Overview

Traversio is a native Swift SSH client library for Apple platforms. It is built around modern transport APIs, Swift Concurrency, and protocol layers that remain testable in isolation.

This site contains the main documentation set for the library: public API reference, usage guides, architecture notes, and status pages.

Start with Why Traversio for the design rationale. Start with Mental Model for the public object model and the main workflows.

Supported In This Release

• The current public platform floor is documented in Quickstart and declared directly in Package.swift.
• SSHClient.connect(configuration:) provides explicit long-lived connection ownership.
• SSHClient.withConnection(configuration:_:) provides the same connection path in a closure-scoped form.
• SSHClientConfiguration supports RFC 4253 zlib, delayed OpenSSH [email protected], automatic rekey policy, idle keepalive, a default 30-second setup timeout, and explicit reply timeouts.
• SSHClient.connect(...) and SSHClient.withConnection(...) support logHandler: for structured lifecycle and failure events.
• Password authentication, keyboard-interactive authentication, and Ed25519, RSA, and ECDSA public-key authentication are available.
• OpenSSH-compatible key generation is available through SSHOpenSSHKeyPair.generate(...).
• The public connection API covers remote commands, PTY-backed shells, SFTP, raw direct-tcpip, [email protected], forwarded-tcpip, and [email protected] channels, local and dynamic forwarding helpers, raw remote TCP and streamlocal listeners, and a remote-forward bridge helper.
• SSHClientConfiguration supports SOCKS5 and HTTP CONNECT outer connection proxies plus multi-hop proxyJumpHosts.
• The SFTP surface covers version exchange, metadata queries, attribute updates, filesystem queries, directory listing, public file handles, bounded concurrent whole-file reads, bounded concurrent whole-file writes, optional OpenSSH fsync, rename, remove, directory creation or removal, symlink creation, and readlink.
• Host trust supports exact key pinning, trusted key sets, first-seen and changed-key helpers with app-owned persistence, async trust callbacks, and OpenSSH known_hosts.
• Current live-validation coverage includes OpenSSH, the local Dropbear baseline, the local AsyncSSH matrix target, and a multi-hour combined soak across shell, SFTP, forwarding, remote HTTP forwarding, and rekey-heavy paths with clean results.

Known Limits

• Forwarding covers the core use cases, and lifecycle semantics plus broader interoperability remain active release work.
• Host trust keeps persistence in the application boundary, and host-certificate coverage stays focused on the documented Ed25519 and ECDSA P-256 paths.
• Long-lived shells, streamed exec sessions, and raw forwarding channels expose event streams, and cancellation semantics are still being refined.
• The transport profile is already live-validated across OpenSSH, Dropbear, and AsyncSSH, and the wider production compatibility matrix is still being expanded.

Status

Traversio is suitable for evaluation and staged integration. Production hardening, broader compatibility coverage, and final lifecycle guidance are still in progress.

Recommended Reading Order

If you want the fastest path from "what is this?" to "how do I use it?", read in this order:

1. Mental Model
2. Quickstart
3. Diagnostics
4. Running Commands or Interactive Shell
5. SFTP or Forwarding
6. Public API
7. Architecture

Read By Section

Use the section cards below to jump straight to the topic you need. Larger subjects such as authentication, session workflows, and SFTP are grouped into dedicated sections.