Ssh Batch Manager
v2.1.9Batch SSH key management. Distribute/remove SSH keys to/from multiple servers with intelligent connectivity pre-check and source tracking.
⭐ 1· 475·3 current·3 all-time
byTK@stj001
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name, description, and required binaries (ssh, ssh-copy-id, sshpass) and the cryptography dependency align with a tool that distributes SSH keys and stores encrypted passwords. Included scripts (add-server.py, delete-server.py, enable/disable commands) are consistent with the stated features.
Instruction Scope
SKILL.md and the code instruct the agent to manage ~/.openclaw/credentials/ssh-batch.json and to auto-start a Web UI. The package includes an openclaw-integration.py that runs enable/disable commands programmatically; this creates a plausible path for non-interactive invocation. The serve-ui.py uses socketserver.TCPServer(('', PORT)) which binds to all network interfaces (0.0.0.0) by default, exposing the UI beyond localhost. The documentation's 'MUST obtain explicit user confirmation' safety rule is good, but the codebase contains programmatic entry points (openclaw-integration.py, systemd service) that could be triggered without that confirmation if not enforced in the main CLI logic.
Install Mechanism
There is no registry install spec, but SKILL.md lists pip/apt/script actions (pip install cryptography, apt install sshpass, run post-install.sh). All artifacts are bundled in the skill (no remote downloads). post-install.sh writes a systemd unit under /etc/systemd/system and uses sudo, which is expected for auto-start but is a privileged action that will modify system services.
Credentials
The skill does not request unrelated cloud credentials or external API keys. It legitimately needs access to local SSH keys, the user's ~/.openclaw credentials directory, and to store an encryption key (ssh-batch.key). Those privileges are proportionate to its functionality, but they are sensitive and should be audited.
Persistence & Privilege
post-install.sh configures and enables a systemd service that auto-starts the Web UI. Auto-starting a UI/service that can manage SSH access increases persistence/privilege. Combined with the service binding to all interfaces and the openclaw-integration programmatic control, this raises the risk that operations could be triggered without the explicit interactive confirmation emphasized in SKILL.md.
What to consider before installing
Before installing or enabling this skill, review and harden these points:
1) Confirmation enforcement: Inspect the main entry (ssh-batch-manager.py) to confirm it enforces an explicit interactive confirmation step for enable operations even when invoked programmatically (e.g., via openclaw-integration.py). If confirmation is skipped for non-interactive runs, do not install.
2) Web UI exposure: serve-ui.py binds to all interfaces by default (socketserver.TCPServer(('', PORT))). Change it to bind to 127.0.0.1 or add firewall rules so the UI is not accessible from the network unless you explicitly intend that.
3) Systemd auto-start: post-install.sh creates and enables a systemd unit under /etc/systemd/system. Run this script manually and review the generated unit before using sudo to install it. If you prefer, do not enable auto-start and run the UI manually in a controlled environment.
4) Programmatic triggers: If you use an agent or automation that can call openclaw-integration.py or other scripts, restrict or remove that entry point unless you have strong safeguards ensuring human approval is required.
5) Secrets storage and key management: Verify how the Fernet key (ssh-batch.key) is generated, stored, and backed-up. Treat that key as sensitive — if an attacker obtains it plus the config file, encrypted passwords can be decrypted. Consider using a secure key store rather than a plain file.
6) Network and privilege audit: Confirm the service runs as an unprivileged user and that systemd unit security settings are appropriate. The unit sets NoNewPrivileges and PrivateTmp, but it does not restrict network access or capabilities; consider adding additional systemd sandboxing (e.g., ProtectSystem, RestrictAddressFamilies) if needed.
7) Test in isolation: Try the tool in an isolated test environment (no production servers, localhost-only UI) to confirm behavior and confirmation enforcement before deploying on machines that manage real servers.
If you want, I can: (a) point to the exact lines in the main script where confirmation and network binding occur, (b) suggest minimal code edits to bind the UI to localhost and to enforce confirmation in non-interactive runs, or (c) provide a checklist to run the post-install script safely.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
🔑 Clawdis
Binsssh, ssh-copy-id, sshpass
all-files-verifiedauditedauto-startautomationbatchbatch-operationsencryptedenglish-onlylatestno-shell-injectionpython-jsonsecuresecurityshlex-quotesshweb-ui
SSH Batch Manager
⚠️ CRITICAL SAFETY RULE
EN: Before executing ANY enable operation (enable-all, enable-single, etc.), the agent MUST obtain explicit user confirmation via message. NEVER execute enable operations without explicit user approval.
Reason: Enable operations modify SSH access on remote servers. Unauthorized execution could cause security issues or service disruptions.
