A Model Context Protocol (MCP) server for managing Linux servers via SSH. This server provides tools for executing commands, managing files, monitoring services, and analyzing logs on remote Linux systems.
- Copy the environment file and configure your SSH credentials:
cp env.example .env
# Edit .env with your SSH server details- Build and run with Docker Compose:
docker compose up -d- Install dependencies:
pip install -r requirements.txt- Set environment variables:
export SSH_HOST=your-server.example.com
export SSH_USER=root
export SSH_PASSWORD=your_password
# OR
export SSH_KEY_FILE=/path/to/private/key- Run the server:
python -m ssh_mcp_server.serverAdd the following configuration to your anythingllm_mcp_servers.json:
{
"mcpServers": {
"ssh-mcp-server": {
"name": "SSH MCP Server",
"type": "streamable",
"url": "http://ssh-mcp-server:8000/mcp",
"auth_token": null,
"enabled": true
}
}
}| Variable | Description | Default |
|---|---|---|
SSH_HOST |
Target server hostname or IP | localhost |
SSH_USER |
SSH username | root |
SSH_PASSWORD |
SSH password | - |
SSH_KEY_FILE |
Path to SSH private key | - |
SSH_PORT |
SSH port | 22 |
SERVER_HOST |
MCP server bind address | 0.0.0.0 |
SERVER_PORT |
MCP server port | 8000 |
The server supports two authentication methods:
- Password Authentication: Set
SSH_PASSWORDin your environment - Key-based Authentication: Set
SSH_KEY_FILEto the path of your private key
# Test SSH connection
test_ssh_connection(
hostname="server.example.com",
username="root",
password="your_password"
)# Execute a simple command
execute_command("ls -la /var/log")
# Execute with sudo
execute_command("systemctl status nginx", use_sudo=True)# Read a file
read_file("/etc/nginx/nginx.conf")
# Write to a file
write_file("/tmp/test.txt", "Hello World!")
# List directory contents
list_directory("/var/log")# Check service status
get_service_status("nginx")
# Start a service
start_service("nginx")
# Stop a service
stop_service("nginx")
# Restart a service
restart_service("nginx")# List all processes
list_processes()
# List specific processes
list_processes(filter_by="nginx")
# Kill a process
kill_process("12345", signal="TERM")# Check if port is open
check_port(80)
# Get network connections
get_network_connections()# Tail a log file
tail_log("/var/log/nginx/access.log", lines=100)
# Search in logs
search_log("/var/log/nginx/error.log", "error")- Use SSH key-based authentication when possible
- Limit SSH access to specific users and IPs
- Regularly rotate SSH keys and passwords
- Monitor SSH access logs
- Use sudo judiciously and limit sudo privileges
- Authentication Failed: Check username, password, or key file
- Connection Refused: Verify SSH service is running and port is correct
- Host Key Verification: Ensure the server's host key is trusted
- File Access Denied: Check file permissions and ownership
- Sudo Required: Use
use_sudo=Truefor privileged operations - Service Management: Ensure user has appropriate systemd permissions
- Slow Commands: Increase timeout values for long-running commands
- Connection Timeouts: Check network connectivity and server load
- Resource Usage: Monitor server resources during operations
The server exposes the following MCP tools:
test_ssh_connection: Test SSH connectivityget_server_info: Get system informationexecute_command: Execute commandsread_file: Read file contentswrite_file: Write file contentslist_directory: List directory contentsget_service_status: Check service statusstart_service: Start a servicestop_service: Stop a servicerestart_service: Restart a servicelist_processes: List running processeskill_process: Kill a processcheck_port: Check port statusget_network_connections: Get network connectionstail_log: Tail log filessearch_log: Search log files
This project is licensed under the MIT License.