{"id":45856821,"url":"https://github.com/muchiny/mcp-ssh-bridge","last_synced_at":"2026-04-26T23:01:49.150Z","repository":{"id":338715933,"uuid":"1141845058","full_name":"muchiny/mcp-ssh-bridge","owner":"muchiny","description":"MCP server for secure SSH remote management — 337 tools across 74 groups for DevOps, Docker, Kubernetes, databases, systemd, Windows, cloud, compliance \u0026 more. Built in Rust.","archived":false,"fork":false,"pushed_at":"2026-04-22T16:23:22.000Z","size":3177,"stargazers_count":2,"open_issues_count":0,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-22T17:33:50.877Z","etag":null,"topics":["ai-tools","air-gapped","automation","claude","claude-code","compliance","devops","docker","infrastructure","kubernetes","mcp","mcp-server","model-context-protocol","monitoring","multi-protocol","remote-management","rust","security","ssh","windows"],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/muchiny.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-25T14:32:17.000Z","updated_at":"2026-04-22T16:23:27.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/muchiny/mcp-ssh-bridge","commit_stats":null,"previous_names":["muchiny/mcp-ssh-bridge"],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/muchiny/mcp-ssh-bridge","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchiny%2Fmcp-ssh-bridge","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchiny%2Fmcp-ssh-bridge/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchiny%2Fmcp-ssh-bridge/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchiny%2Fmcp-ssh-bridge/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/muchiny","download_url":"https://codeload.github.com/muchiny/mcp-ssh-bridge/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchiny%2Fmcp-ssh-bridge/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32315712,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-26T21:09:39.134Z","status":"ssl_error","status_checked_at":"2026-04-26T21:09:21.240Z","response_time":129,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-tools","air-gapped","automation","claude","claude-code","compliance","devops","docker","infrastructure","kubernetes","mcp","mcp-server","model-context-protocol","monitoring","multi-protocol","remote-management","rust","security","ssh","windows"],"created_at":"2026-02-27T04:18:39.932Z","updated_at":"2026-04-26T23:01:49.143Z","avatar_url":"https://github.com/muchiny.png","language":"Rust","readme":"# MCP SSH Bridge\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"dxt/icon.svg\" alt=\"MCP SSH Bridge\" width=\"96\" height=\"96\"\u003e\n\n[![CI](https://github.com/muchiny/mcp-ssh-bridge/actions/workflows/ci.yml/badge.svg)](https://github.com/muchiny/mcp-ssh-bridge/actions/workflows/ci.yml)\n[![Crates.io](https://img.shields.io/crates/v/mcp-ssh-bridge?style=flat-square\u0026logo=rust)](https://crates.io/crates/mcp-ssh-bridge)\n[![docs.rs](https://img.shields.io/docsrs/mcp-ssh-bridge?style=flat-square)](https://docs.rs/mcp-ssh-bridge)\n[![Downloads](https://img.shields.io/crates/d/mcp-ssh-bridge?style=flat-square)](https://crates.io/crates/mcp-ssh-bridge)\n[![License: MIT](https://img.shields.io/badge/License-MIT-green?style=flat-square)](LICENSE)\n[![MCP](https://img.shields.io/badge/MCP-2025--11--25-blueviolet?style=flat-square)](https://modelcontextprotocol.io)\n\n**A Rust MCP server for secure remote infrastructure management — 357 tools, 9 protocols.**\n\n```\nClaude Code  ◄──JSON-RPC──►  MCP SSH Bridge  ◄──9 protocols──►  Your Infrastructure\n```\n\n\u003c/div\u003e\n\n---\n\n## Table of Contents\n\n- [Features](#features)\n- [Quick Start](#quick-start)\n- [Architecture](#architecture)\n- [Configuration](#configuration)\n- [Tool Groups](#tool-groups)\n- [MCP Prompts \u0026 Resources](#mcp-prompts--resources)\n- [CLI Usage](#cli-usage)\n- [Daemon Mode](#daemon-mode)\n- [Troubleshooting](#troubleshooting)\n- [Development](#development)\n- [License](#license)\n\n---\n\n## Features\n\n- **357 tools, 75 groups** — manage Linux, Windows, Docker, Kubernetes, Podman, AWX, databases, LDAP, network equipment, certificates, and more\n- **9 protocol adapters** — SSH, WinRM, PSRP (PowerShell Remoting), Telnet, K8s Exec, Serial, AWS SSM, Azure, GCP\n- **Security-first** — command whitelist/blacklist, 62 secret-redaction patterns + entropy detection, tamper-proof session recording, opt-in MCP elicitation confirmation for destructive operations\n- **Auto-discovery** — reads `~/.ssh/config` automatically, merges with YAML config\n- **Smart output** — server-side `jq_filter` / `yq_filter` / `columns` / `limit`, TSV mode (60-80% token savings), pagination via `ssh_output_fetch`, per-client size limits (see [Token-efficient output](#token-efficient-output))\n- **Progressive MCP discovery** — three meta-tools (`mcp_list_tool_groups`, `mcp_search_tools`, `mcp_describe_tool`) let clients browse the registry on demand instead of loading all 357 schemas up front\n- **MCP Tasks support** — every tool advertises `taskSupport: \"optional\"`, enabling async cancellation and progress notifications for long-running operations\n- **CLI + MCP** — all tools available as CLI commands (10-32x token savings) or via MCP JSON-RPC\n- **Daemon mode** — Unix-socket transport for multi-client local usage; built-in `WinRmPool` (120 s TTL) and `K8sExecPool` (300 s TTL) amortize TLS handshakes across calls\n- **7500+ tests** — `#![forbid(unsafe_code)]`, Rust 2024 edition, strict clippy\n\n---\n\n## Quick Start\n\n### 1. Install\n\n```bash\n# Linux x86_64 (recommended)\ncurl -fsSL https://github.com/muchiny/mcp-ssh-bridge/releases/latest/download/mcp-ssh-bridge-linux-x86_64.tar.gz | tar xz\nsudo mv mcp-ssh-bridge /usr/local/bin/\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eOther platforms \u0026 methods\u003c/summary\u003e\n\n```bash\n# Linux aarch64 (Raspberry Pi, ARM servers)\ncurl -fsSL https://github.com/muchiny/mcp-ssh-bridge/releases/latest/download/mcp-ssh-bridge-linux-arm64.tar.gz | tar xz\nsudo mv mcp-ssh-bridge /usr/local/bin/\n\n# macOS (Apple Silicon)\ncurl -fsSL https://github.com/muchiny/mcp-ssh-bridge/releases/latest/download/mcp-ssh-bridge-macos-arm64.tar.gz | tar xz\nsudo mv mcp-ssh-bridge /usr/local/bin/\n\n# Docker\ndocker pull ghcr.io/muchiny/mcp-ssh-bridge:latest\n\n# From source\ngit clone https://github.com/muchiny/mcp-ssh-bridge \u0026\u0026 cd mcp-ssh-bridge \u0026\u0026 make release\n```\n\n**Claude Desktop (DXT):** download the `.dxt` file from [Releases](https://github.com/muchiny/mcp-ssh-bridge/releases/latest) and drag-and-drop into Claude Desktop.\n\n\u003c/details\u003e\n\n### 2. Configure\n\n```bash\nmkdir -p ~/.config/mcp-ssh-bridge\ncp config/config.example.yaml ~/.config/mcp-ssh-bridge/config.yaml\n```\n\nEdit `~/.config/mcp-ssh-bridge/config.yaml` with your hosts:\n\n```yaml\nhosts:\n  my-server:\n    hostname: 192.168.1.100\n    port: 22\n    user: admin\n    auth:\n      type: key\n      path: ~/.ssh/id_ed25519\n    description: \"My server\"\n```\n\n\u003e **Tip:** Hosts from `~/.ssh/config` are auto-discovered — you may not need to configure anything.\n\n### 3. Add to Claude Code\n\nAdd to `~/.claude/settings.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"ssh-bridge\": {\n      \"command\": \"mcp-ssh-bridge\"\n    }\n  }\n}\n```\n\n### 4. Verify\n\nRestart Claude Code, then ask: *\"Check the health of my-server\"* — or run:\n\n```bash\nmcp-ssh-bridge status\n```\n\n---\n\n## Architecture\n\nMCP SSH Bridge sits between Claude Code and your infrastructure. It routes commands through 9 protocol adapters with built-in security validation, output sanitization, and audit logging.\n\n```mermaid\ngraph LR\n    CC[Claude Code] --\u003e|JSON-RPC stdio or Unix socket| BR[MCP SSH Bridge]\n\n    BR --\u003e SEC[Security\u003cbr/\u003eValidator · Sanitizer · Audit]\n    SEC --\u003e ER[Executor Router]\n\n    subgraph \"Air-Gapped Protocols\"\n        ER --\u003e|SSH| P1[Linux / Windows\u003cbr/\u003eDocker · K8s · Network]\n        ER --\u003e|WinRM| P2[Windows]\n        ER --\u003e|PSRP| P2b[PowerShell Remoting]\n        ER --\u003e|Telnet| P3[Legacy Devices]\n    end\n\n    subgraph \"Infrastructure Protocols\"\n        ER --\u003e|K8s API| P6[K8s Exec]\n        ER --\u003e|Serial| P7[Serial Devices]\n    end\n\n    subgraph \"Cloud Protocols\"\n        ER --\u003e|SSM · Azure · GCP| P9[Cloud Instances]\n    end\n```\n\n---\n\n## Configuration\n\nConfig file: `~/.config/mcp-ssh-bridge/config.yaml` — see [config.example.yaml](config/config.example.yaml) for full reference.