SSH servers

Mephit never runs commands on your machines without a human click. The model can propose a command, but execution requires you to press Run on the proposal card. Every run is audited — append-only, per server, per conversation.

The contract has four parts:

• Registration — you add a host, username, and SSH private key. The key is encrypted at rest before it touches the database.
• Proposal — the model emits a structured command card with target, command, intent, and a risk level (low / medium / high).
• Execution — when you click Run, the platform opens a one-shot SSH connection, executes the command, captures stdout/stderr, and closes. No persistent sessions.
• Audit — the run row stores the full command and capped output (512 KB / stream). Visible in the server detail page.

Open /dashboard/servers → Add server. Required fields:

• Name — a short slug used in mentions: kali-jump, prod-web-1.
• Host — hostname, IPv4, or bracketed IPv6.
• Port — defaults to 22.
• Username — alphanumeric, dot, underscore, dash. e.g. kali, ubuntu, root.
• SSH private key — paste a PEM key (-----BEGIN OPENSSH PRIVATE KEY----- or equivalent). Stored AES-256-GCM encrypted; never returned to the client.
• Project (optional)— attach the server to a project so it surfaces in that project’s mention picker by default.

After saving, click Test. The platform opens a one-shot connection and runs whoami to verify credentials. Result is saved on the server row so you can spot drift later.

◈Mention a server

Type @ in the composer to open the picker, or type a registered name directly. Mentions are authoritative — they tell the model exactly which server to target.

◈Use the slash shorthand

/run @<name> <cmd> is a shorthand the remote-exec skill always recognises:

/run @kali-jump nmap -F acme.com
/run @prod-web-1 systemctl status nginx
/run @kali-docker hashcat -m 1000 -a 0 hashes.txt rockyou.txt

◈The command card

The model replies with a card containing:

• on — the target server name.
• cmd — the exact command line.
• why — one-line intent.
• risk — model-assigned risk level.

Click Run to execute, or Edit to tweak the command first. After execution the output streams into a follow-up panel showing exit code, duration, and stdout/stderr.

• Connection timeout: 10 s.
• Default exec timeout: 60 s. Configurable per command, capped at 300 s.
• Output cap: 512 KB per stream (stdout/stderr). Excess is dropped and the run is marked truncated: true.
• Rate limit: 30 commands per minute per user.
• One-shot connections: every run opens a fresh SSH session and closes it on completion.

Even with human-in-the-loop, some commands are refused unconditionally unless explicitly confirmed. The blocklist covers:

• rm -rf /, rm -rf /bin|etc|usr|var|home|root|boot
• dd of=/dev/(sd|nvme|hd|xvd|vd)
• mkfs.*, fdisk /dev/...
• shutdown, reboot, halt, init 0|6
• Fork bombs (:(){ : | : &};:)
• chown -R on /
• iptables -F
• curl ... | sh / wget ... | bash

Every run produces an append-only row in the command_run table with:

• command, status (queued / running / done / failed / timeout), exit code, duration
• stdout / stderr (capped, redacted on display where appropriate)
• linked conversation id when proposed from chat
• timestamps for request and finish

The audit list is visible per server in the dashboard; use it to reconstruct what was run when, by whom, and against which target.

Edit the server and paste a new private key. The previous test result is invalidated; click Test again to confirm the new key works. The previous ciphertext is overwritten — there is no key history.