ssh-mcp-pro

MCPReference

by oaslananka

Indexed by Glama. No runnable package is published via Glama's API — open the repository for install instructions.

mcphybrid

MCP configuration

stdio

Environment

  • PORT

    Compatibility alias for SSH_MCP_HTTP_PORT.

  • SSH_MCP_DEBUG

    Enables debug-oriented configuration behavior.

  • KNOWN_HOSTS_PATH

    Compatibility alias for SSH_MCP_KNOWN_HOSTS_PATH.

  • SSH_MCP_HTTP_HOST

    Streamable HTTP bind host.

  • SSH_MCP_HTTP_PORT

    Streamable HTTP bind port.

  • SSH_MCP_RATE_LIMIT

    Enables the global MCP request rate limiter.

  • SSH_MCP_POLICY_FILE

    JSON file containing partial policy overrides.

  • SSH_MCP_POLICY_MODE

    Policy decision mode: enforce or explain.

  • SSH_MCP_SESSION_TTL

    Session time-to-live in milliseconds.

  • SSH_MCP_COMMAND_DENY

    Command deny patterns.

  • SSH_MCP_MAX_SESSIONS

    Maximum concurrent SSH sessions.

  • SSH_MCP_OAUTH_ISSUER

    Expected OAuth issuer.

  • SSH_MCP_TOOL_PROFILE

    Active tool exposure profile.

  • SSH_MCP_ALLOWED_HOSTS

    Host allowlist for policy and remote connector safety checks.

  • SSH_MCP_COMMAND_ALLOW

    Command allow patterns.

  • SSH_MCP_MAX_FILE_SIZE

    Maximum bytes returned by text-focused file reads.

  • SSH_MCP_ALLOW_RAW_SUDO

    Allows raw proc_sudo; prefer ensure_* tools.

  • SSH_MCP_HTTP_AUTH_MODE

    HTTP auth mode: bearer or oauth.

  • SSH_MCP_OAUTH_AUDIENCE

    Expected OAuth audience.

  • SSH_MCP_OAUTH_JWKS_URL

    OAuth JWKS URL.

  • SSH_MCP_OAUTH_RESOURCE

    OAuth protected resource identifier.

  • SSH_MCP_RATE_LIMIT_MAX

    Maximum requests per rate-limit window.

  • SSH_MCP_ALLOWED_CIPHERS

    Optional SSH cipher allowlist.

  • SSH_MCP_COMMAND_TIMEOUT

    Default remote command timeout in milliseconds.

  • SSH_MCP_HOST_KEY_POLICYsecret

    Host-key mode: strict, accept-new, or insecure.

  • SSH_MCP_HTTP_PUBLIC_URL

    Stable public HTTPS MCP URL for protected resource metadata.

  • SSH_MCP_STRICT_HOST_KEYsecret

    Legacy boolean alias for strict vs insecure host-key checking.

  • SSH_MCP_ALLOW_ROOT_LOGIN

    Allows SSH login as root and mirrors into policy.

  • SSH_MCP_HTTP_TRUST_PROXY

    Trust reverse proxy forwarded headers.

  • SSH_MCP_KNOWN_HOSTS_PATH

    Known hosts file used for strict host-key verification.

  • STRICT_HOST_KEY_CHECKINGsecret

    Compatibility alias for SSH_MCP_HOST_KEY_POLICY.

  • SSH_MCP_CONNECTOR_PROFILE

    Alias for SSH_MCP_TOOL_PROFILE.

  • SSH_MCP_ENABLE_LEGACY_SSE

    Enables legacy SSE compatibility.

  • SSH_MCP_HTTP_MAX_SESSIONS

    Maximum active Streamable HTTP MCP sessions.

  • SSH_MCP_MAX_STREAM_CHUNKS

    Maximum retained streaming chunks.

  • SSH_MCP_TUNNEL_DENY_PORTS

    Optional tunnel port denylist.