\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eAuthentication methods\u003c/strong\u003e\u003c/summary\u003e\n\n| Method | Config | Notes |\n|--------|--------|-------|\n| SSH Key | `type: key` + `path: ~/.ssh/id_ed25519` | Recommended. Supports optional `passphrase`. |\n| SSH Agent | `type: agent` | Uses `SSH_AUTH_SOCK`. Recommended. |\n| Password | `type: password` + `password: \"...\"` | Avoid if possible. |\n\nVerify your SSH access first: `ssh user@hostname \"echo OK\"`\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSecurity rules\u003c/strong\u003e\u003c/summary\u003e\n\nThree modes control which commands Claude can run:\n\n| Mode | Behavior |\n|------|----------|\n| `strict` | Only whitelisted commands allowed (safest) |\n| `standard` | Whitelist for `ssh_exec`, built-in tools only check blacklist (default) |\n| `permissive` | Only blacklist checked (most open) |\n\nThe **blacklist is always checked first** — matched commands are always denied.\n\n```yaml\nsecurity:\n  mode: standard\n  whitelist:\n    - \"^docker\\\\s+(ps|logs|inspect).*\"\n    - \"^kubectl\\\\s+(get|describe|logs).*\"\n    - \"^(ls|cat|head|tail|grep|df|free)\\\\s*.*\"\n  blacklist:\n    - \"rm\\\\s+(-[a-zA-Z]*r|--(recursive|force))\"\n    - \"mkfs\\\\.\"\n    - \"dd\\\\s+if=\"\n    - \"curl.*\\\\|.*sh\"\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eAdvanced hosts (jump hosts, SOCKS proxy, Windows, sudo)\u003c/strong\u003e\u003c/summary\u003e\n\n**Jump hosts (bastion):**\n\n```yaml\nhosts:\n  bastion:\n    hostname: bastion.example.com\n    user: admin\n    auth: { type: agent }\n\n  internal-db:\n    hostname: 10.0.0.5\n    proxy_jump: bastion\n    user: deploy\n    auth: { type: key, path: ~/.ssh/id_ed25519 }\n```\n\n**SOCKS proxy:**\n\n```yaml\nhosts:\n  behind-proxy:\n    hostname: 10.0.0.50\n    user: deploy\n    socks_proxy:\n      hostname: proxy.corp.com\n      port: 1080\n      version: socks5\n    auth: { type: key, path: ~/.ssh/id_ed25519 }\n```\n\n\u003e `proxy_jump` and `socks_proxy` are mutually exclusive on the same host.\n\n**Windows servers** — add `os_type: windows` to enable 74 Windows-specific tools:\n\n```yaml\nhosts:\n  windows-dc:\n    hostname: 192.168.1.200\n    user: Administrator\n    os_type: windows\n    shell: powershell\n    auth: { type: key, path: ~/.ssh/id_ed25519 }\n```\n\n**Sudo support:**\n\n```yaml\nhosts:\n  prod-server:\n    hostname: 192.168.1.100\n    user: deploy\n    sudo_password: \"your-sudo-password\"\n    auth: { type: key, path: ~/.ssh/id_ed25519 }\n```\n\n**SSH config auto-discovery** — hosts from `~/.ssh/config` are merged automatically. To exclude specific hosts:\n\n```yaml\nssh_config:\n  enabled: true\n  exclude: [personal-server]\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eLimits, sanitization \u0026 audit\u003c/strong\u003e\u003c/summary\u003e\n\n**Limits:**\n\n```yaml\nlimits:\n  command_timeout_seconds: 60\n  connection_timeout_seconds: 10\n  max_concurrent_commands: 5\n  max_output_chars: 20000          # 0 = unlimited\n  rate_limit_per_second: 0         # 0 = disabled\n  retry_attempts: 3\n  client_overrides:                # Per-client output limits\n    - name_contains: claude\n      max_output_chars: 80000\n```\n\nTruncated outputs include an `output_id` — use `ssh_output_fetch` to retrieve the full content page by page.