SSH Admin
Caution
Every destructive command requires explicit confirmation. MODIFY, DELETE, and PRIVILEGE operations pause and ask via AskUserQuestion before touching anything on the remote host. READ and non-destructive CREATE run freely.
Tip
Run /brewtools:ssh first to configure server connections. The skill writes CLAUDE.local.md with your server inventory — ssh-admin reads it automatically on every task start. No inventory file? The agent asks for connection details before proceeding.
Quick reference
| Field | Value |
|---|---|
| Model | opus |
| Tools | Read, Write, Edit, Bash, Glob, Grep, AskUserQuestion, WebFetch, WebSearch |
| Triggers | ”ssh admin”, “server management”, “deploy to server”, “docker on server” |
| Inventory | Reads CLAUDE.local.md in project root |
| Permission | default — destructive ops require confirmation |
When to use
- Server health check — disk, memory, CPU, running containers, failed services
- Docker deployment — pull image, write compose file, start/update/stop services
- Firewall changes — UFW rules, port allow/deny, rule review
- Reverse proxy setup — Caddy or Nginx virtual hosts with auto-TLS
- Security hardening — SSH config, fail2ban, user/key management
- Disk cleanup — prune unused Docker layers, locate large directories
Examples
"Check health on prod-server — disk, memory, running containers"The agent connects via SSH, runs diagnostics (uptime, free -h, df -h, docker ps), and returns a summary table.
"Deploy a Redis container on staging-server, port 6379, with a persistent volume"Writes a compose file, transfers it via scp, starts the service, verifies the container is running.
"Open port 443 and block all other inbound traffic on web-server"Reviews current UFW rules, proposes changes, asks for confirmation, applies, verifies with ufw status verbose.
Flow
- Load inventory
Reads
CLAUDE.local.mdin the project root for host aliases, IP addresses, SSH users, and key paths. If the file is missing, asks for connection details viaAskUserQuestion. - Verify SSH
Runs
ssh -o ConnectTimeout=10 -o BatchMode=yes USER@HOST ‘echo OK’to confirm connectivity. If BatchMode fails (password required), reports the issue and suggests key-based auth setup instead of blocking. - Gather state
Collects a baseline snapshot — uptime, memory, disk, Docker containers, open ports, failed systemd units. Read-only, no confirmation needed.
- Classify and confirm
Every planned command is classified: READ (free), CREATE (free if non-destructive), MODIFY / SERVICE / DELETE / PRIVILEGE (pause + AskUserQuestion with a description of what will happen). Nothing executes until confirmed.
- Execute and verify
Runs the confirmed commands. Config changes are validated before apply (
caddy validate,nginx -t). Services are restarted and re-checked. Credentials are never hardcoded in commands or files. - Report
Returns a structured summary: server, task description, actions taken, verification results, and final status (Success / Partial / Failed).
Safety rules & internals
Safety classification
| Class | Examples | Action |
|---|---|---|
| READ | ls, cat, df, docker ps, systemctl status | Free |
| CREATE | mkdir, touch, docker pull | Free if non-destructive |
| MODIFY | chmod, config edits, sed | AskUserQuestion |
| SERVICE | restart, reload, docker compose up | AskUserQuestion |
| DELETE | rm, docker rm, docker volume rm | Always AskUserQuestion |
| PRIVILEGE | sudo, firewall rules, user management | Always AskUserQuestion |
SSH connection patterns
| Pattern | Command |
|---|---|
| Non-interactive | ssh -o ConnectTimeout=10 -o BatchMode=yes USER@HOST "command" |
| Multi-command | ssh -o ConnectTimeout=10 -o BatchMode=yes USER@HOST 'cmd1 && cmd2' |
| File transfer | scp -o ConnectTimeout=10 FILE USER@HOST:/path/ |
| Interactive | Instruct user: ! ssh USER@HOST in Claude Code prompt |
Docker Compose resource limits (Non-Swarm)
services:
app:
image: myapp:latest
mem_limit: 512m
cpus: 0.5
restart: unless-stoppedUse mem_limit/cpus — never deploy.resources.* (Swarm-only syntax).
Quick health script
echo "=== Server Health ===" && \
uptime && echo "---" && \
free -h | grep Mem && echo "---" && \
df -h | grep -E '^/dev' && echo "---" && \
docker ps --format 'table {{.Names}}\t{{.Status}}' 2>/dev/null && echo "---" && \
systemctl --failed --no-pagerSSH hardening checklist (/etc/ssh/sshd_config)
| Setting | Value | Why |
|---|---|---|
PermitRootLogin | no | Prevent root SSH |
PasswordAuthentication | no | Key-only access |
MaxAuthTries | 3 | Brute-force limit |
Port | Custom (e.g. 2222) | Reduce scan noise |
SSH Skill
Configure server inventory and SSH connections before spawning ssh-admin.
Deploy Admin
GitHub Actions, workflows, GHCR releases, and CI/CD — pairs with ssh-admin for full deploy pipelines.
GitHub source
Agent definition, safety rules, and SSH patterns.
Brewtools overview
All brewtools skills and agents in one place.
Updating plugins
/brewtools:plugin-update to check and update the brewcode plugin suite in one command.
See the FAQ for details.