← 返回 Skills 市场
88
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install catfee-ssh
功能描述
SSH远程服务器密码连接技能。当用户提供服务器IP、用户名、密码需要SSH连接时激活。支持执行命令、查看配置、诊断问题、文件操作等运维操作。
使用说明 (SKILL.md)
Catfee SSH Skill
通过密码认证SSH连接远程服务器,执行运维操作。
前置要求
已安装 Posh-SSH 模块(首次使用时自动安装)。
连接模板
# 安装模块(如果未安装)
if (!(Get-Module -ListAvailable Posh-SSH)) {
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Scope CurrentUser
Install-Module -Name Posh-SSH -Force -Scope CurrentUser -AllowClobber
}
Import-Module Posh-SSH
# 创建凭证并连接(用户提供:IP、用户名、密码)
$cred = New-Object System.Management.Automation.PSCredential("$username", (ConvertTo-SecureString "$password" -AsPlainText -Force))
$session = New-SSHSession -ComputerName "$ip" -Credential $cred -AcceptKey
# 执行命令
Invoke-SSHCommand -SessionId $session.SessionId -Command "command"
# 关闭连接
Remove-SSHSession -SessionId $session.SessionId
常用操作
查看系统信息
Invoke-SSHCommand -SessionId $session.SessionId -Command "hostname && uname -a && cat /etc/os-release"
查看服务状态
Invoke-SSHCommand -SessionId $session.SessionId -Command "systemctl status nginx"
Invoke-SSHCommand -SessionId $session.SessionId -Command "systemctl status docker"
查看文件
Invoke-SSHCommand -SessionId $session.SessionId -Command "cat /path/to/file"
Invoke-SSHCommand -SessionId $session.SessionId -Command "ls -la /path/to/dir"
查看日志
Invoke-SSHCommand -SessionId $session.SessionId -Command "tail -100 /var/log/nginx/error.log"
Invoke-SSHCommand -SessionId $session.SessionId -Command "journalctl -u nginx -n 100"
Nginx 诊断
Invoke-SSHCommand -SessionId $session.SessionId -Command "nginx -t 2>&1"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cat /etc/nginx/nginx.conf"
Invoke-SSHCommand -SessionId $session.SessionId -Command "ls -la /etc/nginx/conf.d/"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cat /etc/nginx/conf.d/*.conf"
Docker 操作
Invoke-SSHCommand -SessionId $session.SessionId -Command "docker ps -a"
Invoke-SSHCommand -SessionId $session.SessionId -Command "docker logs container_name --tail 100"
Invoke-SSHCommand -SessionId $session.SessionId -Command "docker-compose ps"
进程和端口
Invoke-SSHCommand -SessionId $session.SessionId -Command "ps aux | grep nginx"
Invoke-SSHCommand -SessionId $session.SessionId -Command "netstat -tlnp"
Invoke-SSHCommand -SessionId $session.SessionId -Command "ss -tlnp"
输出格式化
获取完整命令输出:
Invoke-SSHCommand -SessionId $session.SessionId -Command "command" | Select-Object -ExpandProperty Output | Out-String -Width 4000
会话保持
连续执行多个命令时保持同一个 session:
$session = New-SSHSession -ComputerName "$ip" -Credential $cred -AcceptKey
Invoke-SSHCommand -SessionId $session.SessionId -Command "cmd1"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cmd2"
Invoke-SSHCommand -SessionId $session.SessionId -Command "cmd3"
Remove-SSHSession -SessionId $session.SessionId
执行修改操作
执行需要sudo权限的操作:
Invoke-SSHCommand -SessionId $session.SessionId -Command "sudo nginx -s reload"
Invoke-SSHCommand -SessionId $session.SessionId -Command "sudo systemctl restart docker"
安全注意
- 每次使用用户提供的具体凭证,不存储凭证
- 完成操作后关闭SSH会话
- 不在日志或输出中暴露敏感信息
安全使用建议
This skill does what it says (password-based SSH via PowerShell), but it has a few risky behaviors: it auto-installs a PowerShell module from the Internet and uses '-AcceptKey' which bypasses host key verification (raises MITM risk). If you plan to use it: (1) prefer ephemeral or limited-privilege accounts (avoid using root/passwords), (2) avoid using it with sensitive production credentials, (3) verify or manually install the Posh-SSH module from a trusted source before allowing the skill to auto-install, (4) avoid auto-accepting host keys — verify host keys out-of-band, and (5) inspect/confirm any commands the agent will run before execution to prevent accidental data exposure or destructive operations.
