mcpsshclient

mcpsshclient provides an SSH client server with an integrated security agent to detect and prevent unsafe commands from being executed over SSH. The agentic capabilities are enabled via a separate configuration file (secagentconfig.json) and can be activated by setting ENABLE_SECAGENT to true and defining SECURITY_POLICY as described in the README. To use the server, configure your MCP Client to point to the SSH client server entry (sshclient) with the Node.js runtime and the built index.js entry path. The security agent periodically evaluates commands and enforces policies before execution, helping to mitigate dangerous actions during remote sessions. Typical workflows involve starting the MCP client host, ensuring the agent is enabled, and then connecting to target machines via SSH through the MCP bridge. If a command is flagged as unsafe, it will be blocked according to the policy, and details can be reviewed in the agent logs.

Prerequisites:

• Node.js and npm installed on the client machine
• Access to the project repository

Install and build steps:

1. Clone the repository: git clone https://github.com/jonnadul/mcpsshclient.git
2. Navigate to the project folder: cd mcpsshclient
3. Install dependencies: npm install
4. Build the project: npm run build

Configuration to enable the security agent:

• Create or edit secagentconfig.json and set: { "ENABLE_SECAGENT": true, "SECURITY_POLICY": "<your-policy>" }
• Ensure this file is accessible to the running server so the agent can initialize at startup.

Notes and tips:

• The MCP Client configuration should point to the built index.js using the Node command, as shown in the example configuration.
• Windows path syntax is used in the example; adapt the path to your environment if running on another OS.
• If you enable the security agent, ensure the ollama components are available as described in the prerequisites for agent initialization.
• If you encounter issues starting the server, verify that the build output exists at the specified path (build/index.js) and that Node is able to execute it.
• Monitor logs or console output for any policy violations reported by the security agent to adjust SECURITY_POLICY as needed.