← Index

SSH Session MCP

io.github.Zw-awa/ssh-session-mcp·v2.7.1·Calendar & Time

Shared SSH PTY runtime for MCP clients with viewer, input lock, async tracking, and policy rules.

In-path gate · all MCP tools

Using SSH Session MCP in Claude, Cursor, Gemini CLI, Cline, or Zed?

MCP tool contracts can change remotely with no version bump. The mcpindex gate pins each contract and HOLDs the call when it drifts—before your agent acts. Zero credentials. This is not the package install for this server itself (use Install this server for that).

Install the mcpindex gate (one command)

Rewrites your MCP host config so each server launches behind the gate. Inspect first: curl -fsSL https://mcpindex.ai/install.sh | less

curl -fsSL https://mcpindex.ai/install.sh | sh
Trust verdict · v1 advisory · method
REVIEWstatus: PARTIALfresh until 2026-08-01 17:03 UTC
screened 2026-07-02tier: scannedgranularity: description-levelsource: registry

Semantic screen found no manipulation pattern in the description. Conformance probe not yet run.

mcpindex.integrity.descriptionpassINFO

evidenceNo malicious instructions foundvia static_description

Limits of this verdict
  • - Semantic screen only - the deterministic conformance probe has not run on this server
  • - Confidence is reported but not yet calibrated (v1)
  • - Screen reads the tool description, not the live behavior
  • - advisory
  • - registry description only no input schema
  • - screen model 8b

Semantic screen: an LLM judge reads the tool description for hidden instructions (status PARTIAL). A pass means the description is not lying, not that the tool is safe: a high-capability tool with an honest description still warrants caution. The deterministic conformance probe has not been run on this server yet, so the screen here is semantic-only. Posture: advisory. Confidences are reported but not yet calibrated (calibrated=false at v1). Full verdict history is not shown on this page.

Own this server? Screen its description →

Embed this badge

A live verdict badge for your README or listing. It reflects the current screen, links back here, and updates when the verdict does.

Markdown
[![mcpindex](https://mcpindex.ai/api/v1/badge/io-github-zw-awa-ssh-session-mcp)](https://mcpindex.ai/server/io-github-zw-awa-ssh-session-mcp)
HTML
<a href="https://mcpindex.ai/server/io-github-zw-awa-ssh-session-mcp"><img src="https://mcpindex.ai/api/v1/badge/io-github-zw-awa-ssh-session-mcp" alt="mcpindex verdict" height="20" /></a>
Environment variables
SSH_MCP_CONFIG

Optional explicit path to ssh-session-mcp.config.json when the config is not in the current working directory.

SSH_MCP_INSTANCE

Optional runtime instance id used to isolate state across multiple MCP clients or agents.

VIEWER_PORT

Viewer HTTP port. Use auto to allocate a free local port, or 0 to disable the browser viewer.

VIEWER_HOST

Optional viewer bind host. Defaults to 127.0.0.1 for local-only browser access.

AUTO_OPEN_TERMINAL

Set to true or 1 to automatically open the browser terminal when a session is created.

SSH_MCP_MODE

Operation mode. safe blocks risky or unsuitable terminal actions by default, while full allows broader execution.

SSH_MCP_LOCAL

Set to true or 1 to run a local shell instead of opening a real SSH connection. Useful for demos and offline testing.

SSH_MCP_DEBUG

Set to true or 1 to expose browser-side debug controls intended for demos and local troubleshooting.

SSH_HOST

Legacy single-target SSH host when not using ssh-session-mcp.config.json device profiles.

SSH_PORT

Legacy single-target SSH port when not using ssh-session-mcp.config.json device profiles.

SSH_USER

Legacy single-target SSH username when not using ssh-session-mcp.config.json device profiles.

SSH_PASSWORD
secret

Optional legacy password-based SSH authentication value.

SSH_KEY

Optional path to a local SSH private key file for legacy single-target mode.

MCP quality score · maturity, not trust · methodology
freshness
23
completeness
20
installability
25
documentation
15
stability
10
Alternatives in Calendar & Time