\n\n**Output sanitization** — 56 built-in regex patterns + Shannon entropy detection for secrets:\n\n```yaml\nsecurity:\n  sanitize:\n    enabled: true\n    entropy_detection: true\n    entropy_threshold: 4.5\n    custom_patterns:\n      - pattern: \"INTERNAL_[A-Z0-9]{32}\"\n        replacement: \"[INTERNAL_REDACTED]\"\n```\n\n**Destructive-op confirmation** — opt-in gate that asks the user to confirm via MCP `elicitation/create` before any tool annotated `destructive_hint: true` (`ssh_terraform_apply`, `ssh_k8s_delete`, `ssh_cron_remove`, `ssh_win_update_reboot`, …) executes. Requires a client that advertises the elicitation capability (Claude Desktop, Claude Code):\n\n```yaml\nsecurity:\n  require_elicitation_on_destructive: true  # default: false\n```\n\n**Audit logging:**\n\n```yaml\naudit:\n  enabled: true\n  path: ~/.local/share/mcp-ssh-bridge/audit.log\n  max_size_mb: 100\n  retain_days: 30\n```\n\n**Session recording** — asciinema v2 format with HMAC-SHA256 hash-chain (SOC2, HIPAA, PCI-DSS):\n\n```yaml\nrecording:\n  enabled: true\n  path: ~/.local/share/mcp-ssh-bridge/recordings/\n  hash_chain: true\n  hash_key_env: MCP_RECORDING_KEY\n```\n\n\u003c/details\u003e\n\n---\n\n## Tool Groups\n\n357 tools organized in 75 groups — all enabled by default. Disable groups you don't need:\n\n```yaml\ntool_groups:\n  groups:\n    sessions: false\n    tunnels: false\n    database: false\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eLinux \u0026 cross-platform groups (41 groups)\u003c/strong\u003e\u003c/summary\u003e\n\n| Group | Tools |\n|-------|-------|\n| `core` | ssh_exec, ssh_exec_multi (with `diff` / `diff_baseline` / `normalize` for cross-host drift detection), ssh_status, ssh_health, ssh_history, ssh_output_fetch |\n| `config` | ssh_config_get, ssh_config_set |\n| `file_transfer` | ssh_upload, ssh_download, ssh_sync |\n| `file_ops` | ssh_file_read, ssh_file_write, ssh_file_chmod, ssh_file_chown, ssh_file_stat, ssh_file_diff, ssh_file_patch, ssh_file_template |\n| `sessions` | ssh_session_create, ssh_session_exec, ssh_session_list, ssh_session_close |\n| `monitoring` | ssh_metrics, ssh_metrics_multi, ssh_tail, ssh_disk_usage |\n| `tunnels` | ssh_tunnel_create, ssh_tunnel_list, ssh_tunnel_close |\n| `directory` | ssh_ls, ssh_find |\n| `database` | ssh_db_query, ssh_db_dump, ssh_db_restore |\n| `redis` | ssh_redis_info, ssh_redis_cli, ssh_redis_keys |\n| `postgresql` | ssh_postgresql_query, ssh_postgresql_status |\n| `mysql` | ssh_mysql_query, ssh_mysql_status |\n| `mongodb` | ssh_mongodb_status |\n| `backup` | ssh_backup_create, ssh_backup_list, ssh_backup_restore, ssh_backup_snapshot, ssh_backup_verify, ssh_backup_schedule |\n| `docker` | ssh_docker_ps, ssh_docker_logs, ssh_docker_inspect, ssh_docker_exec, ssh_docker_compose, ssh_docker_images, ssh_docker_stats, ssh_docker_volume_ls, ssh_docker_network_ls, ssh_docker_volume_inspect, ssh_docker_network_inspect |\n| `podman` | ssh_podman_ps, ssh_podman_logs, ssh_podman_inspect, ssh_podman_exec, ssh_podman_images, ssh_podman_compose |\n| `esxi` | ssh_esxi_vm_list, ssh_esxi_vm_info, ssh_esxi_vm_power, ssh_esxi_snapshot, ssh_esxi_host_info, ssh_esxi_datastore_list, ssh_esxi_network_list |\n| `kubernetes` | ssh_k8s_get, ssh_k8s_logs, ssh_k8s_describe, ssh_k8s_apply, ssh_k8s_delete, ssh_k8s_rollout, ssh_k8s_scale, ssh_k8s_exec, ssh_k8s_top, ssh_helm_list, ssh_helm_status, ssh_helm_upgrade, ssh_helm_install, ssh_helm_rollback, ssh_helm_history, ssh_helm_uninstall |\n| `git` | ssh_git_status, ssh_git_log, ssh_git_diff, ssh_git_pull, ssh_git_clone, ssh_git_branch, ssh_git_checkout |\n| `ansible` | ssh_ansible_playbook, ssh_ansible_inventory, ssh_ansible_adhoc |\n| `awx` | ssh_awx_status, ssh_awx_inventories, ssh_awx_inventory_hosts, ssh_awx_templates, ssh_awx_template_detail, ssh_awx_job_launch, ssh_awx_job_status, ssh_awx_job_summary, ssh_awx_job_stdout, ssh_awx_job_events, ssh_awx_job_follow, ssh_awx_job_cancel, ssh_awx_project_sync |\n| `terraform` | ssh_terraform_init, ssh_terraform_plan, ssh_terraform_apply, ssh_terraform_state, ssh_terraform_output |\n| `vault` | ssh_vault_status, ssh_vault_read, ssh_vault_list, ssh_vault_write |\n| `systemd` | ssh_service_status, ssh_service_start, ssh_service_stop, ssh_service_restart, ssh_service_list, ssh_service_logs, ssh_service_enable, ssh_service_disable, ssh_service_daemon_reload |\n| `systemd_timers` | ssh_timer_list, ssh_timer_info, ssh_timer_enable, ssh_timer_disable, ssh_timer_trigger |\n| `network` | ssh_net_connections, ssh_net_interfaces, ssh_net_routes, ssh_net_ping, ssh_net_traceroute, ssh_net_dns |\n| `process` | ssh_process_list, ssh_process_kill, ssh_process_top |\n| `package` | ssh_pkg_list, ssh_pkg_search, ssh_pkg_install, ssh_pkg_update, ssh_pkg_remove |\n| `firewall` | ssh_firewall_status, ssh_firewall_list, ssh_firewall_allow, ssh_firewall_deny |\n| `cron` | ssh_cron_list, ssh_cron_add, ssh_cron_remove |\n| `cron_analysis` | ssh_cron_analyze, ssh_cron_history, ssh_at_jobs |\n| `certificates` | ssh_cert_check, ssh_cert_info, ssh_cert_expiry |\n| `letsencrypt` | ssh_letsencrypt_status |\n| `nginx` | ssh_nginx_status, ssh_nginx_test, ssh_nginx_reload, ssh_nginx_list_sites |\n| `apache` | ssh_apache_status, ssh_apache_vhosts |\n| `user_management` | ssh_user_list, ssh_user_info, ssh_user_add, ssh_user_modify, ssh_user_delete, ssh_group_list, ssh_group_add, ssh_group_delete |\n| `storage` | ssh_storage_lsblk, ssh_storage_df, ssh_storage_mount, ssh_storage_umount, ssh_storage_lvm, ssh_storage_fdisk, ssh_storage_fstab |\n| `journald` | ssh_journal_query, ssh_journal_follow, ssh_journal_boots, ssh_journal_disk_usage |\n| `security_modules` | ssh_selinux_status, ssh_selinux_booleans, ssh_apparmor_status, ssh_apparmor_profiles, ssh_security_audit |\n| `network_equipment` | ssh_net_equip_show_run, ssh_net_equip_show_interfaces, ssh_net_equip_show_routes, ssh_net_equip_show_arp, ssh_net_equip_show_version, ssh_net_equip_show_vlans, ssh_net_equip_config, ssh_net_equip_save |\n| `ldap` | ssh_ldap_search, ssh_ldap_user_info, ssh_ldap_group_members, ssh_ldap_add, ssh_ldap_modify |\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eWindows groups (13 groups)\u003c/strong\u003e\u003c/summary\u003e\n\n| Group | Tools |\n|-------|-------|\n| `windows_services` | ssh_win_service_list, ssh_win_service_status, ssh_win_service_start, ssh_win_service_stop, ssh_win_service_restart, ssh_win_service_enable, ssh_win_service_disable, ssh_win_service_config |\n| `windows_events` | ssh_win_event_query, ssh_win_event_logs, ssh_win_event_sources, ssh_win_event_tail, ssh_win_event_export |\n| `active_directory` | ssh_ad_user_list, ssh_ad_user_info, ssh_ad_group_list, ssh_ad_group_members, ssh_ad_computer_list, ssh_ad_domain_info |\n| `scheduled_tasks` | ssh_schtask_list, ssh_schtask_info, ssh_schtask_run, ssh_schtask_enable, ssh_schtask_disable |\n| `windows_firewall` | ssh_win_firewall_status, ssh_win_firewall_list, ssh_win_firewall_allow, ssh_win_firewall_deny, ssh_win_firewall_remove |\n| `iis` | ssh_iis_list_sites, ssh_iis_list_pools, ssh_iis_status, ssh_iis_start, ssh_iis_stop, ssh_iis_restart |\n| `windows_updates` | ssh_win_update_list, ssh_win_update_search, ssh_win_update_install, ssh_win_update_history, ssh_win_update_reboot |\n| `windows_perf` | ssh_win_perf_overview, ssh_win_perf_cpu, ssh_win_perf_memory, ssh_win_perf_disk, ssh_win_perf_network, ssh_win_disk_usage |\n| `hyperv` | ssh_hyperv_vm_list, ssh_hyperv_vm_info, ssh_hyperv_vm_start, ssh_hyperv_vm_stop, ssh_hyperv_host_info, ssh_hyperv_switch_list, ssh_hyperv_snapshot_list, ssh_hyperv_snapshot_create |\n| `windows_registry` | ssh_reg_query, ssh_reg_list, ssh_reg_set, ssh_reg_delete, ssh_reg_export |\n| `windows_features` | ssh_win_feature_list, ssh_win_feature_info, ssh_win_feature_install, ssh_win_feature_remove |\n| `windows_network` | ssh_win_net_ip, ssh_win_net_adapters, ssh_win_net_connections, ssh_win_net_routes, ssh_win_net_ping, ssh_win_net_dns |\n| `windows_process` | ssh_win_process_list, ssh_win_process_top, ssh_win_process_info, ssh_win_process_by_name, ssh_win_process_kill |\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eAdvanced groups (21 groups)\u003c/strong\u003e\u003c/summary\u003e\n\n| Group | Tools | Description |\n|-------|-------|-------------|\n| `diagnostics` | ssh_diagnose, ssh_incident_triage, ssh_compare_state | Intelligent single-call diagnostics with symptom-based triage |\n| `runbooks` | ssh_runbook_list, ssh_runbook_execute, ssh_runbook_validate | YAML-defined multi-step operational procedures ([docs](config/runbooks/README.md)) |\n| `orchestration` | ssh_canary_exec, ssh_rolling_exec, ssh_fleet_diff | Canary deployments, rolling updates, fleet-wide comparison |\n| `recording` | ssh_recording_start, ssh_recording_stop, ssh_recording_list, ssh_recording_replay, ssh_recording_verify | Tamper-proof session recording (SOC2/HIPAA/PCI-DSS) |\n| `drift` | ssh_env_snapshot, ssh_env_diff, ssh_env_drift | Environment state capture and drift detection |\n| `security_scan` | ssh_sbom_generate, ssh_vuln_scan, ssh_compliance_check | SBOM, vulnerability scanning, CIS compliance checks |\n| `performance` | ssh_perf_trace, ssh_io_trace, ssh_latency_test, ssh_benchmark | Performance profiling, I/O tracing, benchmarks |\n| `container_logs` | ssh_container_log_search, ssh_container_log_stats, ssh_container_events, ssh_container_health_history | Container log analysis and health tracking |\n| `network_security` | ssh_port_scan, ssh_ssl_audit, ssh_network_capture, ssh_fail2ban_status | Port scanning, SSL audit, traffic capture, fail2ban |\n| `compliance` | ssh_cis_benchmark, ssh_stig_check, ssh_compliance_score, ssh_compliance_report | CIS/STIG benchmarks and compliance reporting |\n| `cloud` | ssh_aws_cli, ssh_cloud_metadata, ssh_cloud_tags, ssh_cloud_cost | Cloud provider interaction |\n| `inventory` | ssh_discover_hosts, ssh_inventory_sync, ssh_host_tags | Host discovery and CMDB sync |\n| `multicloud` | ssh_multicloud_list, ssh_multicloud_sync, ssh_multicloud_compare | Multi-cloud resource management |\n| `alerting` | ssh_alert_check, ssh_alert_list, ssh_alert_set | Metric monitoring, threshold checking, alert rules |\n| `capacity` | ssh_capacity_collect, ssh_capacity_trend, ssh_capacity_predict | Capacity data collection, trending, prediction |\n| `incident` | ssh_incident_timeline, ssh_incident_correlate | Incident response timeline and log correlation |\n| `log_aggregation` | ssh_log_aggregate, ssh_log_search_multi, ssh_log_tail_multi | Cross-host log aggregation, search, tail |\n| `key_management` | ssh_key_generate, ssh_key_distribute, ssh_key_audit | SSH key generation, distribution, audit |\n| `chatops` | ssh_webhook_send, ssh_notify | Slack/Teams/webhook notifications |\n| `templates` | ssh_template_list, ssh_template_show, ssh_template_apply, ssh_template_validate, ssh_template_diff | Config template management |\n| `pty` | ssh_pty_exec, ssh_pty_interact, ssh_pty_resize | Interactive PTY sessions |\n\n\u003c/details\u003e\n\n---\n\n## MCP Prompts \u0026 Resources\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003ePre-built prompts\u003c/strong\u003e\u003c/summary\u003e\n\n| Prompt | Description | Required args |\n|--------|-------------|---------------|\n| `system-health` | Full system health check (CPU, memory, disk, services) | `host` |\n| `deploy` | Step-by-step deployment workflow | `host`, `service` |\n| `security-audit` | Security posture assessment | `host` |\n| `troubleshoot` | Systematic troubleshooting guide | `host`, `symptom` |\n| `docker-health` | Docker/container health assessment | `host` |\n| `k8s-overview` | Kubernetes cluster state overview | `host` |\n| `backup-verify` | Backup integrity verification | `host` |\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eDirect data resources\u003c/strong\u003e\u003c/summary\u003e\n\n| URI pattern | Description |\n|-------------|-------------|\n| `metrics://{host}` | System metrics (CPU, memory, disk, network, load) as JSON |\n| `file://{host}/{path}` | Remote file content |\n| `log://{host}/{path}` | Last lines of a log file |\n| `health://{host}` | Health check summary for a host (connectivity, load, key services) |\n| `history://{host}` | Recent command history captured by the bridge for that host |\n| `services://{host}` | Snapshot of active systemd services on the host |\n\n\u003c/details\u003e\n\n---\n\n## CLI Usage\n\nThe binary works standalone (outside MCP mode) with **10-32x token savings** for AI agent workflows.