tunnel-manager¶
An SSH tunnel, remote-execution and MCP/agent server for the agent-utilities ecosystem — the agentless execution arm that lets agents run commands, transfer files and audit fleets of remote hosts over plain SSH.
Official documentation
This site is the canonical reference for tunnel-manager, maintained alongside
every release.
Overview¶
tunnel-manager provisions SSH tunnels to remote hosts and exposes them as typed,
deterministic MCP tools and a Pydantic-AI agent. It is the agentless execution arm
of the Agent OS — agents call it to run commands, copy files, bootstrap passwordless
SSH and audit hosts at scale without deploying persistent daemons. It provides:
HostManagerandTunnel— aparamiko/asyncsshclient layer over the inventory and individual SSH connections, with native Linux and Windows path and certificate resolution (including Teleporttshproxy tunnelling).- Seven action-routed MCP tools — host inventory, single-host remote operations, bulk inventory operations, operation lifecycle, system intelligence, advanced file operations and security auditing, each toggled independently.
- An integrated Pydantic-AI agent — exposed over the Agent Control Protocol with
an optional web UI, wired to the MCP server through
MCP_URL.
Explore the documentation¶
- Installation — pip, source, extras, and the prebuilt Docker image.
- Deployment — run the MCP and agent servers, Docker Compose, Caddy + Technitium.
- Usage — the MCP tools, the
HostManager/TunnelAPI, and the CLI. - Overview — ecosystem role, distributed SSH swarm scaling, MCP configuration.
- Teleport Architecture — certificate, proxy and cross-OS connection model.
- Concepts — the
CONCEPT:TUN-*registry.
Quick start¶
Run it as a network server with a published port:
See Installation and Deployment for the full matrix (PyPI extras, Docker image, every transport, the agent server, reverse proxy and DNS).