UNPKG

ssh-mcp

Version:

MCP server exposing SSH control for Linux and Windows systems via Model Context Protocol.

github.com/tufantunc/ssh-mcp

tufantunc/ssh-mcp

164 lines (163 loc) 6.08 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
#!/usr/bin/env node import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'; import { McpError, ErrorCode } from "@modelcontextprotocol/sdk/types.js"; import { Client as SSHClient } from 'ssh2'; import { z } from 'zod'; import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'; // Example usage: node build/index.js --host=1.2.3.4 --port=22 --user=root --password=pass --key=path/to/key --timeout=5000 function parseArgv() { const args = process.argv.slice(2); const config = {}; for (const arg of args) { const match = arg.match(/^--([^=]+)=(.*)$/); if (match) { config[match[1]] = match[2]; } } return config; } const argvConfig = parseArgv(); const HOST = argvConfig.host; const PORT = argvConfig.port ? parseInt(argvConfig.port) : 22; const USER = argvConfig.user; const PASSWORD = argvConfig.password; const KEY = argvConfig.key; const DEFAULT_TIMEOUT = argvConfig.timeout ? parseInt(argvConfig.timeout) : 60000; // 60 seconds default timeout function validateConfig(config) { const errors = []; if (!config.host) errors.push('Missing required --host'); if (!config.user) errors.push('Missing required --user'); if (config.port && isNaN(Number(config.port))) errors.push('Invalid --port'); if (errors.length > 0) { throw new Error('Configuration error:\n' + errors.join('\n')); } } validateConfig(argvConfig); const server = new McpServer({ name: 'SSH MCP Server', version: '1.0.7', capabilities: { resources: {}, tools: {}, }, }); server.tool("exec", "Execute a shell command on the remote SSH server and return the output.", { command: z.string().describe("Shell command to execute on the remote SSH server"), }, async ({ command }) => { // Sanitize command input if (typeof command !== 'string' || !command.trim()) { throw new McpError(ErrorCode.InternalError, 'Command must be a non-empty string.'); } const sshConfig = { host: HOST, port: PORT, username: USER, }; try { if (PASSWORD) { sshConfig.password = PASSWORD; } else if (KEY) { const fs = await import('fs/promises'); sshConfig.privateKey = await fs.readFile(KEY, 'utf8'); } const result = await execSshCommand(sshConfig, command); return result; } catch (err) { // Wrap unexpected errors if (err instanceof McpError) throw err; throw new McpError(ErrorCode.InternalError, `Unexpected error: ${err?.message || err}`); } }); async function execSshCommand(sshConfig, command) { return new Promise((resolve, reject) => { const conn = new SSHClient(); let timeoutId; let isResolved = false; // Set up timeout timeoutId = setTimeout(() => { if (!isResolved) { isResolved = true; // Try to abort the running command before closing connection const abortTimeout = setTimeout(() => { // If abort command itself times out, force close connection conn.end(); }, 5000); // 5 second timeout for abort command conn.exec('timeout 3s pkill -f "' + command + '" 2>/dev/null || true', (err, abortStream) => { if (abortStream) { abortStream.on('close', () => { clearTimeout(abortTimeout); conn.end(); }); } else { clearTimeout(abortTimeout); conn.end(); } }); reject(new McpError(ErrorCode.InternalError, `Command execution timed out after ${DEFAULT_TIMEOUT}ms`)); } }, DEFAULT_TIMEOUT); conn.on('ready', () => { conn.exec(command, (err, stream) => { if (err) { if (!isResolved) { isResolved = true; clearTimeout(timeoutId); reject(new McpError(ErrorCode.InternalError, `SSH exec error: ${err.message}`)); } conn.end(); return; } let stdout = ''; let stderr = ''; stream.on('close', (code, signal) => { if (!isResolved) { isResolved = true; clearTimeout(timeoutId); conn.end(); if (stderr) { reject(new McpError(ErrorCode.InternalError, `Error (code ${code}):\n${stderr}`)); } else { resolve({ content: [{ type: 'text', text: stdout, }], }); } } }); stream.on('data', (data) => { stdout += data.toString(); }); stream.stderr.on('data', (data) => { stderr += data.toString(); }); }); }); conn.on('error', (err) => { if (!isResolved) { isResolved = true; clearTimeout(timeoutId); reject(new McpError(ErrorCode.InternalError, `SSH connection error: ${err.message}`)); } }); conn.connect(sshConfig); }); } async function main() { const transport = new StdioServerTransport(); await server.connect(transport); console.error("SSH MCP Server running on stdio"); } main().catch((error) => { console.error("Fatal error in main():", error); process.exit(1); });