Ssh Batch Manager

Batch SSH key management. Distribute/remove SSH keys to/from multiple servers with intelligent connectivity pre-check and source tracking.

Before installing or enabling this skill, review and harden these points: 1) Confirmation enforcement: Inspect the main entry (ssh-batch-manager.py) to confirm it enforces an explicit interactive confirmation step for enable operations even when invoked programmatically (e.g., via openclaw-integration.py). If confirmation is skipped for non-interactive runs, do not install. 2) Web UI exposure: serve-ui.py binds to all interfaces by default (socketserver.TCPServer(('', PORT))). Change it to bind to 127.0.0.1 or add firewall rules so the UI is not accessible from the network unless you explicitly intend that. 3) Systemd auto-start: post-install.sh creates and enables a systemd unit under /etc/systemd/system. Run this script manually and review the generated unit before using sudo to install it. If you prefer, do not enable auto-start and run the UI manually in a controlled environment. 4) Programmatic triggers: If you use an agent or automation that can call openclaw-integration.py or other scripts, restrict or remove that entry point unless you have strong safeguards ensuring human approval is required. 5) Secrets storage and key management: Verify how the Fernet key (ssh-batch.key) is generated, stored, and backed-up. Treat that key as sensitive — if an attacker obtains it plus the config file, encrypted passwords can be decrypted. Consider using a secure key store rather than a plain file. 6) Network and privilege audit: Confirm the service runs as an unprivileged user and that systemd unit security settings are appropriate. The unit sets NoNewPrivileges and PrivateTmp, but it does not restrict network access or capabilities; consider adding additional systemd sandboxing (e.g., ProtectSystem, RestrictAddressFamilies) if needed. 7) Test in isolation: Try the tool in an isolated test environment (no production servers, localhost-only UI) to confirm behavior and confirmation enforcement before deploying on machines that manage real servers. If you want, I can: (a) point to the exact lines in the main script where confirmation and network binding occur, (b) suggest minimal code edits to bind the UI to localhost and to enforce confirmation in non-interactive runs, or (c) provide a checklist to run the post-install script safely.

Type: OpenClaw Skill Name: ssh-batch-manager Version: 2.1.9 The 'ssh-batch-manager' skill is classified as suspicious due to multiple critical shell injection vulnerabilities. The `ssh-batch-manager.py` script contains a potential remote shell injection vulnerability in the `copy_key_with_password_secure` function, where a crafted public key content could lead to arbitrary command execution on target SSH servers. Additionally, the Web UI (`ssh-manager.html`) is vulnerable to local shell injection in its `addServer` and `encryptPassword` functions, allowing user-supplied input to execute arbitrary commands on the local OpenClaw agent machine via `window.openclawExec`. The use of `sshpass` and `StrictHostKeyChecking=no` further introduces security weaknesses. While the skill includes positive security features like AES-256 encryption and explicit agent instructions for user confirmation, these implementation flaws create significant attack surfaces.