should fail"),
+        Err(_) => {}
+    }
+}
+
+#[tokio::test]
+async fn cannot_delete_from_realfs_mount() {
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(&mut bash, "rm /supabase/docs/test.md").await;
+    match res {
+        Ok(r) => assert_ne!(r.exit_code, 0, "rm in realfs should fail"),
+        Err(_) => {}
+    }
+}
+
+#[tokio::test]
+async fn inmemory_writes_are_sandboxed() {
+    let mut bash = test_bash().await;
+    let result = bash
+        .exec(r#"echo "test" > /tmp/test.txt && cat /tmp/test.txt"#)
+        .await
+        .unwrap();
+    assert_eq!(result.exit_code, 0);
+    assert!(result.stdout.contains("test"));
+}
+
+// ---------------------------------------------------------------------------
+// Attack: timeout enforcement
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn execution_timeout_enforced() {
+    let start = std::time::Instant::now();
+    let mut bash = test_bash().await;
+    let stopped = exec_is_stopped(
+        &mut bash,
+        "for i in $(seq 1 1000); do for j in $(seq 1 1000); do echo $i.$j; done; done",
+    )
+    .await;
+    let elapsed = start.elapsed();
+
+    assert!(stopped, "should be stopped by timeout or limits");
+    assert!(elapsed.as_secs() < 15, "took {}s, expected <15s", elapsed.as_secs());
+}
+
+// ---------------------------------------------------------------------------
+// Functional: concurrent execution
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn concurrent_instances_dont_block_each_other() {
+    let start = std::time::Instant::now();
+
+    let handles: Vec<_> = (0..5)
+        .map(|_| {
+            tokio::spawn(async {
+                let mut bash = test_bash().await;
+                exec_result_or_err(
+                    &mut bash,
+                    "for i in $(seq 1 500); do x=$((i * 2)); done; echo done",
+                )
+                .await
+            })
+        })
+        .collect();
+
+    let results: Vec<_> = futures::future::join_all(handles).await;
+    let elapsed = start.elapsed();
+
+    for result in &results {
+        let r = result.as_ref().unwrap();
+        match r {
+            Ok(exec_result) => assert!(
+                exec_result.stdout.contains("done") || !exec_result.stderr.is_empty()
+            ),
+            Err(_) => {} // Resource limit is fine
+        }
+    }
+
+    assert!(elapsed.as_secs() < 30, "took {}s, expected <30s", elapsed.as_secs());
+}
+
+// ---------------------------------------------------------------------------
+// Attack: brace expansion bomb
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn brace_expansion_bomb_bounded() {
+    let start = std::time::Instant::now();
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(&mut bash, "echo {1..1000}{1..1000}").await;
+    let elapsed = start.elapsed();
+    // Must be stopped by timeout or output/resource limit
+    assert!(elapsed.as_secs() < 15, "brace expansion should be bounded by timeout");
+    match res {
+        Ok(r) => {
+            assert!(
+                r.stdout.len() + r.stderr.len() <= 1024 * 1024 + 8192,
+                "output should be bounded"
+            );
+        }
+        Err(_) => {} // Resource limit error is fine
+    }
+}
+
+// ---------------------------------------------------------------------------
+// Attack: command substitution depth
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn command_substitution_depth_stopped() {
+    let mut bash = test_bash().await;
+    // Build 25-level deep nested command substitution
+    let mut script = String::from("echo hello");
+    for _ in 0..25 {
+        script = format!("echo $({})", script);
+    }
+    // bashkit may return Err or Ok with non-zero exit or truncated output
+    let res = exec_result_or_err(&mut bash, &script).await;
+    match res {
+        Err(_) => {} // Resource limit error — stopped
+        Ok(r) => {
+            // Even if it succeeds, the nesting was bounded by ast_depth or timeout
+            assert!(
+                r.exit_code != 0
+                    || r.stdout.len() < 1024 * 1024
+                    || r.stderr.to_lowercase().contains("limit")
+                    || r.stderr.to_lowercase().contains("depth"),
+                "deep substitution should be bounded, exit={} stderr={:?}",
+                r.exit_code,
+                r.stderr
+            );
+        }
+    }
+}
+
+// ---------------------------------------------------------------------------
+// Attack: arithmetic in tight loop
+// ---------------------------------------------------------------------------
+
+#[tokio::test]
+async fn arithmetic_in_tight_loop_bounded() {
+    let mut bash = test_bash().await;
+    assert!(
+        exec_is_stopped(
+            &mut bash,
+            "x=0; while true; do x=$((x+1)); done; echo $x"
+        )
+        .await,
+        "arithmetic tight loop must be stopped"
+    );
+}
+
+// ---------------------------------------------------------------------------
+// Attack: awk infinite loop
+// ---------------------------------------------------------------------------
+
+/// Note: bashkit's awk doesn't have a separate maxAwkIterations like just-bash.
+/// The awk loop is bounded by the global 10s timeout or output limit.
+#[tokio::test]
+async fn awk_infinite_loop_bounded() {
+    let start = std::time::Instant::now();
+    let mut bash = test_bash().await;
+    let res = exec_result_or_err(
+        &mut bash,
+        r#"echo x | awk "{ while(1) print }""#,
+    )
+    .await;
+    let elapsed = start.elapsed();
+    assert!(elapsed.as_secs() < 15, "awk loop should be bounded by timeout");
+    match res {
+        Ok(r) => {
+            assert!(
+                r.stdout.len() + r.stderr.len() <= 1024 * 1024 + 8192,
+                "output should be bounded"
+            );
+        }
+        Err(_) => {} // Resource limit error is fine
+    }
+}