MCP SSH Manager

Overview Schema Related Servers Score Discussions

ssh_deploy

Deploy files to remote servers with automatic permission handling, backup options, and service restart capabilities for secure file transfers.

Instructions

Deploy files to remote server with automatic permission handling

Input Schema

TableJSON Schema

Name	Required	Description
`server`	Yes	Server name or alias
`files`	Yes	Array of files to deploy
`options`	No	Deployment options

Implementation Reference

src/tool-registry.js:57-72 (registration)

Registration of the 'ssh_deploy' tool within the 'advanced' TOOL_GROUPS array. This is where the tool name is listed for conditional registration based on configuration.

advanced: [
  'ssh_deploy',
  'ssh_execute_sudo',
  'ssh_alias',
  'ssh_command_alias',
  'ssh_hooks',
  'ssh_profile',
  'ssh_connection_status',
  'ssh_tunnel_create',
  'ssh_tunnel_list',
  'ssh_tunnel_close',
  'ssh_key_manage',
  'ssh_execute_group',
  'ssh_group_manage',
  'ssh_history'
]

src/deploy-helper.js:1-176 (helper)

Complete helper module providing functions for ssh_deploy tool: getTempFilename for safe temp files, buildDeploymentStrategy to generate deployment steps (backup, copy, chown, chmod, restart, cleanup), detectDeploymentNeeds for auto-detecting sudo/owner/perms requirements, and createBatchDeployScript for multi-file deployments.

import path from 'path';
import crypto from 'crypto';

/**
 * Deploy helper functions for secure file deployment
 */

/**
 * Generate a unique temporary filename
 */
export function getTempFilename(originalName) {
  const timestamp = Date.now();
  const random = crypto.randomBytes(4).toString('hex');
  const ext = path.extname(originalName);
  const base = path.basename(originalName, ext);
  return `/tmp/${base}_${timestamp}_${random}${ext}`;
}

/**
 * Build deployment strategy based on target path and permissions
 */
export function buildDeploymentStrategy(remotePath, options = {}) {
  const {
    sudoPassword = null,
    owner = null,
    permissions = null,
    backup = true,
    restart = null
  } = options;

  const strategy = {
    steps: [],
    requiresSudo: false
  };

  // Step 1: Backup existing file if requested
  if (backup) {
    strategy.steps.push({
      type: 'backup',
      command: `if [ -f "${remotePath}" ]; then cp "${remotePath}" "${remotePath}.bak.$(date +%Y%m%d_%H%M%S)"; fi`
    });
  }

  // Step 2: Determine if we need sudo
  const needsSudo = remotePath.startsWith('/etc/') ||
                    remotePath.startsWith('/var/') ||
                    remotePath.startsWith('/usr/') ||
                    owner || permissions;

  if (needsSudo) {
    strategy.requiresSudo = true;
  }

  // Step 3: Copy from temp to final location
  const copyCmd = needsSudo && sudoPassword ?
    `echo "${sudoPassword}" | sudo -S cp {{tempFile}} "${remotePath}"` :
    needsSudo ?
      `sudo cp {{tempFile}} "${remotePath}"` :
      `cp {{tempFile}} "${remotePath}"`;

  strategy.steps.push({
    type: 'copy',
    command: copyCmd
  });

  // Step 4: Set ownership if specified
  if (owner) {
    const chownCmd = sudoPassword ?
      `echo "${sudoPassword}" | sudo -S chown ${owner} "${remotePath}"` :
      `sudo chown ${owner} "${remotePath}"`;

    strategy.steps.push({
      type: 'chown',
      command: chownCmd
    });
  }

  // Step 5: Set permissions if specified
  if (permissions) {
    const chmodCmd = sudoPassword ?
      `echo "${sudoPassword}" | sudo -S chmod ${permissions} "${remotePath}"` :
      `sudo chmod ${permissions} "${remotePath}"`;

    strategy.steps.push({
      type: 'chmod',
      command: chmodCmd
    });
  }

  // Step 6: Restart service if specified
  if (restart) {
    strategy.steps.push({
      type: 'restart',
      command: restart
    });
  }

