{"id":"tufantunc-ssh-mcp","name":"ssh-mcp","homepage":null,"repo_url":"https://github.com/tufantunc/ssh-mcp","category":"devtools","subcategories":[],"tags":["mcp","ssh","remote-exec","automation","typescript","command-runner"],"what_it_does":"ssh-mcp is a local MCP (Model Context Protocol) server that connects to a remote Linux/Windows host over SSH and exposes tools to run remote shell commands (exec and sudo-exec) from an MCP client.","use_cases":["Letting an MCP-enabled agent run administrative or operational commands on remote servers","Remote execution via natural language using MCP tool calls","Automating recurring troubleshooting tasks over SSH","Controlled command execution with configurable timeout and input length limits"],"not_for":["Unrestricted, internet-exposed remote command execution from untrusted inputs","High-assurance production automation without additional guardrails/auditing","Interactive long-running sessions that require streamed I/O beyond simple exec outputs","Use cases requiring robust tenant isolation or fine-grained per-command authorization"],"best_when":"You have an authenticated MCP client and want a convenient way to execute bounded, timeout-controlled SSH commands on a known set of servers.","avoid_when":"When commands or connection parameters could be influenced by untrusted users, or when you need strict auditing, least-privilege command authorization, or tenant-level policy enforcement.","alternatives":["Use an established SSH automation framework (e.g., Ansible) with explicit playbooks","Run commands via a hardened command runner service with allowlists and audit logs","Use MCP servers that integrate with cloud-native tools (e.g., Kubernetes exec) with RBAC"],"af_score":52.5,"security_score":50.0,"reliability_score":37.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:33:06.773374+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["SSH password authentication","SSH key authentication"],"oauth":false,"scopes":false,"notes":"Authentication is to the remote host over SSH using a provided password or private key. There is no documented separate auth/authorization layer for the MCP client itself."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"MIT-licensed OSS package; pricing for hosting/usage depends on your environment."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":52.5,"security_score":50.0,"reliability_score":37.5,"mcp_server_quality":75.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":10.0,"tls_enforcement":80.0,"auth_strength":55.0,"scope_granularity":15.0,"dependency_hygiene":55.0,"secret_handling":45.0,"security_notes":"Communication with the SSH server is assumed encrypted (SSH), but TLS/transport specifics for the local MCP channel are not documented. The server supports password or SSH key auth to the target host. There is no documented MCP-level authorization, no scoped permissions, and no command allowlisting; this raises risk of arbitrary command execution if an agent is prompted with malicious instructions. Timeout and process abortion are mentioned for hanging commands, which is a helpful safety control. Secret handling details (e.g., whether args/logs expose passwords/sudo passwords) are not specified in the provided README.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":50.0,"error_recovery":45.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["sudo-exec requires sudoPassword and can be disabled entirely via --disableSudo","Command execution can be affected by --timeout (kills/aborts running processes) and --maxChars input length limits","No explicit allowlist/denylist or least-privilege model is documented—agents may be able to run arbitrary commands they are given"]}}