npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@ruawd/ssh-mcp

v1.3.4

Published

SSH-based MCP server with optional AstrBot admin auth

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ruawdruawd

Keywords

sshmcpservercli

Readme

ssh-mcp-server

SSH-based MCP (Model Context Protocol) server for remote command execution and file transfer.

This fork adds optional AstrBot admin validation for all exposed MCP tools.

Chinese README

Links

Features

  • Execute SSH commands through MCP
  • Upload files to remote hosts
  • Download files from remote hosts
  • List configured SSH servers
  • Support password, private key, and ~/.ssh/config
  • Support command whitelist and blacklist
  • Optional AstrBot admin validation via operatorId

Tools

  • execute-command
  • upload
  • download
  • list-servers

Install

Recommended for AstrBot

For long-running stdio MCP servers, global install is more stable than letting AstrBot invoke npx every time.

npm install -g @ruawd/[email protected]

Then use ssh-mcp as the command in AstrBot.

One-shot usage

npx -y @ruawd/[email protected] --host 192.168.1.1 --port 22 --username root --password pwd123456

AstrBot MCP Examples

Global install

{
  "mcpServers": {
    "sshmcp": {
      "command": "ssh-mcp",
      "args": [
        "--host",
        "192.168.1.1",
        "--port",
        "22",
        "--username",
        "root",
        "--password",
        "pwd123456"
      ]
    }
  }
}

Use npx

{
  "mcpServers": {
    "sshmcp": {
      "command": "npx",
      "args": [
        "-y",
        "@ruawd/[email protected]",
        "--host",
        "192.168.1.1",
        "--port",
        "22",
        "--username",
        "root",
        "--password",
        "pwd123456"
      ]
    }
  }
}

Private key example

{
  "mcpServers": {
    "sshmcp": {
      "command": "ssh-mcp",
      "args": [
        "--host",
        "192.168.1.1",
        "--port",
        "22",
        "--username",
        "root",
        "--privateKey",
        "~/.ssh/id_rsa"
      ]
    }
  }
}

Use ~/.ssh/config

{
  "mcpServers": {
    "sshmcp": {
      "command": "ssh-mcp",
      "args": [
        "--host",
        "myserver"
      ]
    }
  }
}

If ~/.ssh/config contains:

Host myserver
    HostName 192.168.1.1
    Port 22
    User root
    IdentityFile ~/.ssh/id_rsa

the server will load those defaults automatically.

CLI Options

--config-file             JSON configuration file path
--ssh-config-file         SSH config file path
--ssh                     SSH connection config in JSON or legacy format
-h, --host                SSH host or host alias from ssh config
-p, --port                SSH port
-u, --username            SSH username
-w, --password            SSH password
-k, --privateKey          SSH private key path
-P, --passphrase          Private key passphrase
-W, --whitelist           Command whitelist (comma-separated regex)
-B, --blacklist           Command blacklist (comma-separated regex)
-s, --socksProxy          SOCKS proxy URL
--pty                     Allocate pseudo-tty for command execution
--pre-connect             Pre-connect configured SSH servers on startup
--require-astrbot-admin   Require operatorId to match allowed admin IDs
--admin-ids               Comma-separated admin IDs, e.g. 10001,10002
--astrbot-config-file     Path to AstrBot data/config/cmd_config.json

AstrBot Admin Validation

This fork can restrict all MCP tools to specific AstrBot administrator IDs.

When enabled, each tool call must include an operatorId.

Two ways to configure administrators:

  1. Directly provide --admin-ids
  2. Read admins_id from AstrBot cmd_config.json

If --admin-ids is present, it takes priority over --astrbot-config-file.

Example with direct admin IDs

{
  "mcpServers": {
    "sshmcp": {
      "command": "ssh-mcp",
      "args": [
        "--host",
        "103.117.136.155",
        "--port",
        "22",
        "--username",
        "root",
        "--password",
        "your-password",
        "--require-astrbot-admin",
        "--admin-ids",
        "1738068535,2653839788"
      ]
    }
  }
}

Example reading AstrBot config

{
  "mcpServers": {
    "sshmcp": {
      "command": "ssh-mcp",
      "args": [
        "--config-file",
        "/path/to/ssh-config.json",
        "--require-astrbot-admin",
        "--astrbot-config-file",
        "/path/to/AstrBot/data/config/cmd_config.json"
      ]
    }
  }
}

Tool call example

{
  "tool": "execute-command",
  "params": {
    "cmdString": "ls -al",
    "connectionName": "prod",
    "operatorId": "1738068535"
  }
}

Important Limitation

AstrBot native MCP integration does not automatically pass the current sender ID to a stdio MCP server.

That means:

  • this MCP server can validate operatorId
  • but something upstream still needs to inject the real sender ID

If you are using AstrBot, pair this server with astrbot_plugin_mcp_id_injector, or use your own proxy plugin.

Security Notes

  • Prefer SSH private keys over passwords
  • Configure a whitelist for production use
  • Do not expose the server to untrusted callers
  • Be careful with upload/download target paths