Now in private beta

Controlled SSH access
for AI agents

Let your AI agents work on real servers — just standard SSH, proxied through ssh.bot with granular permissions, full audit trails, and kill-switch control. Nothing to install.

Get Early Access See it in action
ssh.bot — session #a3f9
// live demo

See what controlled access looks like

Watch an AI agent connect, execute allowed commands, and get blocked when it tries something outside its scope.

ssh.bot — interactive demo
// features

Everything you need to trust
AI with your servers

Designed from the ground up for the era of autonomous AI agents.

🔐

Granular Permissions

Define exactly what commands, directories, and resources each agent can access. Allowlists, denylists, regex patterns — your rules.

agent: "claude-opus"
allow:
  - "git *"
  - "npm run *"
  - "cat /app/**"
deny:
  - "rm -rf *"
  - "sudo *"
dirs: ["/app", "/tmp"]
📋

Full Audit Log

Every command, every output, every file access — recorded with timestamps and agent identity. Searchable and exportable.

14:23:01 claude-opus git status
14:23:03 claude-opus npm test
14:23:47 claude-opus git commit -m "fix"
14:24:02 claude-opus rm -rf / ✗ BLOCKED
14:24:02 ALERT notify #ops
⏱️

Temporary Sessions

Every agent session has a TTL. Access expires automatically — no forgotten open doors. Extend or revoke in real time.

session: "#a3f9"
agent: "cursor-agent"
ttl: "30m"
remaining: "12m 34s"
auto_revoke: true
extend: "requires approval"
🤖

Zero Install — Just SSH

Agents use a standard SSH client — no SDK, no plugins, nothing to install. API key goes in the username. Works with Claude, Cursor, Devin, OpenHands, and any custom agent.

# Any agent, any SSH client
ssh [email protected]

✓ Proxied to prod-api-01
Policy "dev-standard" applied
Session TTL: 30m
👁️

Approval Workflow

Flag sensitive commands for human review. Agent requests, you approve or deny in Slack, Telegram, or the dashboard. Stay in the loop.

⚠ Approval required

Agent: devin
Command: docker restart api
Server: prod-api-01
Risk: medium

[✓ Approve]   [✗ Deny]   [? Details]
🌐

Multi-Server Management

Manage access across your entire fleet from one dashboard. Group servers, apply policies, and monitor agents across all environments.

servers:
   prod-api-01   2 agents   healthy
   prod-api-02   1 agent    healthy
   staging-01    3 agents   1 alert
   dev-01        0 agents   idle
// how it works

Up and running in 3 steps

No SDK. No plugins. No infrastructure changes. Your agents use plain SSH — ssh.bot proxies and controls.

1

Create an API Key

Get a key from the dashboard. Set permissions, target server, and TTL.

# Dashboard → New Key
key: "key_a3f9x..."
server: "prod-api-01"
allow: [git, npm, cat]
deny: [rm, sudo, chmod]
ttl: "1h"
2

Give It to Your Agent

API key as username, standard SSH. No SDK, no setup — just connect.

# That's it. Really.
ssh [email protected]

✓ Proxied to prod-api-01
Policy applied. Session #b7e2
3

Monitor & Control

Watch in real-time. Approve risky commands. Revoke access instantly.

Sessions: 3 active
Commands: 47 today
Blocked:  2 attempts
Alerts:   1 pending

[Dashboard →]
// security

Built for zero trust

Security isn't a feature — it's the foundation. Every layer is designed to minimize blast radius.

🔒

End-to-End Encryption

All sessions encrypted with TLS 1.3. Agent credentials never touch disk. Keys rotate automatically.

🛡️

Zero Trust Architecture

Every command is verified against the policy. No implicit trust, no privilege escalation, no lateral movement.

🔑

Ephemeral Credentials

Short-lived tokens with automatic expiration. No long-lived SSH keys. No secrets to leak.

📊

SOC 2 Ready

Comprehensive audit trails, access controls, and monitoring — designed to meet compliance requirements out of the box.

// pricing

Free while in beta

Get full access now. Pay only when we're production-ready.

Starter

$0 / mo

For individual developers and small projects.

  • Up to 3 servers
  • 2 agent connections
  • 7-day audit log
  • Basic permissions
  • Community support
Join Beta
Popular

Pro

$0 / mo during beta

For teams shipping with AI agents daily.

  • Unlimited servers
  • Unlimited agents
  • 90-day audit log
  • Advanced policies & regex
  • Approval workflows
  • Slack & Telegram alerts
  • Priority support
Get Early Access

Enterprise

Custom

For organizations with compliance needs.

  • Everything in Pro
  • SSO / SAML
  • Unlimited audit retention
  • Custom policies & RBAC
  • Self-hosted option
  • SLA & dedicated support
  • SOC 2 compliance pack
Contact Us
// early access

Get in before launch

Join the beta and help shape the future of AI-server access control.

847 developers already signed up