ssh-mcp-server
An MCP server that enables remote SSH command execution and bidirectional file transfers through a standardized interface. It allows AI assistants to securely manage remote servers while keeping credentials isolated and applying command-level security controls.
README
ssh-mcp-server
SSH-based MCP (Model Context Protocol) server for remote command execution and file transfer.
This fork adds optional AstrBot admin validation for all exposed MCP tools.
Links
Features
- Execute SSH commands through MCP
- Upload files to remote hosts
- Download files from remote hosts
- List configured SSH servers
- Support password, private key, and
~/.ssh/config - Support command whitelist and blacklist
- Optional AstrBot admin validation via
operatorId
Tools
execute-commanduploaddownloadlist-servers
Install
Recommended for AstrBot
For long-running stdio MCP servers, global install is more stable than letting
AstrBot invoke npx every time.
npm install -g @ruawd/ssh-mcp@1.3.4
Then use ssh-mcp as the command in AstrBot.
One-shot usage
npx -y @ruawd/ssh-mcp@1.3.4 --host 192.168.1.1 --port 22 --username root --password pwd123456
AstrBot MCP Examples
Global install
{
"mcpServers": {
"sshmcp": {
"command": "ssh-mcp",
"args": [
"--host",
"192.168.1.1",
"--port",
"22",
"--username",
"root",
"--password",
"pwd123456"
]
}
}
}
Use npx
{
"mcpServers": {
"sshmcp": {
"command": "npx",
"args": [
"-y",
"@ruawd/ssh-mcp@1.3.4",
"--host",
"192.168.1.1",
"--port",
"22",
"--username",
"root",
"--password",
"pwd123456"
]
}
}
}
Private key example
{
"mcpServers": {
"sshmcp": {
"command": "ssh-mcp",
"args": [
"--host",
"192.168.1.1",
"--port",
"22",
"--username",
"root",
"--privateKey",
"~/.ssh/id_rsa"
]
}
}
}
Use ~/.ssh/config
{
"mcpServers": {
"sshmcp": {
"command": "ssh-mcp",
"args": [
"--host",
"myserver"
]
}
}
}
If ~/.ssh/config contains:
Host myserver
HostName 192.168.1.1
Port 22
User root
IdentityFile ~/.ssh/id_rsa
the server will load those defaults automatically.
CLI Options
--config-file JSON configuration file path
--ssh-config-file SSH config file path
--ssh SSH connection config in JSON or legacy format
-h, --host SSH host or host alias from ssh config
-p, --port SSH port
-u, --username SSH username
-w, --password SSH password
-k, --privateKey SSH private key path
-P, --passphrase Private key passphrase
-W, --whitelist Command whitelist (comma-separated regex)
-B, --blacklist Command blacklist (comma-separated regex)
-s, --socksProxy SOCKS proxy URL
--pty Allocate pseudo-tty for command execution
--pre-connect Pre-connect configured SSH servers on startup
--require-astrbot-admin Require operatorId to match allowed admin IDs
--admin-ids Comma-separated admin IDs, e.g. 10001,10002
--astrbot-config-file Path to AstrBot data/config/cmd_config.json
AstrBot Admin Validation
This fork can restrict all MCP tools to specific AstrBot administrator IDs.
When enabled, each tool call must include an operatorId.
Two ways to configure administrators:
- Directly provide
--admin-ids - Read
admins_idfrom AstrBotcmd_config.json
If --admin-ids is present, it takes priority over --astrbot-config-file.
Example with direct admin IDs
{
"mcpServers": {
"sshmcp": {
"command": "ssh-mcp",
"args": [
"--host",
"103.117.136.155",
"--port",
"22",
"--username",
"root",
"--password",
"your-password",
"--require-astrbot-admin",
"--admin-ids",
"1738068535,2653839788"
]
}
}
}
Example reading AstrBot config
{
"mcpServers": {
"sshmcp": {
"command": "ssh-mcp",
"args": [
"--config-file",
"/path/to/ssh-config.json",
"--require-astrbot-admin",
"--astrbot-config-file",
"/path/to/AstrBot/data/config/cmd_config.json"
]
}
}
}
Tool call example
{
"tool": "execute-command",
"params": {
"cmdString": "ls -al",
"connectionName": "prod",
"operatorId": "1738068535"
}
}
Important Limitation
AstrBot native MCP integration does not automatically pass the current sender ID to a stdio MCP server.
That means:
- this MCP server can validate
operatorId - but something upstream still needs to inject the real sender ID
If you are using AstrBot, pair this server with
astrbot_plugin_mcp_id_injector, or use your own proxy plugin.
Security Notes
- Prefer SSH private keys over passwords
- Configure a whitelist for production use
- Do not expose the server to untrusted callers
- Be careful with upload/download target paths
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.