Ssh
Give your coding agent copy-paste SSH, SCP, rsync, config, and remote-command patterns for servers you ship and run.
Overview
SSH is an agent skill most often used in Operate (also Build backend integrations, Ship launch) that documents secure remote access, key-based login, transfers, and tunneling patterns.
Install
npx skills add https://github.com/dicklesworthstone/agent_flywheel_clawdbot_skills_and_integrations --skill sshWhat is this skill?
- Covers basic ssh connections with port, identity file, and Host aliases via ~/.ssh/config
- Documents one-shot and chained remote commands with optional pseudo-TTY for interactive tools
- Includes SCP copy patterns and recursive directory sync
- Recommends rsync -avz/-avzP for directory sync with compression and progress
- Frames SSH as the default secure channel for remote admin, transfers, and tunneling
Adoption & trust: 615 installs on skills.sh; 64 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You need your agent to run correct ssh, scp, and rsync commands without guessing ports, keys, or config host aliases.
Who is it for?
Solo builders who manage their own servers and want agent-assisted SSH, rsync deploys, and config-driven host aliases.
Skip if: Teams that only deploy via managed PaaS with no shell access, or users who need full IAM/VPN design rather than command patterns.
When should I use this skill?
Connect to servers, manage keys, tunnels, and transfers with SSH, SCP, or rsync.
What do I get? / Deliverables
You get reliable remote command, config, and file-sync snippets your agent can apply for deploys and server maintenance.
- Correct ssh/scp/rsync command sequences for stated host and path
- Optional ~/.ssh/config Host block for named connections
- Remote one-shot or chained command scripts suitable for deploy or ops
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Canonical shelf is Operate infra because the skill centers on live server access, keys, tunnels, and transfers—not product ideation. Infra matches secure remote sessions, ~/.ssh/config, and rsync-based deploy sync called out as preferred over raw scp.
Where it fits
SSH into a host alias from ~/.ssh/config to tail logs or restart services with a one-liner.
Run chained remote commands such as cd /app, git pull, and pm2 restart after a release.
Draft rsync -avzP sync steps as part of a manual or semi-automated deploy script.
How it compares
Reference CLI skill for SSH/rsync—not an MCP server or a hosted terminal product.
Common Questions / FAQ
Who is ssh for?
Indie developers and operators who SSH into own servers and want agents to emit correct connection, config, and transfer commands.
When should I use ssh?
During Operate infra for logs and restarts; during Ship launch for git pull and process restarts over SSH; during Build backend when wiring deploy scripts that sync or exec remotely.
Is ssh safe to install?
The skill encourages shell and network access to your hosts; review the Security Audits panel on this Prism page and never let agents use production keys without your explicit approval.
SKILL.md
READMESKILL.md - Ssh
# SSH Skill Use SSH for secure remote access, file transfers, and tunneling. ## Basic Connection Connect to server: ```bash ssh user@hostname ``` Connect on specific port: ```bash ssh -p 2222 user@hostname ``` Connect with specific identity: ```bash ssh -i ~/.ssh/my_key user@hostname ``` ## SSH Config Config file location: ``` ~/.ssh/config ``` Example config entry: ``` Host myserver HostName 192.168.1.100 User deploy Port 22 IdentityFile ~/.ssh/myserver_key ForwardAgent yes ``` Then connect with just: ```bash ssh myserver ``` ## Running Remote Commands Execute single command: ```bash ssh user@host "ls -la /var/log" ``` Execute multiple commands: ```bash ssh user@host "cd /app && git pull && pm2 restart all" ``` Run with pseudo-terminal (for interactive): ```bash ssh -t user@host "htop" ``` ## File Transfer with SCP Copy file to remote: ```bash scp local.txt user@host:/remote/path/ ``` Copy file from remote: ```bash scp user@host:/remote/file.txt ./local/ ``` Copy directory recursively: ```bash scp -r ./local_dir user@host:/remote/path/ ``` ## File Transfer with rsync (preferred) Sync directory to remote: ```bash rsync -avz ./local/ user@host:/remote/path/ ``` Sync from remote: ```bash rsync -avz user@host:/remote/path/ ./local/ ``` With progress and compression: ```bash rsync -avzP ./local/ user@host:/remote/path/ ``` Dry run first: ```bash rsync -avzn ./local/ user@host:/remote/path/ ``` ## Port Forwarding (Tunnels) Local forward (access remote service locally): ```bash ssh -L 8080:localhost:80 user@host # Now localhost:8080 connects to host's port 80 ``` Local forward to another host: ```bash ssh -L 5432:db-server:5432 user@jumphost # Access db-server:5432 via localhost:5432 ``` Remote forward (expose local service to remote): ```bash ssh -R 9000:localhost:3000 user@host # Remote's port 9000 connects to your local 3000 ``` Dynamic SOCKS proxy: ```bash ssh -D 1080 user@host # Use localhost:1080 as SOCKS5 proxy ``` ## Jump Hosts / Bastion Connect through jump host: ```bash ssh -J jumphost user@internal-server ``` Multiple jumps: ```bash ssh -J jump1,jump2 user@internal-server ``` In config file: ``` Host internal HostName 10.0.0.50 User deploy ProxyJump bastion ``` ## Key Management Generate new key (Ed25519, recommended): ```bash ssh-keygen -t ed25519 -C "your_email@example.com" ``` Generate RSA key (legacy compatibility): ```bash ssh-keygen -t rsa -b 4096 -C "your_email@example.com" ``` Copy public key to server: ```bash ssh-copy-id user@host ``` Copy specific key: ```bash ssh-copy-id -i ~/.ssh/mykey.pub user@host ``` ## SSH Agent Start agent: ```bash eval "$(ssh-agent -s)" ``` Add key to agent: ```bash ssh-add ~/.ssh/id_ed25519 ``` Add with macOS keychain: ```bash ssh-add --apple-use-keychain ~/.ssh/id_ed25519 ``` List loaded keys: ```bash ssh-add -l ``` ## Multiplexing (Connection Sharing) In ~/.ssh/config: ``` Host * ControlMaster auto ControlPath ~/.ssh/sockets/%r@%h-%p ControlPersist 600 ``` Create socket directory: ```bash mkdir -p ~/.ssh/sockets ``` ## Known Hosts Remove old host key: ```bash ssh-keygen -R hostname ``` Scan and add host key: ```bash ssh-keyscan hostname >> ~/.ssh/known_hosts ``` ## Debugging Verbose output: ```bash ssh -v user@host ``` Very verbose: ```bash ssh -vv user@host ``` Maximum verbosity: ```bash ssh -vvv user@host ``` ## Security Tips - Use Ed25519 keys (faster, more secure than RSA) - Set `PasswordAuthentication no` on servers - Use `fail2ban` on servers to block brute force - Keep keys encrypted with passphrases - Use `ssh-agent` to avoid typing passphrase repeatedly - Restrict key usage with `command=` in authorized_keys