  • SSH_MCP_MAX_TRANSFER_BYTES

    Maximum upload or download transfer size.

  • SSH_MCP_PATH_DENY_PREFIXES

    Remote path prefixes denied by filesystem policy.

  • SSH_MCP_TUNNEL_ALLOW_PORTS

    Optional tunnel port allowlist.

  • SSH_MCP_PATH_ALLOW_PREFIXES

    Remote path prefixes allowed by filesystem policy.

  • SSH_MCP_ALLOW_DESTRUCTIVE_FS

    Allows destructive filesystem operations such as fs_rmrf.

  • SSH_MCP_HTTP_ALLOWED_ORIGINS

    Browser origins allowed for HTTP clients.

  • SSH_MCP_MAX_FILE_WRITE_BYTES

    Maximum accepted write payload before buffering.

  • SSH_MCP_RATE_LIMIT_WINDOW_MS

    Rate-limit window in milliseconds.

  • SSH_MCP_OAUTH_REQUIRED_SCOPES

    Required OAuth scopes.

  • SSH_MCP_HTTP_BEARER_TOKEN_FILEsecret

    Bearer token file for HTTP transport. Required for non-loopback bearer deployments.

  • SSH_MCP_RATE_LIMIT_PER_SESSION

    Enables per-session MCP request rate limiting when tool arguments include sessionId.

  • SSH_MCP_TUNNEL_DENY_BIND_HOSTS

    Local bind hosts denied for tunnels.

  • SSH_MCP_TUNNEL_ALLOW_BIND_HOSTS

    Local bind hosts allowed for tunnels.

  • SSH_MCP_HTTP_SESSION_IDLE_TTL_MS

    HTTP MCP session idle timeout in milliseconds.

  • SSH_MCP_LOCAL_PATH_DENY_PREFIXES

    Local paths denied for transfer operations.

  • SSH_MCP_MAX_COMMAND_OUTPUT_BYTES

    Maximum buffered stdout/stderr bytes per command result.

  • SSH_MCP_OAUTH_ALLOWED_ALGORITHMS

    Optional comma-separated JWT algorithm allowlist.

  • SSH_MCP_TUNNEL_DENY_REMOTE_HOSTS

    Optional remote tunnel target host denylist.

  • SSH_MCP_LOCAL_PATH_ALLOW_PREFIXES

    Local paths allowed for transfer operations.

  • SSH_MCP_TUNNEL_ALLOW_REMOTE_HOSTS

    Optional remote tunnel target host allowlist.

  • SSH_MCP_ALLOW_DESTRUCTIVE_COMMANDS

    Allows commands matching destructive command policy.

  • SSH_MCP_CONNECTOR_DEFAULT_USERNAME

    Default username for connector broker flows.

  • SSH_MCP_RATE_LIMIT_PER_SESSION_MAX

    Maximum requests per SSH session per rate-limit window.

  • SSH_MCP_HTTP_MAX_REQUEST_BODY_BYTES

    Maximum HTTP request body size.

  • SSH_MCP_CONNECTOR_CREDENTIAL_COMMANDsecret

    External credential command when provider is command.

  • SSH_MCP_REMOTE_AGENT_MCP_PASSTHROUGH

    When enabled with 1, true, yes, or on, lets /mcp requests bypass the remote control plane.

  • SSH_MCP_CONNECTOR_CREDENTIAL_PROVIDERsecret

    Credential provider: none, agent, or command.

  • SSH_MCP_RATE_LIMIT_PER_SESSION_WINDOW_MS

    Per-session rate-limit window in milliseconds.

  • SSH_MCP_CONNECTOR_CREDENTIAL_COMMAND_ARGSsecret

    Arguments passed to the external credential command.

  • SSH_MCP_CONNECTOR_CREDENTIAL_COMMAND_TIMEOUT_MSsecret

    Credential command timeout in milliseconds.

Install in one click with Zurek

Browse here, install from the native macOS app — pick targets, fill env vars, and write configs safely.