Skip to main content
Glama
narmaku

Linux MCP Server

by narmaku
OverviewSchemaRelated ServersScoreDiscussions
Hybrid

Linux MCP Server

A Model Context Protocol (MCP) server for read-only Linux system administration, diagnostics, and troubleshooting on RHEL-based systems.

Features

  • Read-Only Operations: All tools are strictly read-only for safe diagnostics

  • Remote SSH Execution: Execute commands on remote systems via SSH with key-based authentication

  • Multi-Host Management: Connect to different remote hosts in the same session

  • Comprehensive Diagnostics: System info, services, processes, logs, network, and storage

  • Configurable Log Access: Control which log files can be accessed via environment variables

  • RHEL/systemd Focused: Optimized for Red Hat Enterprise Linux systems

Architecture Overview

graph TB Client["Client Layer<br/>MCP Client (e.g. Claude Desktop)"] subgraph Server["MCP Server"] FastMCP[FastMCP Server] subgraph Tools["Tool Categories"] direction LR subgraph Row1[" "] SystemInfo[System Info] Services[Services] Processes[Processes] end subgraph Row2[" "] Logs[Logs & Audit] Network[Network] Storage[Storage] end end Executor[SSH Executor] Logger[Audit Logger] end subgraph Targets["Execution Targets"] direction LR Local[Local System] Remote[Remote Hosts<br/>SSH] end Client -->|MCP Protocol| FastMCP FastMCP --> Tools Tools --> Executor Executor --> Targets FastMCP -.-> Logger Executor -.-> Logger style Client fill:#4a9eff,stroke:#2563eb,color:#fff style FastMCP fill:#f59e0b,stroke:#d97706,color:#fff style SystemInfo fill:#64748b,stroke:#475569,color:#fff style Services fill:#64748b,stroke:#475569,color:#fff style Processes fill:#64748b,stroke:#475569,color:#fff style Logs fill:#64748b,stroke:#475569,color:#fff style Network fill:#64748b,stroke:#475569,color:#fff style Storage fill:#64748b,stroke:#475569,color:#fff style Executor fill:#10b981,stroke:#059669,color:#fff style Logger fill:#8b5cf6,stroke:#7c3aed,color:#fff style Local fill:#eab308,stroke:#ca8a04,color:#fff style Remote fill:#eab308,stroke:#ca8a04,color:#fff style Row1 fill:none,stroke:none style Row2 fill:none,stroke:none

Key Components

  • FastMCP Server: Core MCP protocol server handling tool registration and invocation

  • Tool Categories: Six categories of read-only diagnostic tools (system info, services, processes, logs, network, storage)

  • SSH Executor: Routes commands to local subprocess or remote SSH execution with connection pooling

  • Audit Logger: Comprehensive logging in both human-readable and JSON formats with automatic rotation

  • Multi-Target Execution: Single server instance can execute commands on local system or multiple remote hosts

Available Tools

System Information

  • get_system_info - OS version, kernel, hostname, uptime

  • get_cpu_info - CPU details and load averages

  • get_memory_info - RAM usage and swap details

  • get_disk_usage - Filesystem usage and mount points

  • get_hardware_info - Hardware details (CPU architecture, PCI/USB devices, memory hardware)

Service Management

  • list_services - List all systemd services with status

  • get_service_status - Detailed status of a specific service

  • get_service_logs - Recent logs for a specific service

Process Management

  • list_processes - Running processes with CPU/memory usage

  • get_process_info - Detailed information about a specific process

Logs & Audit

  • get_journal_logs - Query systemd journal with filters

  • get_audit_logs - Read audit logs (if available)

  • read_log_file - Read specific log file (whitelist-controlled)

Network Diagnostics

  • get_network_interfaces - Network interface information

  • get_network_connections - Active network connections

  • get_listening_ports - Ports listening on the system

Storage & Disk Analysis

  • list_block_devices - Block devices and partitions

  • list_directories_by_size - List directories sorted by size (largest first) with top N limit

  • list_directories_by_name - List all directories sorted alphabetically (A-Z or Z-A)

  • list_directories_by_modified_date - List all directories sorted by modification date (newest/oldest first)

Installation

Prerequisites

  • Python 3.10 or higher

  • uv package manager

Setup

  1. Clone the repository:

git clone <repository-url> cd linux-mcp-server

  1. Create virtual environment and install dependencies:

uv venv source .venv/bin/activate uv pip install -e ".[dev]"

Configuration

Configure the server using environment variables:

# Comma-separated list of allowed log file paths export LINUX_MCP_ALLOWED_LOG_PATHS="/var/log/messages,/var/log/secure,/var/log/audit/audit.log" # Optional: Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL) export LINUX_MCP_LOG_LEVEL="INFO" # Optional: Custom log directory (default: ~/.local/share/linux-mcp-server/logs/) export LINUX_MCP_LOG_DIR="/var/log/linux-mcp-server" # Optional: Log retention in days (default: 10) export LINUX_MCP_LOG_RETENTION_DAYS="30" # Optional: Specify SSH private key path (defaults to ~/.ssh/id_ed25519, ~/.ssh/id_rsa, etc.) export LINUX_MCP_SSH_KEY_PATH="/path/to/your/private/key"