Confirmation examples:
- ✅ "enable ssh all" - Explicit command
- ✅ "yes, execute enable-all" - Explicit confirmation
- ❌ Silent execution - PROHIBITED
- ❌ Inferring user intent - PROHIBITED
Batch management of SSH key-based authentication.
🚀 Installation
Via Clawhub (Auto-Start Enabled)
# Install skill
clawhub install ssh-batch-manager
# Post-install script automatically:
# ✅ Configure systemd service
# ✅ Start Web UI service
# ✅ Enable auto-start on boot
# ✅ No manual configuration needed!
Manual Installation
# Install dependencies
pip install cryptography sshpass
# Generate encryption key
python3 ssh-batch-manager.py generate-key
# Create configuration
python3 ssh-batch-manager.py create-config
# Generate SSH key pair
python3 ssh-batch-manager.py generate-ed25519
# Run post-install script (auto-start Web UI)
cd ~/.openclaw/workspace/skills/ssh-batch-manager
bash post-install.sh
🌐 Web UI
Auto-started on installation!
Access: http://localhost:8765
Features:
- ⚡ Quick operations (Enable All / Disable All)
- 🔑 SSH public key management (Read/Copy/Download)
- 🖥️ Server list management
- 🔐 Encryption tools
- 📝 Real-time operation logs
Manual Start (if needed):
python3 serve-ui.py
Features
- ✅ Intelligent connectivity pre-check - Skip servers that are already accessible (40x faster)
- ✅ Source identifier - Add source info to authorized_keys for audit trail
- ✅ Mandatory safety confirmation - Require explicit user approval before enable operations
- ✅ SQLite + LRU cache - High-performance mapping storage
- ✅ Auto cleanup - Expired entries removed automatically
- ✅ Auto-start Web UI - Web interface starts automatically on installation
Commands
SSH Key Management
| Command | Description |
|---|---|
enable-all | Distribute public key to all configured servers |
disable-all | Remove public key from all servers |
enable <user@host> [port] | Distribute to single server |
disable <user@host> [port] | Remove from single server |
Encryption Tools
| Command | Description |
|---|---|
encrypt <password> | Encrypt a password |
encrypt-file <file> | Encrypt file (output to .enc) |
decrypt-file <file> | Decrypt file |
generate-key | Generate encryption key |
generate-ed25519 | Generate ed25519 SSH key pair |
Configuration
Location: ~/.openclaw/credentials/ssh-batch.json
Format:
{
"version": "2.0",
"auth_method": "password",
"servers": [
{
"user": "root",
"host": "10.8.8.81",
"port": 22,
"auth": "password",
"password": "AES256:encrypted_password_here"
}
]
}
Security Notes
- ✅ Passwords stored with AES-256 encryption
- ✅ Key file permissions: 600
- ✅ Config file permissions: 600
- ✅ Web UI auto-starts with systemd
- ⚠️ Never commit keys to git
- ⚠️ Rotate keys periodically
Performance
| Operation | Latency |
|---|---|
| Hot query (cache) | < 0.1ms |
| Cold query (SQLite) | ~0.5ms |
| Write | < 2ms |
| Max records | 100,000+ |
v2.1 improvements:
- First run: ~8s (8 servers)
- Repeated runs: ~2s (all skipped)
- 40x faster for repeated executions
Source Identifier
When distributing keys, adds source info to authorized_keys:
ssh-ed25519 AAAAC3... ssh-batch-manager from mls at 2026-03-03 17:30:00
Fields:
ssh-batch-manager- Tool identifierfrom mls- Source hostnameat 2026-03-03 17:30:00- Distribution timestamp
Version History
v2.1.0 (2026-03-03)
- CRITICAL: Require explicit user confirmation before enable operations
- Intelligent connectivity pre-check (skip already accessible servers)
- Add source identifier to authorized_keys
- Clean test configurations (production servers only)
- Performance improvement: 40x faster for repeated runs
- Auto-start Web UI service on installation
v2.0 (2026-03-03)
- JSON configuration format
- Support key-based authentication
- Mixed mode support (password + key)
- ed25519 key support (Ubuntu/Alpine compatible)
v1.0 (2026-03-03)
- Initial release
- Enable/Disable all support
- AES-256 encryption
- Batch operations
Repository
Source: https://gitee.com/subline/onepeace/tree/develop/src/skills/ssh-batch-manager
License: MIT
Author: TK
Issues: https://gitee.com/subline/onepeace/issues
Related Skills
sensitive-data-masker- Intelligent sensitive data detection and maskinghealthcheck- Security hardening and audits
Comments
Loading comments...