← Back to Skills Marketplace
88
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install catfee-ssh
Description
SSH远程服务器密码连接技能。当用户提供服务器IP、用户名、密码需要SSH连接时激活。支持执行命令、查看配置、诊断问题、文件操作等运维操作。
README (SKILL.md)
Catfee SSH Skill
通过密码认证SSH连接远程服务器,执行运维操作。
前置要求
已安装 Posh-SSH 模块(首次使用时自动安装)。
连接模板
# 安装模块(如果未安装)
if (!(Get-Module -ListAvailable Posh-SSH)) {
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Scope CurrentUser
Install-Module -Name Posh-SSH -Force -Scope CurrentUser -AllowClobber
}
Import-Module Posh-SSH
# 创建凭证并连接(用户提供:IP、用户名、密码)
$cred = New-Object System.Management.Automation.PSCredential("$username", (ConvertTo-SecureString "$password" -AsPlainText -Force))
$session = New-SSHSession -ComputerName "$ip" -Credential $cred -AcceptKey
# 执行命令
Invoke-SSHCommand -SessionId $session.SessionId -Command "command"
# 关闭连接
Remove-SSHSession -SessionId $session.SessionId
常用操作
查看系统信息
Invoke-SSHCommand -SessionId $session.SessionId -Command "hostname && uname -a && cat /etc/os-release"
查看服务状态
Invoke-SSHCommand -SessionId $session.SessionId -Command "systemctl status nginx"
Invoke-SSHCommand -SessionId $session.SessionId -Command "systemctl status docker"
查看文件
Invoke-SSHCommand -SessionId $session.SessionId -Command "cat /path/to/file"
Invoke-SSHCommand -SessionId $session.SessionId -Command "ls -la /path/to/dir"
查看日志
Invoke-SSHCommand -SessionId $session.SessionId -Command "tail -100 /var/log/nginx/error.log"
Invoke-SSHCommand -SessionId $session.SessionId -Command "journalctl -u nginx -n 100"
Nginx 诊断
Invoke-SSHCommand -SessionId $session.SessionId -Command "nginx -t 2>&1"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cat /etc/nginx/nginx.conf"
Invoke-SSHCommand -SessionId $session.SessionId -Command "ls -la /etc/nginx/conf.d/"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cat /etc/nginx/conf.d/*.conf"
Docker 操作
Invoke-SSHCommand -SessionId $session.SessionId -Command "docker ps -a"
Invoke-SSHCommand -SessionId $session.SessionId -Command "docker logs container_name --tail 100"
Invoke-SSHCommand -SessionId $session.SessionId -Command "docker-compose ps"
进程和端口
Invoke-SSHCommand -SessionId $session.SessionId -Command "ps aux | grep nginx"
Invoke-SSHCommand -SessionId $session.SessionId -Command "netstat -tlnp"
Invoke-SSHCommand -SessionId $session.SessionId -Command "ss -tlnp"
输出格式化
获取完整命令输出:
Invoke-SSHCommand -SessionId $session.SessionId -Command "command" | Select-Object -ExpandProperty Output | Out-String -Width 4000
会话保持
连续执行多个命令时保持同一个 session:
$session = New-SSHSession -ComputerName "$ip" -Credential $cred -AcceptKey
Invoke-SSHCommand -SessionId $session.SessionId -Command "cmd1"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cmd2"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cmd3"
Remove-SSHSession -SessionId $session.SessionId
执行修改操作
执行需要sudo权限的操作:
Invoke-SSHCommand -SessionId $session.SessionId -Command "sudo nginx -s reload"
Invoke-SSHCommand -SessionId $session.SessionId -Command "sudo systemctl restart docker"
安全注意
- 每次使用用户提供的具体凭证,不存储凭证
- 完成操作后关闭SSH会话
- 不在日志或输出中暴露敏感信息
Usage Guidance
This skill does what it says (password-based SSH via PowerShell), but it has a few risky behaviors: it auto-installs a PowerShell module from the Internet and uses '-AcceptKey' which bypasses host key verification (raises MITM risk). If you plan to use it: (1) prefer ephemeral or limited-privilege accounts (avoid using root/passwords), (2) avoid using it with sensitive production credentials, (3) verify or manually install the Posh-SSH module from a trusted source before allowing the skill to auto-install, (4) avoid auto-accepting host keys — verify host keys out-of-band, and (5) inspect/confirm any commands the agent will run before execution to prevent accidental data exposure or destructive operations.
Capability Analysis
Type: OpenClaw Skill
Name: catfee-ssh
Version: 1.0.0
The skill facilitates remote SSH access using the Posh-SSH PowerShell module but employs several high-risk security practices. Specifically, SKILL.md includes instructions to automatically install external modules from the internet and uses the `-AcceptKey` parameter, which bypasses SSH host key verification and exposes the connection to Man-in-the-Middle (MitM) attacks. Furthermore, the requirement for the agent to handle plaintext credentials within its execution context increases the risk of sensitive data exposure in logs or session history.
Capability Assessment
Purpose & Capability
Name/description describe password-based SSH operations and the SKILL.md provides PowerShell/Posh-SSH commands to do exactly that. No unrelated services, env vars, or binaries are requested — capability and purpose are coherent.
Instruction Scope
Instructions are narrowly scoped to connecting and running commands over SSH, but they instruct automatic installation of Posh-SSH and use New-SSHSession -AcceptKey which auto-accepts host keys (bypasses host-key verification). The skill also uses ConvertTo-SecureString -AsPlainText (necessary for creating PSCredential from a provided plaintext password) and gives only advisory notes about not storing credentials — there is no enforcement or safe-handling mechanism described. These choices increase risk (MITM and credential exposure) even though they are functionally consistent.
Install Mechanism
The skill is instruction-only (no install spec), but the runtime instructions perform Install-PackageProvider/Install-Module from the PowerShell gallery. Installing modules from PSGallery is a common, expected method but it downloads and executes code from the network into the user's account. Automatic installation without user confirmation increases exposure.
Credentials
No environment variables or unrelated credentials are requested, which is appropriate. However, the skill requires the user to provide sensitive plaintext credentials (username/password) at runtime — this is proportional to the stated purpose but high-sensitivity. The SKILL.md asserts 'do not store credentials' but provides no technical guardrails against logging or accidental persistence.
Persistence & Privilege
Skill does not request persistent privileges, always:true is not set, and it does not attempt to modify other skills or system-wide configuration. Its requested persistence level is appropriate for the task.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install catfee-ssh - After installation, invoke the skill by name or use
/catfee-ssh - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
catfee-ssh version 1.0.0
- Initial release providing SSH remote server connection via username and password.
- Supports command execution, configuration inspection, diagnostics, and file operations for server management.
- Uses PowerShell with automatic installation of Posh-SSH module if not present.
- Includes templates for managing services (Nginx, Docker), viewing logs, files, processes, and ports.
- Ensures session security: credentials are not stored, sessions close after use, and sensitive information is not exposed.
Metadata
Frequently Asked Questions
What is Catfee Ssh?
SSH远程服务器密码连接技能。当用户提供服务器IP、用户名、密码需要SSH连接时激活。支持执行命令、查看配置、诊断问题、文件操作等运维操作。 It is an AI Agent Skill for Claude Code / OpenClaw, with 88 downloads so far.
How do I install Catfee Ssh?
Run "/install catfee-ssh" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Catfee Ssh free?
Yes, Catfee Ssh is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Catfee Ssh support?
Catfee Ssh is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Catfee Ssh?
It is built and maintained by 冢猫 (@glory904649854); the current version is v1.0.0.
More Skills