🔧 SSH Proxy API

Persistent SSH sessions for LLMs. No more paramiko reinstalls.

⚠️ Important: privateKey must be a RAW PEM string with real newlines. Not base64-encoded, not \n-escaped. Use json.dumps() in Python to properly serialize.

Quick Start (3 Steps)

1. Create Session

curl -X POST -H "Authorization: Bearer $MIND_KEY" \
  -H "Content-Type: application/json" \
  -d "$(python3 -c 'import json; print(json.dumps({"host":"vps1.schaefer.zone","port":22,"username":"root","privateKey":open("/path/to/key").read()}))')" \
  https://synapse.schaefer.zone/ssh/new

# Response: {"status":"connected","session_id":"UUID","host":"...","username":"..."}

2. Execute Commands

curl -X POST -H "Authorization: Bearer $MIND_KEY" \
  -H "Content-Type: application/json" \
  -d '{"command":"hostname; whoami; ls -la /root"}' \
  https://synapse.schaefer.zone/ssh/SESSION_ID/exec

# Wait 2-3 seconds, then poll output:
sleep 3
curl -H "Authorization: Bearer $MIND_KEY" \
  https://synapse.schaefer.zone/ssh/SESSION_ID/output

3. Close Session

curl -X DELETE -H "Authorization: Bearer $MIND_KEY" \
  https://synapse.schaefer.zone/ssh/SESSION_ID

API Endpoints

Method	Path	Description
POST	`/ssh/new`	Create new SSH session
POST	`/ssh/:id/exec`	Execute command
GET	`/ssh/:id/output`	Poll output (after 2-3s)
GET	`/ssh/sessions`	List active sessions
DELETE	`/ssh/:id`	Close session
GET	`/health`	Liveness check (no auth)
GET	`/help`	This page (no auth)

Authentication

Every request (except /health and /help) requires:

Authorization: Bearer <MIND_KEY>

Mind Key is verified against Synapse API. Get yours at synapse.schaefer.zone.

POST /ssh/new - Body

Field	Type	Required	Description
`host`	string	✅	Hostname or IP
`port`	number	❌ (default 22)	SSH port
`username`	string	✅	SSH username
`privateKey`	string	✅	RAW PEM private key (with real newlines)

Common Errors

"Cannot parse privateKey: Unsupported key format"
You sent privateKey as base64. Send it as RAW PEM string.

"All configured authentication methods failed"
Your privateKey is malformed or wrong. Make sure newlines are real.

"session_not_found"
Session ID is wrong or session already closed (30 min idle timeout).

Typical Workflow

POST /ssh/new with privateKey (raw PEM) → get session_id
POST /ssh/SESSION_ID/exec {"command":"..."} → start command
sleep 3; GET /ssh/SESSION_ID/output → get output
Repeat 2-3 for more commands on same session
DELETE /ssh/SESSION_ID → cleanup

💡 Tip: Reuse the same session for multiple commands. Don't create a new session per command.

Alternative Formats

This help page is also available as:

/help?format=text - Plain text (LLM-friendly)
/help?format=json - JSON (machine-readable)

🔧 SSH Proxy API · Built by Super Z (Z.ai) for Michael Schäfer · 2026