ssh-mcp
Enables AI assistants to execute shell commands and transfer files via SFTP across remote servers using existing SSH configurations. It supports parallel execution on server groups and provides built-in safety warnings for potentially destructive commands.
README
ssh-mcp
SSH MCP server that lets AI assistants execute commands on remote servers.
What is this
ssh-mcp is a Model Context Protocol server that gives AI assistants like Claude direct access to your SSH infrastructure. Once configured, Claude can run commands, transfer files, and query server groups across your fleet without leaving the conversation.
Connection details are read from your existing ~/.ssh/config. No credentials are stored in the MCP configuration.
Features
- Run shell commands on individual servers or across entire groups in parallel
- SFTP file upload and download over the existing SSH session
- Connection pooling — reuses SSH connections across tool calls
- Dangerous command detection — warns before executing destructive operations
- Server groups for organizing hosts (production, staging, per-service)
- SSH config integration — reads host, port, user, and identity from
~/.ssh/config - Custom config path via
SSH_MCP_CONFIGenvironment variable
Quick Start
Install
# Run directly with uvx (no install required)
uvx ssh-mcp
# Or install with pip
pip install ssh-mcp
Requires Python 3.11+. Install uv to use uvx.
Create a config file
mkdir -p ~/.config/ssh-mcp
cp config/servers.example.toml ~/.config/ssh-mcp/servers.toml
Edit ~/.config/ssh-mcp/servers.toml and add your servers. Server names must match Host entries in ~/.ssh/config.
Add to Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or the equivalent on your platform:
{
"mcpServers": {
"ssh-mcp": {
"command": "uvx",
"args": ["ssh-mcp"]
}
}
}
To use a non-default config path, pass the environment variable:
{
"mcpServers": {
"ssh-mcp": {
"command": "uvx",
"args": ["ssh-mcp"],
"env": {
"SSH_MCP_CONFIG": "/path/to/servers.toml"
}
}
}
}
Restart Claude Desktop after editing the config.
Add to Claude Code
If you use Claude Code instead of Claude Desktop, you can set everything up from the terminal:
# 1. Add the MCP server
claude mcp add ssh-mcp -- uvx ssh-mcp
# 2. Create the config directory and copy the example
mkdir -p ~/.config/ssh-mcp
curl -sL https://raw.githubusercontent.com/blackaxgit/ssh-mcp/main/config/servers.example.toml \
> ~/.config/ssh-mcp/servers.toml
# 3. Edit with your servers (server names must match ~/.ssh/config Host entries)
${EDITOR:-nano} ~/.config/ssh-mcp/servers.toml
# 4. Restrict permissions
chmod 600 ~/.config/ssh-mcp/servers.toml
To use a custom config path:
claude mcp add ssh-mcp -e SSH_MCP_CONFIG=/path/to/servers.toml -- uvx ssh-mcp
Configuration
Config file location (checked in order):
$SSH_MCP_CONFIGenvironment variable~/.config/ssh-mcp/servers.toml(default)config/servers.tomlrelative to the package (development only)
Example servers.toml:
[settings]
ssh_config_path = "~/.ssh/config"
command_timeout = 30
max_output_bytes = 51200
connection_idle_timeout = 300
known_hosts = true
[groups]
production = { description = "Production servers" }
staging = { description = "Staging servers" }
[servers.web-prod-01]
description = "Production web server"
groups = ["production"]
[servers.web-staging-01]
description = "Staging web server"
groups = ["staging"]
jump_host = "bastion"
[servers.db-prod-01]
description = "Production database"
groups = ["production"]
user = "dbadmin"
Per-server overrides (user, jump_host) take precedence over ~/.ssh/config. See config/servers.example.toml for the full reference.
Restrict config file permissions to your user:
chmod 600 ~/.config/ssh-mcp/servers.toml
Available Tools
| Tool | Description |
|---|---|
list_servers |
List configured servers; optionally filter by group |
list_groups |
List server groups with member counts |
execute |
Run a shell command on a single server |
execute_on_group |
Run a command on all servers in a group (parallel) |
upload_file |
Upload a local file to a server via SFTP |
download_file |
Download a file from a server via SFTP |
Security
ssh-mcp warns before running commands that match known destructive patterns (rm -rf, disk wipes, shutdown). These are informational warnings — the AI assistant can still proceed if the operator confirms. Hard blocking is not enforced by design; access control is the operator's responsibility via SSH permissions on the target host.
Host key verification is on by default (known_hosts = true). Disabling StrictHostKeyChecking in ~/.ssh/config weakens MITM protection and should be avoided in production.
For vulnerability reports, see SECURITY.md. Do not open public GitHub issues for security concerns.
Development
git clone https://github.com/blackaxgit/ssh-mcp.git
cd ssh-mcp
uv sync --extra dev
uv run pytest
uv run ruff check .
See CONTRIBUTING.md for guidelines on making changes and submitting pull requests.
Changelog
See CHANGELOG.md.
License
Mozilla Public License 2.0. See LICENSE.
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。
Neon MCP Server
用于与 Neon 管理 API 和数据库交互的 MCP 服务器
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。