\n\n### Basic commands\n\n```bash\nmcp-ssh-bridge status                       # Show configured hosts \u0026 security\nmcp-ssh-bridge exec \u003chost\u003e \"\u003ccommand\u003e\"      # Execute a command directly\nmcp-ssh-bridge history [--limit 20]         # Show command history\nmcp-ssh-bridge upload \u003chost\u003e \u003clocal\u003e \u003cremote\u003e   # SFTP upload\nmcp-ssh-bridge download \u003chost\u003e \u003cremote\u003e \u003clocal\u003e # SFTP download\nmcp-ssh-bridge validate                     # Validate config file\nmcp-ssh-bridge config-diff                  # Compare config vs defaults\n```\n\n### Tool invocation (all 357 MCP tools)\n\n```bash\n# Invoke any tool with key=value pairs\nmcp-ssh-bridge tool ssh_docker_ps host=prod\nmcp-ssh-bridge tool ssh_exec host=prod command=\"df -h\"\n\n# Or with JSON arguments\nmcp-ssh-bridge tool ssh_k8s_get --json-args '{\"host\":\"k8s\",\"resource\":\"pods\",\"namespace\":\"default\"}'\n\n# JSON output (for scripting/parsing)\nmcp-ssh-bridge --json tool ssh_docker_ps host=prod\n```\n\n### Progressive discovery\n\nFrom the CLI:\n\n```bash\nmcp-ssh-bridge list-tools --groups-only       # 75 groups (~2K tokens)\nmcp-ssh-bridge list-tools --group docker      # Tools in a group (~500 tokens)\nmcp-ssh-bridge list-tools --search kubernetes # Keyword search\nmcp-ssh-bridge describe-tool ssh_docker_ps    # Full schema for 1 tool (~200 tokens)\n```\n\nFrom an MCP client (Claude Desktop / Claude Code), the same progressive-discovery pattern is available as three top-level tools so the model can walk the registry without loading all 357 schemas up front:\n\n| Tool | Purpose | Typical cost |\n|---|---|---|\n| `mcp_list_tool_groups` | List the 75 groups with counts | ~2 K tokens |\n| `mcp_search_tools` | Keyword search (`query`, `group?`, `limit=20`) | ~3 K tokens / page |\n| `mcp_describe_tool` | Full schema + reduction strategy for one tool | ~500 tokens |\n\n### Token-efficient output\n\nEvery tool automatically exposes reduction parameters based on its output type. Server-side filtering runs **before** truncation, so you never lose data to the output cap. Use `describe-tool \u003cname\u003e` — its top-of-output **Reduction Strategy** line tells you exactly which params apply.\n\n| Output kind | Available params | Strategy | Example tools |\n|---|---|---|---|\n| **Tabular** | `columns`, `limit` | Pick columns + cap rows | `docker_ps`, `service_list`, `process_list` |\n| **Json** | `jq_filter`, `output_format`, `limit` | jq + TSV for 60-80% savings | `docker_inspect`, `k8s_get`, `ansible_facts` |\n| **Yaml** | `yq_filter`, `output_format`, `limit` | yq + TSV | kubectl/helm YAML output |\n| **Auto** | All of the above | Tool auto-detects JSON vs tabular | `vault_status`, mixed outputs |\n| **RawText** | — | `save_output=/path` then read the file locally | `ssh_exec`, logs, arbitrary commands |\n\n**Common params** available on every tool: `host`, `timeout_seconds`, `max_output`, `save_output`.\n\n```bash\n# Filter JSON with jq + TSV output (60-80% token savings on list data)\nmcp-ssh-bridge tool ssh_k8s_get host=k8s resource=pods \\\n  jq_filter='.items[] | [.metadata.name, .status.phase]' output_format=tsv\n\n# Pick columns from tabular output\nmcp-ssh-bridge tool ssh_docker_ps host=prod columns='[\"NAMES\",\"STATUS\",\"IMAGE\"]' limit=20\n\n# Or use the ergonomic global flags (equivalent)\nmcp-ssh-bridge --jq '.items[] | {name, phase}' --output-format=tsv tool ssh_k8s_get host=k8s resource=pods\nmcp-ssh-bridge --columns NAMES,STATUS,IMAGE --limit 20 tool ssh_docker_ps host=prod\n\n# Persist full untruncated output to a file\nmcp-ssh-bridge tool ssh_docker_logs host=prod container=nginx save_output=/tmp/nginx.log\n```\n\n**Pagination.** Truncated results print `[output_id: abc123]`. Fetch the rest with:\n\n```bash\nmcp-ssh-bridge tool ssh_output_fetch output_id=abc123 offset=40000\n```\n\n### Global flags\n\n| Flag | Description |\n|------|-------------|\n| `--config` / `-c` | Path to config file |\n| `--json` | JSON output for all commands |\n| `--dry-run` | Preview without executing |\n\n### Exit codes\n\n| Code | Meaning |\n|------|---------|\n| 0 | Success |\n| 1 | Tool/command execution error |\n| 2 | CLI usage error (unknown tool, bad args) |\n| 3 | SSH connection error |\n| 4 | Security denial |\n| 5 | Configuration error |\n\n### Shell completions\n\n```bash\nmcp-ssh-bridge completions bash \u003e ~/.bash_completion.d/mcp-ssh-bridge\nmcp-ssh-bridge completions zsh \u003e ~/.zfunc/_mcp-ssh-bridge\nmcp-ssh-bridge completions fish \u003e ~/.config/fish/completions/mcp-ssh-bridge.fish\n```\n\n### Claude Code integration (optional)\n\nIf