A Claude plugin that enables SSH remote command execution capabilities by integrating with ssh-mcp-server.

• 🔒 Secure SSH Connections: Supports both password and private key authentication
• 🛡️ Command Security Control: Whitelist/blacklist mechanism to control executable commands
• 📂 File Transfer: Upload and download files to/from servers
• 🔄 Multi-Server Support: Manage multiple SSH connections simultaneously
• 🌐 Proxy Support: SOCKS proxy support for connections

1. Clone or download this plugin to your local machine
2. Load this plugin in Claude

Edit the .claude-plugin/mcp.json file and add your SSH server configuration:

{
  "mcpServers": {
    "ssh-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@fangjunjie/ssh-mcp-server",
        "--host", "your-server-ip",
        "--port", "22",
        "--username", "your-username",
        "--password", "your-password"
      ]
    }
  }
}

{
  "mcpServers": {
    "ssh-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@fangjunjie/ssh-mcp-server",
        "--host", "your-server-ip",
        "--port", "22",
        "--username", "your-username",
        "--privateKey", "~/.ssh/id_rsa"
      ]
    }
  }
}

{
  "mcpServers": {
    "ssh-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@fangjunjie/ssh-mcp-server",
        "--host", "your-server-ip",
        "--port", "22",
        "--username", "your-username",
        "--password", "your-password",
        "--whitelist", "^ls( .*)?,^cat .*,^df.*,^pwd,^whoami"
      ]
    }
  }
}

{
  "mcpServers": {
    "ssh-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@fangjunjie/ssh-mcp-server",
        "--host", "your-server-ip",
        "--port", "22",
        "--username", "your-username",
        "--password", "your-password",
        "--blacklist", "^rm .*,^shutdown.*,^reboot.*"
      ]
    }
  }
}

Create a configuration file ssh-config.json:

[
  {
    "name": "dev",
    "host": "dev-server-ip",
    "port": 22,
    "username": "dev-user",
    "password": "dev-password"
  },
  {
    "name": "prod",
    "host": "prod-server-ip",
    "port": 22,
    "username": "prod-user",
    "privateKey": "~/.ssh/prod_key"
  }
]

Then reference it in mcp.json:

{
  "mcpServers": {
    "ssh-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@fangjunjie/ssh-mcp-server",
        "--config-file", "ssh-config.json"
      ]
    }
  }
}

After installing and configuring the plugin, you can perform the following operations through Claude:

Execute ls -la command on the server

Upload local file /path/to/local/file.txt to server /path/to/remote/

Download /path/to/remote/file.txt from server to local /path/to/local/

List all available SSH servers

Execute df -h command on prod server

Monitor your server's health and performance:

Check disk usage on the server
Show memory usage
Display running processes
Check system uptime

Analyze application logs remotely:

Show the last 50 lines of /var/log/nginx/access.log
Search for errors in /var/log/application.log
Count 404 errors in the access log

Manage deployments and services:

Check if nginx service is running
Restart the application service
Pull latest code from git repository
Check the current git branch

Transfer and manage files:

Upload my local config.json to /etc/app/config.json on the server
Download the database backup from /backups/db.sql to my local machine
List all files in /var/www/html directory

Perform database tasks:

Create a MySQL database backup
Check PostgreSQL connection status
Show database size

Review security configurations:

List all users with sudo privileges
Check firewall rules
Show failed login attempts
Review SSH configuration

Work across different environments:

Check the application version on dev server
Compare configuration between dev and prod servers
Deploy to staging environment

Generate system reports:

Create a system health report including CPU, memory, and disk usage
Generate a list of installed packages
Show network connection statistics

• execute-command: Execute SSH commands on remote servers
• upload: Upload files to remote servers
• download: Download files from remote servers
• list-servers: List all available SSH server configurations

1. Use Command Whitelist: Strongly recommended to configure --whitelist parameter to limit executable commands
2. Protect Private Keys: Ensure private key file permissions are correct (600)
3. Avoid Plain Text Passwords: Prefer private key authentication over password authentication
4. Regular Audits: Regularly review command execution history
5. Principle of Least Privilege: Use user accounts with minimal permissions

• Check if server IP, port, username, and password are correct
• Confirm SSH service is running on the server
• Check firewall settings

• Confirm private key file path is correct
• Check private key file permissions (should be 600)
• If private key has a password, ensure --passphrase parameter is provided

• Check if command matches whitelist rules
• Check if command is in the blacklist
• Confirm user has permission to execute the command

• ssh-mcp-server GitHub
• ssh-mcp-server NPM

MIT