功能分析
Type: OpenClaw Skill
Name: catfee-ssh
Version: 1.0.0
The skill facilitates remote SSH access using the Posh-SSH PowerShell module but employs several high-risk security practices. Specifically, SKILL.md includes instructions to automatically install external modules from the internet and uses the `-AcceptKey` parameter, which bypasses SSH host key verification and exposes the connection to Man-in-the-Middle (MitM) attacks. Furthermore, the requirement for the agent to handle plaintext credentials within its execution context increases the risk of sensitive data exposure in logs or session history.
能力评估
Purpose & Capability
Name/description describe password-based SSH operations and the SKILL.md provides PowerShell/Posh-SSH commands to do exactly that. No unrelated services, env vars, or binaries are requested — capability and purpose are coherent.
Instruction Scope
Instructions are narrowly scoped to connecting and running commands over SSH, but they instruct automatic installation of Posh-SSH and use New-SSHSession -AcceptKey which auto-accepts host keys (bypasses host-key verification). The skill also uses ConvertTo-SecureString -AsPlainText (necessary for creating PSCredential from a provided plaintext password) and gives only advisory notes about not storing credentials — there is no enforcement or safe-handling mechanism described. These choices increase risk (MITM and credential exposure) even though they are functionally consistent.
Install Mechanism
The skill is instruction-only (no install spec), but the runtime instructions perform Install-PackageProvider/Install-Module from the PowerShell gallery. Installing modules from PSGallery is a common, expected method but it downloads and executes code from the network into the user's account. Automatic installation without user confirmation increases exposure.
Credentials
No environment variables or unrelated credentials are requested, which is appropriate. However, the skill requires the user to provide sensitive plaintext credentials (username/password) at runtime — this is proportional to the stated purpose but high-sensitivity. The SKILL.md asserts 'do not store credentials' but provides no technical guardrails against logging or accidental persistence.
Persistence & Privilege
Skill does not request persistent privileges, always:true is not set, and it does not attempt to modify other skills or system-wide configuration. Its requested persistence level is appropriate for the task.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install catfee-ssh - 安装完成后,直接呼叫该 Skill 的名称或使用
/catfee-ssh触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
catfee-ssh version 1.0.0
- Initial release providing SSH remote server connection via username and password.
- Supports command execution, configuration inspection, diagnostics, and file operations for server management.
- Uses PowerShell with automatic installation of Posh-SSH module if not present.
- Includes templates for managing services (Nginx, Docker), viewing logs, files, processes, and ports.
- Ensures session security: credentials are not stored, sessions close after use, and sensitive information is not exposed.
元数据
常见问题
Catfee Ssh 是什么?
SSH远程服务器密码连接技能。当用户提供服务器IP、用户名、密码需要SSH连接时激活。支持执行命令、查看配置、诊断问题、文件操作等运维操作。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 88 次。
如何安装 Catfee Ssh?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install catfee-ssh」即可一键安装,无需额外配置。
Catfee Ssh 是免费的吗?
是的,Catfee Ssh 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Catfee Ssh 支持哪些平台?
Catfee Ssh 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Catfee Ssh?
由 冢猫(@glory904649854)开发并维护,当前版本 v1.0.0。
推荐 Skills