Audit Logging

The server includes comprehensive audit logging for all operations:

Features:

  • Dual Format: Logs written in both human-readable text and JSON formats

  • Daily Rotation: Automatic log rotation at midnight

  • Configurable Retention: Keep logs for a specified number of days (default: 10)

  • Tiered Verbosity: INFO for operations, DEBUG for detailed diagnostics

  • Sanitization: Automatic redaction of sensitive data (passwords, tokens, API keys)

Log Files:

  • Human-readable: ~/.local/share/linux-mcp-server/logs/server.log

  • JSON format: ~/.local/share/linux-mcp-server/logs/server.json

  • Rotated files: server.log.YYYY-MM-DD and server.json.YYYY-MM-DD

What Gets Logged:

  • Server startup and shutdown

  • All tool invocations with parameters (sanitized)

  • Tool execution time and completion status

  • SSH connections (success/failure)

  • Remote command execution

  • Error conditions with full context

Log Levels:

  • DEBUG: Detailed flow, connection reuse, function entry/exit, timing details

  • INFO: Tool calls, command executions, connection events, operation results

  • WARNING: Authentication failures, retryable errors, missing optional data

  • ERROR: Failed operations, exceptions, connection failures

  • CRITICAL: Server startup/shutdown failures, unrecoverable errors

Example Log Entries:

# Human-readable format (server.log) 2025-10-10 14:23:45.123 | INFO | server | TOOL_CALL: list_services | host=server1.example.com | username=admin | execution_mode=remote 2025-10-10 14:23:45.234 | INFO | ssh_executor | SSH_CONNECT: admin@server1.example.com | status=success 2025-10-10 14:23:45.345 | INFO | ssh_executor | REMOTE_EXEC: systemctl list-units --type=service | host=server1.example.com | exit_code=0 2025-10-10 14:23:45.456 | INFO | server | TOOL_COMPLETE: list_services | status=success | duration=0.333s # JSON format (server.json) {"timestamp": "2025-10-10T14:23:45.123Z", "level": "INFO", "logger": "server", "message": "TOOL_CALL: list_services", "event": "TOOL_CALL", "tool": "list_services", "host": "server1.example.com", "username": "admin", "execution_mode": "remote"}

Remote SSH Execution

All tools support optional host and username parameters for remote execution via SSH:

  • Authentication: SSH key-based authentication only (no password support)

  • Key Discovery: Automatically discovers SSH keys from ~/.ssh/ or use LINUX_MCP_SSH_KEY_PATH

  • Connection Pooling: Reuses SSH connections for efficiency

  • Multi-Host: Each tool call can target a different remote host

Requirements:

  • SSH key-based authentication must be configured on remote hosts

  • Remote user must have appropriate permissions for diagnostic commands

Example Usage:

# Local execution await list_services() # Remote execution await list_services(host="server1.example.com", username="admin") # Different host in same session await get_service_status("nginx", host="server2.example.com", username="sysadmin")

Usage

Running the Server

You can run the server in multiple ways:

Using uv run (recommended for development):

uv run linux-mcp-server

Using uvx (recommended for one-off execution without installation):

uvx --from /path/to/linux-mcp-server linux-mcp-server

Traditional Python module execution:

python -m linux_mcp_server

Using with Claude Desktop

Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):

Option 1: Using uv run (simpler):

{ "mcpServers": { "linux-diagnostics": { "command": "uv", "args": [ "--directory", "/path/to/linux-mcp-server", "run", "linux-mcp-server" ], "env": { "LINUX_MCP_ALLOWED_LOG_PATHS": "/var/log/messages,/var/log/secure,/var/log/audit/audit.log" } } } }

Option 2: Using uvx (from local directory):

{ "mcpServers": { "linux-diagnostics": { "command": "uvx", "args": [ "--from", "/path/to/linux-mcp-server", "linux-mcp-server" ], "env": { "LINUX_MCP_ALLOWED_LOG_PATHS": "/var/log/messages,/var/log/secure,/var/log/audit/audit.log" } } } }

Development

Running Tests

pytest

Running Tests with Coverage

pytest --cov=src --cov-report=html

Security Considerations

  • All operations are read-only

  • Log file access is controlled via whitelist (LINUX_MCP_ALLOWED_LOG_PATHS)

  • SSH key-based authentication only - no password support

  • SSH host key verification is disabled for flexibility (use with caution)

  • No arbitrary command execution

  • Input validation on all parameters

  • Requires appropriate system permissions for diagnostics

  • Remote user needs proper sudo/permissions for privileged commands

License

MIT License

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

How are these scores calculated?

Resources

New MCP Servers

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/narmaku/linux-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server