ssh

Original：🇨🇳 Chinese

Translated

4 scriptsChecked / no sensitive code detected

SSH/Server Operation Assistant. Used for tasks such as remote servers, user@host, SSH configuration, upload and download, deployment, bastion host, tunnel, port forwarding, server command execution, etc.; takes the Host alias in ~/.ssh/config as the only server list, prioritizes key authentication, and encapsulates OpenSSH operations through the Python scripts of this skill.

10installs

Sourcezhinkgit/embeddedskills

Added on2026-05-27

NPX Install

npx skill4agent add zhinkgit/embeddedskills ssh

SKILL.md Content (Chinese)

View Translation Comparison →

SSH Skill

Overview

This is a lightweight SSH operation gateway. It does not maintain an independent server database and only reads and writes the standard OpenSSH configuration by default:

text

~/.ssh/config

Core Principles:

Use
```
Host
```
aliases to identify servers, do not directly memorize IPs/passwords.
Prioritize key authentication and native OpenSSH commands.
Execute SSH, SCP, configuration checks, and tunnel operations through the
```
scripts/
```
scripts of this skill.
Automatic backup is required before writing to
```
~/.ssh/config
```
.
Storing passwords locally is discouraged; if passwords must be used, prioritize letting OpenSSH prompt interactively or having users configure secure credentials on their own.

Trigger Scenarios

Use this skill when users mention the following tasks:

SSH, remote servers, server IP/hostname,
```
user@host
```
Login, execute remote commands, check server status
Upload, download, deploy, migrate files
Bastion host,
```
ProxyJump
```
, intranet access
Tunnel, port forwarding, database connection
Configure
```
~/.ssh/config
```
, add/search server aliases

Do not use for local

localhost

, current directory, local file operations, or general network concept explanations.

Script Entry

Prioritize calling scripts from the current skill directory. The script directory is:

text

scripts/

Command examples are all based on the current skill directory.

Common Commands

ssh_exec.py

,

ssh_transfer.py

,

ssh_tunnel.py

all support:

bash

--accept-new-host-key
--known-hosts-file <temporary known_hosts path>

When connecting to a trusted new development board for the first time, you can explicitly append

--accept-new-host-key

. If you don't want to write to the global

known_hosts

during testing, you can append

--known-hosts-file <temporary known_hosts path>

.

List Servers

bash

python scripts/ssh_config.py list

Search for Servers

bash

python scripts/ssh_config.py find <keyword>

Verify Alias Resolution

bash

python scripts/ssh_config.py show <alias>

Add Server

The script will automatically back up

~/.ssh/config

before writing:

bash

python scripts/ssh_config.py add <alias> --host <IP or domain> --user <user> --port 22 --key ~/.ssh/id_ed25519

Optional:

bash

--description "Description"
--tags tag1,tag2
--location "Location"
--proxy-jump <bastion host alias>

Execute Remote Command

bash

python scripts/ssh_exec.py <alias> "command" --timeout 30

The script outputs JSON, including

success

,

exit_code

,

stdout

,

stderr

.

Upload Files

bash

python scripts/ssh_transfer.py upload <alias> "<local path>" "<remote path>"

Download Files

bash

python scripts/ssh_transfer.py download <alias> "<remote path>" "<local path>"

Establish Local Port Forwarding

bash

python scripts/ssh_tunnel.py <alias> --local-port <local port> --remote-host 127.0.0.1 --remote-port <remote port>

The tunnel command runs in the foreground. If long-term background operation is needed, explain the impact and stop method to the user first.

Configuration Format

Recommended Configuration:

ssh

# description: Development Board
# tags: embedded,linux
# location: lab
Host 1380-P904
    HostName 192.168.137.76
    User root
    Port 22
    IdentityFile ~/.ssh/id_ed25519

Bastion Host:

ssh

Host bastion
    HostName bastion.example.com
    User root
    IdentityFile ~/.ssh/id_ed25519

Host internal-dev
    HostName 10.0.1.20
    User root
    IdentityFile ~/.ssh/id_ed25519
    ProxyJump bastion

Comment metadata is allowed to be retained:

```
description
```
```
tags
```
```
location
```

Do not write real passwords, Tokens, private key contents, or other sensitive information in the configuration.

Operation Rules

Query tasks can be executed directly.
The script must create a backup before adding or modifying
```
~/.ssh/config
```
.
For risky operations such as deleting configurations, overwriting remote files, deployment, batch execution, port forwarding, confirm with the user first.
Do not directly run bare
```
ssh
```
/
```
scp
```
; prioritize using the scripts of this skill; only explain the reason and use fallback commands when the scripts are unavailable or explicitly requested by the user.
Do not modify Git, system services, firewalls, or remote production environment configurations unless explicitly requested by the user.
Prioritize read-only checks when executing remote commands; confirm first when involving restart, deletion, overwriting, installation, or upgrade.
When outputting to the user, explain the target alias, actual HostName, executed command, key results, and failure reasons.

Troubleshooting

Prioritize checking:

python scripts/ssh_config.py show <alias>

Whether
```
ssh -G <alias>
```
can resolve HostName/User/Port
Whether the key file exists and has appropriate permissions
Whether the
```
ProxyJump
```
alias is also in
```
~/.ssh/config
```
Whether the network is reachable and the port is open
Whether
```
--accept-new-host-key
```
needs to be explicitly appended for the first connection

If the script fails, retain the actual stderr and do not suppress errors.

ssh

NPX Install

Tags

SKILL.md Content (Chinese)

SSH Skill

Overview

Trigger Scenarios

Script Entry

Common Commands

List Servers

Search for Servers

Verify Alias Resolution

Add Server

Execute Remote Command

Upload Files

Download Files

Establish Local Port Forwarding

Configuration Format

Operation Rules

Troubleshooting