Ubuntu SSH MCP Server
Allows connecting to Ubuntu servers over SSH to manage system packages, services, users, firewall, SSH configuration, perform security audits, and execute commands remotely.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Ubuntu SSH MCP ServerCheck system info on prod"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Ubuntu SSH MCP Server
An MCP server that lets Claude Code connect to Ubuntu servers over SSH to manage, maintain, and secure them — all from a natural language conversation.
Features
Category | Tools |
Connection | Connect/disconnect servers, list active sessions |
Commands | Run shell commands, sudo commands |
System Info | OS/CPU/RAM/disk overview, process list, disk usage |
Packages | apt update, upgrade, install, remove |
Services | Start/stop/restart/enable systemd services |
Logs | journalctl, tail log files |
Files | Read, write, list remote files |
Security Audit | Open ports, SUID files, sudo rights, failed logins |
Firewall (UFW) | Status, add/delete rules, enable/disable |
SSH Hardening | Disable root login, password auth, MaxAuthTries |
Users | List, create, delete users; add SSH public keys |
Fail2ban | Jail status, unban IPs |
Cron | List cron jobs |
Network | Interface info, routing, ping |
Related MCP server: Ubuntu VM Control
Requirements
Node.js 18+
Claude Code (
npm install -g @anthropic-ai/claude-code)
Installation
# 1. Clone / copy this folder somewhere permanent
cd ~/ubuntu-ssh-mcp
npm install
# 2. Register with Claude Code (global scope — available in all projects)
claude mcp add ubuntu-ssh-mcp -- node /ABSOLUTE/PATH/TO/ubuntu-ssh-mcp/index.js
# Verify it's registered
claude mcp listAlternative: Project-level config
Create or edit .mcp.json in your project root:
{
"mcpServers": {
"ubuntu-ssh-mcp": {
"command": "node",
"args": ["/ABSOLUTE/PATH/TO/ubuntu-ssh-mcp/index.js"]
}
}
}Usage Examples
Once Claude Code is running with the MCP server connected, just talk to it:
> Connect to my server at 192.168.1.10 as ubuntu using my key at ~/.ssh/id_rsa, call it "prod"
> Show me the system info for prod
> Check what security updates are available on prod
> Run a full security audit on prod
> Harden the SSH config on prod — make sure I have key auth working first
> Enable UFW on prod and allow only ports 22, 80, and 443
> Show the last 100 lines of the nginx error log on prod
> List all users on prod and check if any have unexpected sudo access
> Install fail2ban on prod and check the sshd jail statusSecurity Notes
Use SSH key auth — avoid passing passwords where possible.
sudo_passwordis passed as a parameter; Claude Code stores no secrets. UseNOPASSWDsudoers for a CI/automation account if you prefer not to pass passwords.harden_sshwill restart sshd — ensure key-based auth is working before calling it or you may lock yourself out.Connections persist for the life of the Claude Code session and are cleaned up on exit.
The server runs locally via stdio — no network ports are opened by the MCP server itself.
Tool Reference
Connection
Tool | Description |
| Connect to a server |
| Disconnect from a server |
| List active connections |
Execution
Tool | Description |
| Run a shell command |
| Run a command with sudo |
System
Tool | Description |
| OS, CPU, RAM, disk, uptime |
| Top processes by CPU/mem |
| Disk usage breakdown |
| Interfaces, routing, connections |
| Ping a host from the server |
Packages
Tool | Description |
| Update package index |
| Upgrade all packages |
| Install packages |
| Remove packages |
Services
Tool | Description |
| Check service status |
| Start/stop/restart/enable/disable |
| List all/running/failed services |
Logs
Tool | Description |
| journalctl for service or system |
| Last N lines of any log file |
Files
Tool | Description |
| Read a remote file |
| Write a remote file |
| List directory contents |
Security
Tool | Description |
| Full security audit |
| Security-only apt updates |
| Apply SSH hardening |
| UFW firewall status |
| Add/delete UFW rules |
| Enable/disable UFW |
| Fail2ban jail status |
| Unban an IP |
Users
Tool | Description |
| List system users |
| Create a user |
| Delete a user |
| Add SSH public key |
| List cron jobs |
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/smccauley-dev/ubuntu-ssh-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server