npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

regolet-ssh-mcp

v1.1.6

Published

MCP server for remote SSH operations — execute commands, transfer files, and manage connections via password auth. Works with any MCP-compatible AI agent, IDE, or terminal.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

regoletregolet

Keywords

mcpsshremotemodel-context-protocolaiagentautomationsftpterminal

Readme

regolet-ssh-mcp

MCP (Model Context Protocol) server for remote SSH operations. Execute commands, transfer files, and manage SSH connections — all through AI agents, IDEs, or any MCP-compatible client.

Uses the ssh2 library (pure JavaScript, no native dependencies) with password authentication for reliable, secure connections.

Quick Start

npx regolet-ssh-mcp

Features

| Tool | Description | |------|-------------| | ssh_connect | Connect to a server (supports jump host / bastion tunneling) | | ssh_disconnect | Disconnect from a server | | ssh_execute | Execute shell commands with full stdout/stderr output | | ssh_upload | Write file content to the remote server (SFTP) | | ssh_download | Read file content from the remote server (SFTP) | | ssh_list_dir | List directory contents with permissions & sizes | | ssh_list_connections | List all active SSH connections | | ssh_status | Check connection status (shows jump host path if used) | | ssh_list_hosts | List all saved/configured SSH hosts | | ssh_find_host | Search hosts by name, description, or tags | | ssh_connect_host | Connect to a saved host by name (auto-uses jump host if configured) | | ssh_add_host | Save a host to the encrypted database (supports jump host config) | | ssh_remove_host | Remove a host from the encrypted database |

Jump Host / Bastion Support

Connect to servers behind a firewall through an intermediary (bastion/jump host). The connection is tunneled: Client → Jump Host → Target Server.

Direct connection with jump host

Tool: ssh_connect
Input: {
  "host": "10.0.0.50",
  "username": "admin",
  "password": "targetpass",
  "jumpHost": {
    "host": "bastion.mycompany.com",
    "username": "jumpuser",
    "password": "jumppass"
  }
}

Save a host with jump host (encrypted)

Tool: ssh_add_host
Input: {
  "name": "internal-db",
  "host": "10.0.0.50",
  "username": "admin",
  "password": "dbpass",
  "description": "Internal database behind bastion",
  "tags": ["database", "internal"],
  "jumpHost": {
    "host": "bastion.mycompany.com",
    "username": "jumpuser",
    "password": "jumppass"
  }
}

Then just connect by name — the jump host is used automatically:

Tool: ssh_connect_host
Input: { "name": "internal-db" }

Agent workflow with jump host

You: "Check the internal database server"

Agent → ssh_find_host("database")       → finds "internal-db" (jumpHost: jumpuser@bastion:22)
Agent → ssh_connect_host("internal-db") → tunnels through bastion automatically
Agent → ssh_execute("psql -c 'SELECT version()'")

Usage Examples

Save a host (encrypted)

Tool: ssh_add_host
Input: { "name": "router", "host": "192.168.1.1", "username": "root", 
         "password": "pass123", "description": "OpenWrt Router", 
         "tags": ["network", "firewall"] }

Connect by name

Tool: ssh_connect_host
Input: { "name": "router" }

Execute a command

Tool: ssh_execute
Input: { "command": "uptime && df -h" }

Read a config file

Tool: ssh_download
Input: { "remotePath": "/etc/nginx/nginx.conf" }

Write a file

Tool: ssh_upload
Input: { "remotePath": "/tmp/deploy.sh", "content": "#!/bin/bash\necho 'deploying...'" }

Search for a server

Tool: ssh_find_host
Input: { "query": "database" }

Development

git clone https://github.com/youruser/regolet-ssh-mcp.git
cd regolet-ssh-mcp
npm install
node bin/cli.js

# Test with MCP Inspector
npx @modelcontextprotocol/inspector node bin/cli.js

Security

| Feature | Detail | |---------|--------| | Encrypted storage | Passwords stored in ~/.regolet-ssh/hosts.enc with AES-256-GCM | | Zero-config passwords | MCP config file contains no credentials when using encrypted database | | No command injection | Pure JS ssh2 library — no shell exec | | Jump host tunneling | Bastion connections use SSH forwardOut — no port exposure | | No network ports | Server communicates via stdio only | | Password-free output | ssh_list_hosts and ssh_find_host never expose passwords | | Configurable timeouts | Commands have timeouts to prevent hanging | | Input validation | All tool parameters validated via Zod schemas | | File permissions | Database file created with chmod 600 (owner-only read/write) |

License

MIT