sshDCommander replaces fragile SSH scripts with a persistent daemon and three purpose-built CLI tools. Designed for AI clients that need reliable, auditable server access.
Designed from the ground up for AI agents like Claude Code, Cursor, and Windsurf. Every CLI tool outputs structured, machine-parseable responses. AI agents call sshDCommander via shell to manage remote servers.
AI agents lose SSH connections between tool calls. sshDCommander solves this with a persistent daemon — connections survive across every invocation. Zero reconnect overhead.
Server profiles + OS keyring integration means AI agents never need credentials in prompts. No passwords in context windows, no key material in tool calls. Authenticate via server profiles.
Every request must identify the calling agent. Full traceability: which AI agent ran which command on which server. Essential for multi-agent infrastructure management.
A background daemon maintains SSH connections via Paramiko. Connections survive across CLI commands — no reconnect penalty. The daemon is your always-on SSH infrastructure.
Manage one SSH connection per server simultaneously. Auto-connects on first request using server profiles. Up to 10+ concurrent servers.
Dead connection detection via keepalive packets (30s interval). Automatic reconnection with exponential backoff and jitter. Mid-command recovery.
Each server has its own lock. Two AI agents can work on different servers in parallel. Same-server access is serialized with SESSION_BUSY.
Every file transfer verified with streaming SHA-256 hash. No second pass — checksum is computed during transfer. AI agents deploy with cryptographic confidence.
Record the checksum of every deployed file in a JSON manifest. AI agents verify remote state against the manifest at any time — catch drift before it becomes an incident.
Interrupted transfers resume from where they stopped. .part file pattern prevents corrupted uploads from going live.
Automatic UTF-8 BOM removal on upload. Prevents Linux parse errors from Windows-created files.
Generate SHA-256 manifests of your entire codebase. Detect unauthorized changes, tampering, or supply chain attacks. Verify that deployed code matches the expected state — no competitor offers this level of file integrity monitoring.
Built-in Ed25519 CA. Three commands: ca init, ca sign, ca deploy. Automatic sshd configuration with dry-run and rollback safety. No password juggling.
Passwords stored in DPAPI (Windows), Keychain (macOS), or SecretService (Linux). Never in plaintext config files. Never exposed to AI agent context.
Compare manifest snapshots to detect what changed, when, and whether it was authorized. Protect against rogue AI agents, compromised CI/CD pipelines, or insider threats modifying production files.
Forward your local SSH agent to remote servers for onward connections like git clone — without copying private keys.
Trust-on-first-use with persistent known_hosts storage. Transparent host key management.
Complex commands with pipes, quotes, and variable expansion? Script mode wraps them in a temp script, uploads, executes, and cleans up.
Inject environment variables via --env, --env-file, or auto-loaded env.json. Essential for background workers and CI pipelines.
12 built-in sudo prompt patterns (EN, NL, DE, FR, ES, PT) plus per-server pattern learning. Sudo works everywhere.
Every operation traced to the calling agent via mandatory client-id. Rotating log files. Structured JSON output.
5-day free trial. No credit card required.
View Pricing