A Model Context Protocol (MCP) server that enables AI models to manage SSH connections and execute commands on remote machines without repeatedly entering credentials. Built with FastMCP and Paramiko for cross-platform compatibility.
- 🔐 Multiple Authentication Methods: Support both password and SSH key authentication
- 🔄 Persistent Connections: Create and maintain SSH connections across multiple operations
- 📁 File Transfer: Upload and download files between local and remote machines
- ⚙️ Flexible Configuration: Three ways to configure connections (global config, server args, or dynamic)
- 🌐 Multi-Connection Support: Manage multiple remote hosts simultaneously
- 🛠️ Simple MCP Tools: Easy-to-use tools for command execution and file operations
# Install with pip
pip install remoteshell-mcp
# Or install with uv
uv pip install remoteshell-mcp- Python 3.11 or higher
- uv package manager
# Clone the repository
git clone https://github.com/chouzz/remoteShell-mcp.git
cd remoteShell-mcp
# Install dependencies
uv sync
# The server is now ready to useThere are three ways to configure SSH connections:
Create a configuration file at ~/.remoteShell/config.json:
{
"connections": [
{
"id": "prod-server",
"host": "192.168.1.100",
"port": 22,
"user": "admin",
"auth_type": "password",
"password": "your_password"
},
{
"id": "dev-server",
"host": "192.168.1.101",
"port": 22,
"user": "developer",
"auth_type": "key",
"key_path": "~/.ssh/id_rsa"
}
]
}Security Note: Ensure this file has proper permissions:
chmod 600 ~/.remoteShell/config.jsonConfigure connections directly in your MCP client settings (see below for specific examples).
Create connections on-the-fly using the create_connection tool during a conversation with your AI assistant.
Add the following to your Claude Code MCP settings file (usually located at ~/Library/Application Support/Claude/claude_desktop_config.json on macOS):
{
"mcpServers": {
"remoteshell": {
"command": "uv",
"args": [
"--directory",
"/absolute/path/to/remoteShell-mcp",
"run",
"remoteshell-mcp"
]
}
}
}{
"mcpServers": {
"remoteshell": {
"command": "uv",
"args": [
"--directory",
"/absolute/path/to/remoteShell-mcp",
"run",
"remoteshell-mcp",
"--connections",
"[{\"id\":\"server1\",\"host\":\"192.168.1.100\",\"user\":\"admin\",\"auth_type\":\"password\",\"password\":\"secret\"}]"
]
}
}
}Or reference a configuration file:
{
"mcpServers": {
"remoteshell": {
"command": "uv",
"args": [
"--directory",
"/absolute/path/to/remoteShell-mcp",
"run",
"remoteshell-mcp",
"--connections",
"/path/to/your/connections.json"
]
}
}
}Add the following to your Cursor settings (Settings → Features → MCP):
{
"mcpServers": {
"remoteshell": {
"command": "uv",
"args": [
"--directory",
"/absolute/path/to/remoteShell-mcp",
"run",
"remoteshell-mcp"
]
}
}
}{
"mcpServers": {
"remoteshell": {
"command": "uv",
"args": [
"--directory",
"/absolute/path/to/remoteShell-mcp",
"run",
"remoteshell-mcp",
"--connections",
"/path/to/your/connections.json"
]
}
}
}Note: Replace /absolute/path/to/remoteShell-mcp with the actual absolute path to this repository on your system.
Create a new SSH connection to a remote host.
Parameters:
host(required): Remote host address (IP or domain)user(required): Username for authenticationport(optional): SSH port (default: 22)password(optional): Password for authenticationkey_path(optional): Path to SSH private key fileconnection_id(optional): Custom connection ID (auto-generated if not provided)
Example Usage:
Create a connection to 192.168.1.100 with username admin and password secret123
Execute a command on a remote host.
Parameters:
connection_id(required): ID of the connection to usecommand(required): Command to executetimeout(optional): Command timeout in secondsworking_dir(optional): Working directory for command execution
Example Usage:
Execute "ls -la /home" on prod-server
Upload a file from local machine to remote host.
Parameters:
connection_id(required): ID of the connection to uselocal_path(required): Path to local fileremote_path(required): Destination path on remote host
Example Usage:
Upload /tmp/config.txt to /etc/app/config.txt on prod-server
Download a file from remote host to local machine.
Parameters:
connection_id(required): ID of the connection to useremote_path(required): Path to file on remote hostlocal_path(required): Destination path on local machine
Example Usage:
Download /var/log/app.log from prod-server to /tmp/app.log
List all available connections (both active and pre-configured).
Example Usage:
Show me all available connections
Close an active SSH connection.
Parameters:
connection_id(required): ID of the connection to close
Example Usage:
Close the connection to prod-server
-
List available connections:
Show me all configured connections -
Execute a command:
Run "df -h" on prod-server -
Create a new connection dynamically:
Connect to 192.168.1.200 with username ubuntu using SSH key at ~/.ssh/mykey.pem, call it web-server -
Upload a file:
Upload my local file /tmp/data.csv to /home/user/data.csv on web-server -
Download a file:
Download /var/log/nginx/access.log from web-server to ~/Downloads/access.log
Execute commands in a specific directory:
Run "npm install" on dev-server in the /var/www/myapp directory
Check system resources on multiple servers:
Check disk space on prod-server and dev-server
Batch file operations:
Upload all .conf files from /etc/local to /etc/remote on backup-server
-
Credential Storage:
- Store passwords and keys securely
- Use file permissions to protect config files (chmod 600)
- Consider using SSH keys instead of passwords when possible
-
SSH Key Authentication:
- More secure than password authentication
- Keys can be password-protected for additional security
- Use different keys for different hosts when possible
-
Connection Timeouts:
- Set appropriate timeouts to prevent hanging connections
- Connections automatically reconnect if they drop
-
Global Config File:
- Located at
~/.remoteShell/config.json - Should have restrictive permissions (600)
- Consider encrypting sensitive data at rest
- Located at
Problem: "Authentication failed"
- Solution: Verify username and password/key path are correct
- Solution: Ensure SSH key has proper permissions (chmod 600)
Problem: "Connection timed out"
- Solution: Check if host is reachable (ping)
- Solution: Verify firewall rules allow SSH connections
- Solution: Confirm SSH service is running on remote host
Problem: "SSH key file not found"
- Solution: Use absolute path or expand ~ properly
- Solution: Verify file exists and is readable
Problem: "Permission denied" during upload
- Solution: Check write permissions on remote directory
- Solution: Ensure remote user has necessary permissions
Problem: "No such file or directory" during download
- Solution: Verify remote file path is correct
- Solution: Check if file exists on remote host
uv run pytestremoteShell-mcp/
├── src/
│ └── remoteshell_mcp/
│ ├── __init__.py
│ ├── server.py # FastMCP server with tools
│ ├── connection_manager.py # SSH connection management
│ ├── ssh_client.py # Paramiko wrapper
│ └── config_loader.py # Configuration handling
├── config.example.json # Example configuration
├── pyproject.toml # Project dependencies
└── README.md # This file
MIT License - See LICENSE file for details
Contributions are welcome! Please feel free to submit a Pull Request.
For issues, questions, or contributions, please open an issue on the GitHub repository.