New crates:
bascule-dashboard — shared Dioxus component library
SessionTable: live active sessions with auth/backend/TPM status
StatsCards: active count, 24h total, TPM attested %, failed auth
StatusBar: connection health indicator
types.rs: DashboardSession, DashboardStats, HealthResponse
bascule-dashboard-web — WASM web target (Dioxus 0.6 + web features)
Compiles to wasm32-unknown-unknown
Dark-first CSS (light mode via prefers-color-scheme)
Monospace data display, clean stat cards
bascule-core/store.rs — in-memory session store
SessionStore with active sessions + aggregate stats
Updated via SessionHandler hooks
Both dashboard library and web WASM target compile clean.
Server and shell builds unaffected. Zero substrate deps.
Signed-off-by: Tyler King <tking@guildhouse.dev>
New crate: bascule-shell (471 lines, 1.8MB binary)
Login shell that detects identity + platform attestation at startup.
Wraps bash/zsh/fish — operator works normally, identity travels with them.
Identity detection (priority order):
1. Entra via WSL2 interop
2. Azure CLI
3. Kerberos TGT
4. Cached OIDC token
5. System user (fallback)
Platform attestation:
TPM 2.0 PCR values via tpm2_pcrread (PCRs 0,1,2,7,10,14)
IMA measurement log hash + count
Keylime agent state
Entra device compliance (WSL2 only)
Composite SHA-256 hash over all evidence
Shell features:
Banner with identity + attestation summary
BASCULE_* env vars injected into inner shell
--info mode for dry-run display
--json mode for machine-readable output
--exec mode for single-command execution
Configurable via ~/.config/bascule/shell.toml
Tested on Fedora with real TPM 2.0:
6 PCRs successfully read from hardware
All env vars propagated to inner shell
1.8MB binary, 0 substrate deps
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bascule now supports two session modes:
Local — spawns a PTY on this machine (default, existing)
Proxy — forwards the session to a target SSH host (NEW)
Proxy mode:
SSH client ←→ bascule (auth + hooks) ←→ target SSH host
Authenticates client via configured auth provider
Connects to upstream SSH host via russh client
Bridges I/O between client and upstream channels
PTY, shell, and exec requests forwarded to target
Exit status propagated back to client
Config:
[proxy]
target_host = "192.168.1.100"
target_port = 22
target_user = "deploy" # optional, defaults to principal
target_key_path = "/etc/bascule/target_key"
accept_target_host_key = false # dev only
SessionHandler hooks fire in both modes:
on_session_start, on_exec, on_session_end
Custom handlers can enforce policy regardless of mode
New file: proxy.rs (152 lines)
UpstreamHandler — minimal russh client handler
connect_upstream — connects + authenticates to target
bridge_upstream_to_client — bidirectional I/O bridge
Binary: 6.3MB, zero substrate deps.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New crate: bascule-auth-agent-id
Microsoft Entra Agent ID authentication for AI agents
Validates OAuth tokens against Entra JWKS (60min cache)
Extracts agent metadata: type, blueprint, sponsor, scopes
Detects on-behalf-of (delegated) agents
Token-as-password pattern for SSH auth
Cleanup:
Removed all governance-specific references from comments
SessionHandler trait is the only extension point
Zero substrate/chronicle/gsap dependencies
Config example uses neutral terminology
Config:
[auth.agent_id] section for Entra configuration
tenant_id, audiences, multi_tenant fields
3 crates: bascule-core, bascule-server, bascule-auth-agent-id
938 lines total, 5.6MB binary, 0 substrate deps.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
