SSHAI - SSH AI Assistant
September 23, 2025 · View on GitHub
English | 简体中文
An intelligent AI assistant program that provides AI model services through SSH connections, allowing you to use AI assistants in any SSH-supported environment.
✨ Key Features
- 🔐 Secure SSH Connection - Encrypted AI service access through SSH protocol
- 🔑 Flexible Authentication - Support for password authentication, SSH key-based passwordless login, and passwordless mode
- 🗝️ SSH Keys Support - Support for multiple SSH public keys for passwordless login, compatible with RSA, Ed25519, and other key types
- 🤖 Multi-Model Support - Support for DeepSeek, Hunyuan, and other AI models
- 💭 Real-time Thinking Display - Real-time display of thinking processes for models like DeepSeek R1
- 🛠️ MCP Tool Support - Support for Model Context Protocol, integrating various external tools and services
- 🎨 Beautiful Interface - Colorful output, animations, and ASCII art
- ⚙️ Flexible Configuration - Support for dynamic configuration file specification (-c parameter) and complete YAML configuration
- 🌐 Multi-language Support - Support for Chinese and English interfaces
- 📝 Custom Prompts - Configurable AI prompt system
- 🚀 Startup Welcome Banner - Beautiful welcome banner displayed on program startup
- 🏗️ Modular Design - Clean code architecture, easy to extend
🚀 Quick Start
1. Download and Build
# Clone the project
git clone https://github.com/sshllm/sshai.git
cd sshai
# Build the program
make build
# or
go build -o sshai cmd/main.go
2. Configuration Setup
Edit the config.yaml file and set your API key:
# API Configuration
api:
base_url: "https://api.deepseek.com/v1"
api_key: "your-api-key-here"
default_model: "deepseek-v3"
# Server Configuration
server:
port: 2213
welcome_message: "Welcome to SSHAI!"
# Authentication Configuration (Optional)
auth:
password: "" # Empty = no password authentication
login_prompt: "Please enter password: "
# SSH public key passwordless login configuration (only effective when password is set)
authorized_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... user@hostname"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... user2@hostname"
authorized_keys_file: "~/.ssh/authorized_keys" # Optional: read public keys from file
# Custom Prompt Configuration
prompt:
system_prompt: "You are a professional AI assistant, please answer questions in English."
stdin_prompt: "Please analyze the following content and provide relevant help or suggestions:"
exec_prompt: "Please answer the following question or execute the following task:"
# MCP Tool Configuration
mcp:
enabled: true # Enable MCP functionality
refresh_interval: 300 # Tool list refresh interval (seconds)
servers:
# Stable services using uvx (recommended)
- name: "time"
transport: "stdio"
command: ["uvx", "mcp-server-time"]
enabled: true
- name: "fetch"
transport: "stdio"
command: ["uvx", "mcp-server-fetch"]
enabled: true
# Services using npx (may require longer startup time)
- name: "bing"
transport: "stdio"
command: ["npx", "bing-cn-mcp"]
enabled: true
3. Run the Server
# Run directly (using default config.yaml)
./sshai
# Specify configuration file
./sshai -c config.yaml
./sshai -c /path/to/your/config.yaml
# Run in background
./sshai > server.log 2>&1 &
# Run with script
./scripts/run.sh
Command Line Parameters
-c <config_file>- Specify configuration file path- If not specified, defaults to
config.yamlin current directory - If configuration file doesn't exist, program will show error message and exit
- If not specified, defaults to
# Usage examples
./sshai -c config.yaml # Use config file in current directory
./sshai -c /etc/sshai/config.yaml # Use config file with absolute path
./sshai # Default to config.yaml
4. Connect and Use
# Interactive mode
ssh user@localhost -p 2213
# Direct command execution
ssh user@localhost -p 2213 "Hello, please introduce yourself"
# Pipe input analysis
cat file.txt | ssh user@localhost -p 2213
echo "Analyze this code" | ssh user@localhost -p 2213
📁 Project Structure
sshai/
├── README.md # Chinese documentation
├── README_EN.md # English documentation
├── LICENSE # Open source license
├── config.yaml # Main configuration file
├── config-en.yaml # English configuration file
├── go.mod # Go module dependencies
├── Makefile # Build script
├── cmd/ # Program entry
│ └── main.go # Main program file
├── pkg/ # Core modules
│ ├── config/ # Configuration management
│ ├── models/ # Data models
│ ├── ai/ # AI assistant functionality
│ ├── ssh/ # SSH server
│ └── utils/ # Utility functions
├── docs/ # Project documentation
├── scripts/ # Test and run scripts
└── keys/ # SSH key files
