SSH
by
ssh-mcp-server is an SSH-based MCP (Model Context Protocol) server that allows remote execution of SSH commands via the MCP protocol, enabling AI assistants and other applications to safely operate remote servers.
SSH Overview
What is ssh-mcp-server?
ssh-mcp-server is a bridging tool that enables AI assistants and other applications supporting the MCP protocol to execute remote SSH commands through a standardized interface. This allows AI assistants to safely operate remote servers, execute commands, and retrieve results without directly exposing SSH credentials to AI models.
How to use ssh-mcp-server?
ssh-mcp-server can be run directly using NPX without global installation. You can configure it using command-line options for host, port, username, password, private key, and passphrase. It supports password authentication, private key authentication, and private key with passphrase. You can also define command whitelists and blacklists using regular expressions to control executable commands. Multiple SSH connections can be configured and managed by name.
MCP Configuration Examples:
-
Using Password:
{ "mcpServers": { "ssh-mpc-server": { "command": "npx", "args": [ "-y", "@fangjunjie/ssh-mcp-server", "--host 192.168.1.1", "--port 22", "--username root", "--password pwd123456" ] } } } -
Using Private Key:
{ "mcpServers": { "ssh-mpc-server": { "command": "npx", "args": [ "-y", "@fangjunjie/ssh-mcp-server", "--host 192.168.1.1", "--port 22", "--username root", "--privateKey ~/.ssh/id_rsa" ] } } } -
Using Command Whitelist:
{ "mcpServers": { "ssh-mpc-server": { "command": "npx", "args": [ "-y", "@fangjunjie/ssh-mcp-server", "--host 192.168.1.1", "--port 22", "--username root", "--password pwd123456", "--whitelist ^ls( .*)?,^cat .*,^df.*" ] } } }
Multi-SSH Connection Example:
npx @fangjunjie/ssh-mcp-server \
--ssh "name=dev,host=1.2.3.4,port=22,user=alice,password=xxx" \
--ssh "name=prod,host=5.6.7.8,port=22,user=bob,password=yyy"
Key Features of ssh-mcp-server
- Secure Connections: Supports multiple secure SSH connection methods, including password authentication and private key authentication (with passphrase support).
- Command Security Control: Precisely control the range of allowed commands through flexible blacklist and whitelist mechanisms to prevent dangerous operations.
- Standardized Interface: Complies with MCP protocol specifications for seamless integration with AI assistants supporting the protocol.
- File Transfer: Supports bidirectional file transfers, uploading local files to servers or downloading files from servers.
- Credential Isolation: SSH credentials are managed entirely locally and never exposed to AI models, enhancing security.
- Ready to Use: Can be run directly using NPX without global installation, making it convenient and quick to deploy.
Use Cases of ssh-mcp-server
- AI Assistant Integration: AI assistants can securely execute remote SSH commands, manage servers, and retrieve data without direct access to SSH credentials.
- Automated Server Management: Automate tasks like deploying applications, running scripts, and managing files on remote servers.
- Secure Remote Operations: Perform sensitive operations on remote servers with controlled command execution and credential isolation.
- Development and Deployment: Streamline development and deployment workflows by enabling automated interactions with remote environments.
FAQ about ssh-mcp-server
Q: How does ssh-mcp-server ensure security? A: It supports secure SSH connection methods, uses command whitelists/blacklists for control, and isolates SSH credentials locally, never exposing them to AI models.
Q: Can I transfer files using ssh-mcp-server? A: Yes, it supports bidirectional file transfers, allowing you to upload files to servers or download files from servers.
Q: How can I restrict the commands that can be executed?
A: You can use the --whitelist and --blacklist parameters with regular expressions to define allowed and disallowed commands.
Q: Can I manage multiple SSH connections?
A: Yes, you can specify multiple SSH connections by passing multiple --ssh parameters, each with a unique name, and then specify the connectionName in your MCP tool calls.
SSH's README
π ssh-mcp-server
SSH-based MCP (Model Context Protocol) server that allows remote execution of SSH commands via the MCP protocol.
English Document | δΈζζζ‘£
π Project Overview
ssh-mcp-server is a bridging tool that enables AI assistants and other applications supporting the MCP protocol to execute remote SSH commands through a standardized interface. This allows AI assistants to safely operate remote servers, execute commands, and retrieve results without directly exposing SSH credentials to AI models.