you use [Claude Code](https://claude.com/claude-code), copy the provided rule and skill to get CLI-aware assistance:\n\n```bash\n# Copy the CLI rule (tells Claude to prefer CLI over MCP for token efficiency)\nmkdir -p .claude/rules\ncp config/claude-code/rules/cli-bridge.md .claude/rules/\n\n# Copy the /bridge skill (interactive CLI workflows and config help)\nmkdir -p .claude/skills/bridge\ncp config/claude-code/skills/bridge/SKILL.md .claude/skills/bridge/\n```\n\nThis enables:\n\n- Claude automatically uses the CLI via Bash instead of MCP tools\n- `/bridge` command for interactive tool discovery and config management\n- `/bridge config` for guided configuration setup\n- `/bridge docker` to explore tools in a group\n\n---\n\n## Daemon Mode\n\nIn addition to the default stdio transport, the bridge can run as a long-lived daemon listening on a Unix socket. Multiple local clients (Claude Code, Claude Desktop, scripts) can connect concurrently to the same daemon, each getting an isolated MCP session that shares the same audit log, output cache, and connection pools.\n\n```bash\n# Start the daemon (foreground)\nmcp-ssh-bridge --daemon /tmp/mcp-ssh-bridge.sock\n\n# Connect a client to the socket via the standard MCP `--transport unix` flag,\n# or any tool that speaks JSON-RPC over a Unix socket.\n```\n\n**Built-in connection pools** kick in automatically when you build with the corresponding feature flags:\n\n| Pool | Default TTL | Effect |\n|---|---|---|\n| `WinRmPool` (`--features winrm`) | 120 s | Reuses the per-host `reqwest::Client` so back-to-back WinRM calls skip the TLS handshake. |\n| `K8sExecPool` (`--features k8s-exec`) | 300 s | Caches the `kube::Client` (kubeconfig walk + auth-plugin refresh) across `ssh_k8s_*` calls. |\n\nBoth pools clean up idle entries automatically; nothing is required to enable them beyond compiling the relevant feature.\n\n---\n\n## Troubleshooting\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eCommon issues\u003c/strong\u003e\u003c/summary\u003e\n\n**\"Unknown host: xxx\"** — The host alias is not in your config. Run `ssh_status` or `mcp-ssh-bridge status` to see configured hosts.\n\n**\"Command denied\"** — The command doesn't match a whitelist pattern (strict/standard mode) or matches a blacklist pattern. Check your `security` config.\n\n**\"SSH connection failed\"** — Verify: (1) the host is reachable (`ping hostname`), (2) SSH works manually (`ssh user@host`), (3) key permissions are correct (`chmod 600 ~/.ssh/id_*`).\n\n**\"Unknown host key\"** — Add it: `ssh-keyscan hostname \u003e\u003e ~/.ssh/known_hosts`\n\n**Host key verification modes:**\n\n| Mode | Behavior |\n|------|----------|\n| `Strict` (default) | Rejects unknown and changed host keys |\n| `AcceptNew` | Accepts new keys, rejects changed keys |\n| `Off` | Accepts all keys (testing only) |\n\nSet per-host: `host_key_verification: AcceptNew`\n\n\u003c/details\u003e\n\n---\n\n## Development\n\n```bash\nmake build              # Debug build\nmake release            # Optimized release with LTO\nmake test               # Run tests (uses nextest if available)\nmake lint               # Clippy with strict warnings\nmake ci                 # Quick CI (fmt-check, lint, test, audit, typos)\nmake ci-full            # Full CI (ci + hack + geiger)\nmake dxt                # Build DXT package for Claude Desktop\n```\n\nRust edition 2024, MSRV 1.94+. `#![forbid(unsafe_code)]`. 7500+ tests.\n\n**Adding a new tool — 3 steps:** annotate the struct with `#[mcp_tool]` (or `#[mcp_standard_tool]`), add the `mod` + `pub use` line, and (only if introducing a new group) update `ToolGroupsConfig`. The `inventory` crate auto-registers the handler at compile time — no test-count assertions to update.\n\nSee [CHANGELOG.md](CHANGELOG.md) for version history and [THREAT_MODEL.md](docs/THREAT_MODEL.md) for security design.\n\n---\n\n## License\n\n[MIT](LICENSE)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuchiny%2Fmcp-ssh-bridge","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmuchiny%2Fmcp-ssh-bridge","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuchiny%2Fmcp-ssh-bridge/lists"}