An MCP (Model Context Protocol) server that provides SSH remote operations as tools, including command execution and file read/write via SFTP.
- Execute commands on remote servers via SSH
- Read and write files on remote servers via SFTP
- Manage multiple SSH connections
- Support SSH key from file path, config file, 1Password, or Consul KV
go install github.com/orvice/ssh-mcp@latestssh-mcp --ssh-key ~/.ssh/id_ed25519Set the OP_SERVICE_ACCOUNT_TOKEN environment variable and pass a secret reference:
export OP_SERVICE_ACCOUNT_TOKEN="your-token"
ssh-mcp --op-ssh-key "op://vault/item/private_key"Store your SSH key in Consul KV and pass the key path. Consul address is configured via CONSUL_HTTP_ADDR (default 127.0.0.1:8500):
ssh-mcp --consul-ssh-key "ssh/keys/my-server"ssh-mcp --config config.yaml| Flag | Description | Default |
|---|---|---|
--ssh-key |
Path to SSH private key file | |
--op-ssh-key |
1Password secret reference for SSH key (e.g. op://vault/item/private_key) |
|
--consul-ssh-key |
Consul KV path for SSH key (e.g. ssh/keys/my-server) |
|
--config |
Path to YAML config file | |
--listen |
Listen address | :8080 |
Priority: --op-ssh-key > --consul-ssh-key > --ssh-key / config file private_key.
private_key: ~/.ssh/id_rsa
listen: ":8080"| Tool | Description |
|---|---|
add_connection |
Add a new SSH connection (name, user, server, port) |
delete_connection |
Delete a connection by name |
list_connections |
List all stored connections |
exec_command |
Execute a command on a remote server |
read_file |
Read a file from a remote server via SFTP |
write_file |
Write a file to a remote server via SFTP |
MIT