β¨ Key Features
- π Secure Connections: Supports multiple secure SSH connection methods, including password authentication and private key authentication (with passphrase support)
- π‘οΈ Command Security Control: Precisely control the range of allowed commands through flexible blacklist and whitelist mechanisms to prevent dangerous operations
- π Standardized Interface: Complies with MCP protocol specifications for seamless integration with AI assistants supporting the protocol
- π File Transfer: Supports bidirectional file transfers, uploading local files to servers or downloading files from servers
- π Credential Isolation: SSH credentials are managed entirely locally and never exposed to AI models, enhancing security
- π Ready to Use: Can be run directly using NPX without global installation, making it convenient and quick to deploy
π¦ Open Source Repository
GitHub: https://github.com/classfang/ssh-mcp-server
NPM: https://www.npmjs.com/package/@fangjunjie/ssh-mcp-server
π οΈ Tools List
| Tool | Name | Description |
|---|---|---|
| execute-command | Command Execution Tool | Execute SSH commands on remote servers and get results |
| upload | File Upload Tool | Upload local files to specified locations on remote servers |
| download | File Download Tool | Download files from remote servers to local specified locations |
| list-servers | List Servers Tool | List all available SSH server configurations |
π Usage
π§ MCP Configuration Examples
βοΈ Command Line Options
Options:
-h, --host SSH server host address
-p, --port SSH server port
-u, --username SSH username
-w, --password SSH password
-k, --privateKey SSH private key file path
-P, --passphrase Private key passphrase (if any)
-W, --whitelist Command whitelist, comma-separated regular expressions
-B, --blacklist Command blacklist, comma-separated regular expressions
π Using Password
{
"mcpServers": {
"ssh-mpc-server": {
"command": "npx",
"args": [
"-y",
"@fangjunjie/ssh-mcp-server",
"--host 192.168.1.1",
"--port 22",
"--username root",
"--password pwd123456"
]
}
}
}
π Using Private Key
{
"mcpServers": {
"ssh-mpc-server": {
"command": "npx",
"args": [
"-y",
"@fangjunjie/ssh-mcp-server",
"--host 192.168.1.1",
"--port 22",
"--username root",
"--privateKey ~/.ssh/id_rsa"
]
}
}
}
π Using Private Key with Passphrase
{
"mcpServers": {
"ssh-mpc-server": {
"command": "npx",
"args": [
"-y",
"@fangjunjie/ssh-mcp-server",
"--host 192.168.1.1",
"--port 22",
"--username root",
"--privateKey ~/.ssh/id_rsa",
"--passphrase pwd123456"
]
}
}
}
π Using Command Whitelist and Blacklist
Use the --whitelist and --blacklist parameters to restrict the range of executable commands. Multiple patterns are separated by commas. Each pattern is a regular expression used to match commands.
Example: Using Command Whitelist
{
"mcpServers": {
"ssh-mpc-server": {
"command": "npx",
"args": [
"-y",
"@fangjunjie/ssh-mcp-server",
"--host 192.168.1.1",
"--port 22",
"--username root",
"--password pwd123456",
"--whitelist ^ls( .*)?,^cat .*,^df.*"
]
}
}
}
Example: Using Command Blacklist
{
"mcpServers": {
"ssh-mpc-server": {
"command": "npx",
"args": [
"-y",
"@fangjunjie/ssh-mcp-server",
"--host 192.168.1.1",
"--port 22",
"--username root",
"--password pwd123456",
"--blacklist ^rm .*,^shutdown.*,^reboot.*"
]
}
}
}
Note: If both whitelist and blacklist are specified, the system will first check whether the command is in the whitelist, and then check whether it is in the blacklist. The command must pass both checks to be executed.
𧩠Multi-SSH Connection Example
You can specify multiple SSH connections by passing multiple --ssh parameters, each with a unique name:
npx @fangjunjie/ssh-mcp-server \
--ssh "name=dev,host=1.2.3.4,port=22,user=alice,password=xxx" \
--ssh "name=prod,host=5.6.7.8,port=22,user=bob,password=yyy"
In MCP tool calls, specify the connection name via the connectionName parameter. If omitted, the default connection is used.
Example (execute command on 'prod' connection):
{
"tool": "execute-command",
"params": {
"cmdString": "ls -al",
"connectionName": "prod"
}
}
ποΈ List All SSH Servers
You can use the MCP tool list-servers to get all available SSH server configurations:
Example call:
{
"tool": "list-servers",
"params": {}
}
Example response:
[
{ "name": "dev", "host": "1.2.3.4", "port": 22, "username": "alice" },
{ "name": "prod", "host": "5.6.7.8", "port": 22, "username": "bob" }
]
SSH Reviews
Login Required
Please log in to share your review and rating for this MCP.
Actions
SSH's Information
- Author
- classfang
- Category
- Automation
- Language
- TypeScript
- License
- ISC License
- Version
- v1.1.0
- Stars
- 26
- Updated
- about 1 month ago