How do I install Safe Ssh?

Safe Ssh is a local plugin. Install it using PyPI package: safe-ssh-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What AI apps work with Safe Ssh?

Safe Ssh uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Safe Ssh MCP Server

by Areso

Developer ToolsModerate6.4Local

Free

A secured scoped SSH MCP server for executing safe read-only diagnostic DevOps / SysOps commands

About

A secured scoped SSH MCP server for executing safe read-only diagnostic DevOps / SysOps commands

Security Report

6.4

Moderate6.4Moderate Risk

Valid MCP server (4 strong, 4 medium validity signals). 1 code issue detected. 3 known CVEs in dependencies (1 critical, 1 high severity) Package registry verified. Imported from the Official MCP Registry. 1 finding(s) downgraded by scanner intelligence.

7 files analyzed · 5 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-areso-safe-ssh-mcp": {
      "args": [
        "safe-ssh-mcp"
      ],
      "command": "uvx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Safe SSH MCP Server

A secure and scoped SSH MCP server for executing read-only diagnostic commands over SSH.
In this project, "safe" refers specifically to host safety: the server is designed to prevent modifications to the remote system and reduce the risk of operational harm. It does NOT attempt to guarantee that command output cannot be misused by external agents.

Badges

- security check

Overview

The core philosophy behind this MCP server is safety first. Instead of providing an AI agent with an unrestricted bash shell, this server exposes only carefully curated, read-only commands for system diagnostics and monitoring.

Available Tools (Partial List)

get_disk_free : df -h
get_disk_usage : find <path> -mindepth 1 -maxdepth 1 -exec du -sh -- {} + 2>/dev/null | sort -rh | head -n 20
get_dmesg : dmesg
get_uptime : uptime
get_current_datetime : date
get_distroname_version : cat /etc/os-release
get_systemd_list_all : systemctl list-units --all --no-pager
get_systemd_list_failed : systemctl list-units --state=failed --no-pager
get_systemd_list_timers : systemctl list-timers --no-pager
get_crontab_tasks: crontab -l
get_systemd_status : systemctl status {daemon}
get_top : top -b -n 1 -c

Example of invocation

okay, could u check disk usage on /root/ path with help of safe-ssh-mcp server on a remote myserver.mydomain.pro using root and /Users/myUser/.ssh/id_rsa to login?

Project Contents

mcp_ssh.py - the SSH MCP server
mcp_config.ini - the server's config
check_tools.py - check the server's tools with schemas, and list them
check_health.py - check the server's tools and either it's up

Compatibility

Tested only on Python3.11 running on MacOS

The MCP Registry

mcp-name: io.github.Areso/safe-ssh-mcp

The License

This project is licensed under the GNU AGPLv3 License.

Why AGPL?

This server acts as core infrastructure and contains no business logic. By using the AGPL license, we ensure that any security improvements, bug fixes, or new diagnostic tools added to the server are shared back with the open-source community.

Note for Client Developers

Because MCP clients communicate with this server via standard Inter-Process Communication (IPC) or network protocols (like HTTP/SSE), the AGPL license does not "infect" or restrict the client applications connecting to it.
You can safely connect proprietary, closed-source, or permissively licensed (e.g., MIT, Apache 2.0) AI agents to this server without violating the license terms.