  // Step 7: Cleanup temp file
  strategy.steps.push({
    type: 'cleanup',
    command: 'rm -f {{tempFile}}'
  });

  return strategy;
}

/**
 * Parse deployment configuration from file path patterns
 * Examples:
 *   /home/user/app/file.js -> normal deploy
 *   /etc/nginx/sites-available/site -> needs sudo
 *   /var/www/html/index.html -> needs sudo
 */
export function detectDeploymentNeeds(remotePath) {
  const needs = {
    sudo: false,
    suggestedOwner: null,
    suggestedPerms: null
  };

  // System directories that typically need sudo
  if (remotePath.startsWith('/etc/')) {
    needs.sudo = true;
    needs.suggestedOwner = 'root:root';
    needs.suggestedPerms = '644';
  } else if (remotePath.startsWith('/var/www/')) {
    needs.sudo = true;
    needs.suggestedOwner = 'www-data:www-data';
    needs.suggestedPerms = '644';
  } else if (remotePath.includes('/nginx/')) {
    needs.sudo = true;
    needs.suggestedOwner = 'root:root';
    needs.suggestedPerms = '644';
  } else if (remotePath.includes('/apache/') || remotePath.includes('/httpd/')) {
    needs.sudo = true;
    needs.suggestedOwner = 'www-data:www-data';
    needs.suggestedPerms = '644';
  } else if (remotePath.includes('/frappe-bench/')) {
    // For ERPNext/Frappe deployments
    needs.sudo = false;
    needs.suggestedOwner = null; // Will be handled by the app
    needs.suggestedPerms = '644';
  }

  return needs;
}

/**
 * Create batch deployment script for multiple files
 */
export function createBatchDeployScript(deployments) {
  const script = ['#!/bin/bash', 'set -e', ''];

  script.push('# Batch deployment script');
  script.push(`# Generated at ${new Date().toISOString()}`);
  script.push('');

  deployments.forEach((deploy, index) => {
    script.push(`# File ${index + 1}: ${deploy.localPath} -> ${deploy.remotePath}`);
    deploy.strategy.steps.forEach(step => {
      if (step.type !== 'cleanup') {
        script.push(step.command.replace('{{tempFile}}', deploy.tempFile));
      }
    });
    script.push('');
  });

  // Cleanup all temp files at the end
  script.push('# Cleanup temporary files');
  deployments.forEach(deploy => {
    script.push(`rm -f ${deploy.tempFile}`);
  });

  return script.join('\n');
}

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions 'automatic permission handling,' which hints at file system modifications, but lacks critical details such as authentication requirements, error handling, whether it overwrites files by default, or any rate limits. This is inadequate for a tool that performs remote file operations with potential system impacts.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that front-loads the core purpose ('Deploy files to remote server') and adds a key feature ('with automatic permission handling'). There is no wasted verbiage, making it highly concise and well-structured for quick understanding.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of deploying files to a remote server with no annotations and no output schema, the description is insufficient. It lacks details on behavioral traits (e.g., authentication, error handling), expected outputs, or how it differs from siblings. For a tool with potential system impacts, this leaves significant gaps in understanding.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema fully documents all parameters. The description adds minimal value beyond the schema by implying permission handling relates to the 'options' parameter, but it doesn't elaborate on parameter interactions or usage nuances. Baseline 3 is appropriate as the schema does the heavy lifting.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Deploy files') and target ('to remote server'), with the additional detail of 'automatic permission handling' providing specific functionality. It distinguishes from siblings like ssh_upload by emphasizing deployment with permission management, though it doesn't explicitly contrast with all related tools like ssh_sync or ssh_execute.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit guidance on when to use this tool versus alternatives is provided. While the description implies it's for deployment with permission handling, it doesn't specify scenarios, prerequisites, or compare it to siblings like ssh_upload (for simple transfers) or ssh_execute (for remote commands), leaving usage context ambiguous.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/bvisible/mcp-ssh-manager'

If you have feedback or need assistance with the MCP directory API, please join our Discord server