- Home
- MCP servers
- MCP SSH SRE
MCP SSH SRE
- typescript
11
GitHub Stars
typescript
Language
5 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
You run an MCP server that connects to a target Linux host over SSH and exposes read-only diagnostic results to an AI assistant. It keeps credentials and shell access private, so your system remains secure while you get fast, actionable insights from natural language queries.
How to use
You work with an MCP client to ask questions like: Why is a container failing to start? Which processes are consuming the most CPU? Is a disk showing signs of trouble? The MCP server executes predefined diagnostic commands over SSH and returns structured results to the client, enabling you to investigate issues in seconds without manual command hunting.
How to install
Prerequisites you need on your host: a supported container runtime and network access to the MCP server. You also need SSH credentials configured on the target machine that you authorize for read-only diagnostics.
Step 1. Run the MCP server with Docker. Copy and paste this command:
docker run -d \
-p 3000:3000 \
-e SSH_HOST=server.local \
-e SSH_USERNAME=mcp-readonly \
-e SSH_KEY_PATH=/keys/id_ed25519 \
-v ~/.ssh/id_ed25519_mcp:/keys/id_ed25519:ro \
ghcr.io/ohare93/mcp-ssh-sre:latest
Step 2. Point your MCP client to the server endpoint. Use the following MCP configuration snippet in your client setup to register the remote MCP server.
{
"mcpServers": {
"ssh-sre": {
"url": "http://your-server:3000/mcp"
}
}
}
Additional setup notes
For production deployments, you may want to set up authentication, TLS, and proper SSH key management. The server automatically uses SSH to run diagnostic commands on the target host and returns only the results, keeping your credentials and shell access private.
Security and design notes
This MCP server is designed to be read-only. It does not modify the remote system, and it avoids exposing shell access or credentials beyond the diagnostic outputs. Review access controls on the MCP client to ensure only authorized users can query diagnostics.