ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified

remote-terminal

Remote Linux terminal control skill. Use when the user wants to (1) connect to a remote Linux server and execute commands, (2) perform SSH operations on remote hosts, (3) manage multiple remote servers, (4) run shell commands on remote machines. Triggers on phrases like "connect to server", "SSH to", "run on remote", "execute on production", "login to my server", "在服务器上执行", "远程连接", "SSH到".

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/ckaorceu/remote-terminal
Or

Remote Terminal

Execute commands on remote Linux servers through SSH, Telnet, or web terminals. Supports password authentication, SSH keys, and SSH config aliases.

Quick Start

Basic SSH Connection

ssh user@hostname "command"

Using SSH Config Aliases

If the user has ~/.ssh/config configured:

ssh <alias> "command"

With Password (using sshpass)

sshpass -p 'password' ssh user@hostname "command"

Connection Methods

1. SSH (Recommended)

Key-based authentication (most secure):

ssh -i ~/.ssh/id_rsa user@hostname "command"

Using SSH config aliases:

# Example ~/.ssh/config
Host production
    HostName 192.168.1.100
    User admin
    Port 22
    IdentityFile ~/.ssh/id_rsa

# Usage
ssh production "docker ps"

Password authentication:

sshpass -p 'password' ssh -o StrictHostKeyChecking=no user@hostname "command"

2. Telnet

# Using expect for interactive telnet
expect -c '
spawn telnet hostname
expect "login:"
send "username\r"
expect "Password:"
send "password\r"
expect "$ "
send "command\r"
expect "$ "
send "exit\r"
'

3. Web Terminal (ttyd, wetty)

For web-based terminals, use curl or HTTP requests to the terminal's API:

# Example: ttyd WebSocket connection (requires wscat or similar)
wscat -c ws://hostname:7681/ws

Security Features

Command Confirmation

Before executing dangerous commands, ask the user to confirm:

Dangerous command patterns:

  • rm -rf, rm -r, del, erase
  • shutdown, reboot, poweroff, halt
  • mkfs, fdisk, parted, dd
  • chmod 777, chown -R
  • > /dev/, truncate
  • kill -9, pkill, killall
  • iptables, ufw, firewall-cmd
  • DROP DATABASE, DELETE FROM, TRUNCATE

Confirmation format:

⚠️ Dangerous command detected: rm -rf /var/log/* This will permanently delete files. Proceed? (yes/no)

Command Blacklist

These commands are blocked by default and require explicit user override:

  • rm -rf / (entire filesystem)
  • mkfs on mounted drives
  • dd to primary disk
  • Any command piping to /dev/sda or similar

Operation Logging

All remote commands are logged with timestamp, target host, and command:

[2026-03-21 15:30:45] [production] docker ps
[2026-03-21 15:31:02] [staging] systemctl restart nginx

Log location: ~/.qclaw/logs/remote-terminal.log

Workflow

Step 1: Identify Target Host

Parse the user's request to identify:

  • Hostname, IP address, or SSH alias
  • Username (if specified, otherwise use default or prompt)
  • Connection method (SSH by default)

Example prompts:

  • "Connect to production and run docker ps" → alias: production
  • "SSH to 192.168.1.50, check disk space" → host: 192.168.1.50
  • "On my server, restart nginx" → need to ask which server

Step 2: Build Connection Command

Read Full Documentation on GitHub

Metadata

Author@ckaorceu
Stars3562
Views0
Updated2026-03-29
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-ckaorceu-remote-terminal": {
      "enabled": true,
      "auto_update": true
    }
  }
}
Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.