Control your Linux VMs via SSH directly from OpenWebUI with automatic safety checks for destructive commands.
Copy the example config and edit it:
cp config.yaml.example config.yaml
nano config.yaml # or use your preferred editorAdd your VMs:
hosts:
vm1:
hostname: "192.168.1.100"
username: "root"
password: "yourpassword"
description: "My Server"docker compose up -d --build# Find your OpenWebUI network name
docker network ls | grep openwebui
# Connect the container (replace 'openwebui_default' with your network name)
docker network connect openwebui_default ssh-control-mcp- Open OpenWebUI → Workspace → Tools
- Click + Create Tool
- Copy and paste entire contents of
ssh_linux_control.py - Save
Done! 🎉
Ask OpenWebUI:
- "List my VMs"
- "Connect to vm1 and check disk space"
- "Show memory usage on vm1"
- "Run 'systemctl status nginx' on my server"
✅ Password-based SSH authentication (no keys needed)
✅ Automatic destructive command detection
✅ Sudo support (uses password from config)
✅ 40+ destructive command patterns detected
✅ Real-time command output
Commands like rm -rf, shutdown, systemctl stop, etc. require explicit confirmation:
- First attempt: Shows warning
- Retry with
confirmed=Trueto execute
Tool can't connect to server:
# Check container is running
docker ps | grep ssh-control-mcp
# Check logs
docker logs ssh-control-mcp
# Test API
curl http://localhost:3000/api/hostsIf OpenWebUI is containerized, ensure both containers are on the same network:
docker network connect <openwebui-network> ssh-control-mcpconfig.yaml.example- Example configuration (safe to commit)config.yaml- Your VM credentials (gitignored, DO NOT COMMIT)ssh_linux_control.py- OpenWebUI tool filedocker-compose.yml- Container configurationsrc/ssh_control_mcp/- MCP server & HTTP wrapper
config.yaml - it contains plain-text passwords
config.yaml.example as a template
MIT License - See LICENSE file for details