remote-terminal
by TiM00R
Overview
AI-powered remote Linux server management, enabling natural language control over server commands, file transfers, and automated workflows.
Installation
remote-terminal-mcpEnvironment Variables
- REMOTE_TERMINAL_ROOT
Security Notes
The server has critical command injection vulnerabilities. In `src/tools/sftp_compression_tar.py`, the `extract_tarball_via_ssh` function constructs `tar` commands using `remote_archive_path` and `remote_extract_path` without proper shell quoting. Similarly, in `src/tools/sftp_compression_upload.py`, the `chmod -R` command uses `remote_dir` without quoting. This allows a malicious actor (e.g., a jailbroken AI or manipulated input) to inject arbitrary shell commands, leading to remote code execution on the connected server. While some path sanitization (`validate_path`) and `shlex.quote` are used in other parts (e.g., single file SFTP, backup creation), these critical directory transfer commands are unprotected. The system also inherently trusts the AI to generate safe commands, making a jailbroken AI a significant risk.
Similar Servers
1Panel
1Panel is a web-based Linux server management tool for efficient host monitoring, file management, database administration, container orchestration, and rapid website deployment, including AI tools and backup/restore functionality.
ssh-mcp-server
Bridging AI assistants to remote SSH server operations for command execution, file transfer, and server status retrieval via the Model Context Protocol (MCP).
mcp-ssh-orchestrator
Provides secure, policy-driven SSH orchestration for AI agents to manage server infrastructure with audit logging, enforcing zero-trust principles.
mcp-ssh-manager
Manages remote SSH servers via the Model Context Protocol (MCP), enabling AI assistants like Claude Code and OpenAI Codex to execute commands, transfer files, monitor health, and automate DevOps tasks.