🔧 Configuration Guide
API Configuration
Support for multiple API endpoint configurations:
api:
base_url: "https://api.deepseek.com/v1"
api_key: "your-deepseek-key"
default_model: "deepseek-v3"
timeout: 600
# Multiple API configuration
api_endpoints:
- name: "deepseek"
base_url: "https://api.deepseek.com/v1"
api_key: "your-key"
default_model: "deepseek-v3"
- name: "local"
base_url: "http://localhost:11434/v1"
api_key: "ollama"
default_model: "gemma2:27b"
Authentication Configuration
Password Authentication
auth:
password: "your-secure-password" # Set access password
login_prompt: "Please enter password: "
SSH Public Key Passwordless Login
auth:
password: "your-secure-password" # Password must be set to enable SSH public key authentication
login_prompt: "Please enter password: "
# Method 1: Configure public key list directly
authorized_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... user@hostname"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... user2@hostname"
# Method 2: Read public keys from file
authorized_keys_file: "~/.ssh/authorized_keys"
SSH Public Key Usage:
# Generate SSH key pair
ssh-keygen -t ed25519 -f ~/.ssh/sshai_key
# Connect using private key (passwordless login)
ssh -i ~/.ssh/sshai_key -p 2213 user@localhost
# View public key content (for configuration)
cat ~/.ssh/sshai_key.pub
Note:
- SSH public key authentication is only enabled when a password is set, providing additional security
- Supports multiple public keys simultaneously, compatible with RSA, Ed25519, ECDSA, and other key types
- After successful login, the program will automatically display built-in welcome information, no need to configure in the config file
Prompt Configuration
prompt:
system_prompt: "You are a professional AI assistant..."
stdin_prompt: "Please analyze the following content:"
exec_prompt: "Please answer the following question:"
MCP Tool Configuration
SSHAI supports Model Context Protocol (MCP) for integrating various external tools and services:
mcp:
enabled: true
refresh_interval: 300 # Tool list refresh interval (seconds)
servers:
# Recommended using uvx (more stable, faster startup)
- name: "time"
transport: "stdio"
command: ["uvx", "mcp-server-time"]
enabled: true
- name: "fetch"
transport: "stdio"
command: ["uvx", "mcp-server-fetch"]
enabled: true
- name: "filesystem"
transport: "stdio"
command: ["uvx", "mcp-server-filesystem", "/tmp"]
enabled: true
# npx services (may require longer startup time)
- name: "bing"
transport: "stdio"
command: ["npx", "bing-cn-mcp"]
enabled: true
MCP Tool Features:
- 🔧 Automatic Tool Discovery - Automatically detect and load tools provided by MCP servers
- 🔄 Smart Retry Mechanism - Connection optimization for package managers like npx
- ⏱️ Timeout Protection - Prevent tool calls from hanging, with connection timeout and retry support
- 🎯 Selective Output - Hide tool call processes in pipeline and command modes, showing only results
- 📊 Real-time Status Monitoring - Display tool connection status and execution progress
Supported Package Managers:
uvx- Python package manager (recommended, more stable)npx- Node.js package manager (supported but may be slower)- Direct commands - Pre-installed MCP servers
If you encounter npx server connection issues, please refer to the MCP NPX Troubleshooting Guide.
🧪 Testing
The project includes comprehensive test scripts:
# Basic functionality test
./scripts/test.sh
# SSH execution functionality test
./scripts/test_ssh_exec_final.sh
# Standard input functionality test
./scripts/test_stdin_feature.sh
# Authentication functionality test
./scripts/test_auth.sh
# DeepSeek R1 thinking mode test
./scripts/test_deepseek_r1.sh
# SSH Keys passwordless login functionality test
./scripts/test_ssh_keys.sh
📚 Documentation
- Configuration Guide - Detailed configuration instructions
- Usage Guide - Feature introduction and usage methods
- Architecture Documentation - Modular architecture design
- Authentication Configuration - SSH authentication configuration examples
- SSH Keys Guide - SSH public key passwordless login configuration guide
- MCP Usage Guide - Model Context Protocol tool integration guide
- MCP NPX Troubleshooting - NPX MCP server connection issue solutions
🤝 Contributing
Issues and Pull Requests are welcome!
- Fork the project
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
📄 License
This project is licensed under the Apache License 2.0. See the LICENSE file for details.
🙏 Acknowledgments
Thanks to all developers and users who have contributed to this project!
Note: This project follows the Apache 2.0 open source license, welcoming both personal and commercial use.