Nodevisor Docs
Packages

@nodevisor/ssh

Install, configure, and harden the OpenSSH server.

Install

npm install @nodevisor/ssh
See More

Manages the OpenSSH server (sshd) — installation, service control, and security hardening. Extends the Service base class, so it includes full lifecycle management.

Quick Start

import $ from '@nodevisor/shell';
import SSH from '@nodevisor/ssh';

const $server = $.connect({ host: '10.0.0.10', username: 'root' });
const ssh = $server(SSH);

// Install OpenSSH server
await ssh.install();

// Disable password authentication (key-only login)
await ssh.disablePasswordAuthentication();

// Restart to apply changes
await ssh.restart();

API

Installation

install() / installPackage()

Install the OpenSSH server package (openssh-server).

await $(SSH).install();

uninstall() / uninstallPackage()

Remove the OpenSSH server package.

await $(SSH).uninstall();

isInstalled()

Check if OpenSSH server is installed. Returns boolean.

if (await $(SSH).isInstalled()) {
  console.log('SSH server is installed');
}

getVersion()

Get the installed OpenSSH version.

const version = await $(SSH).getVersion();
console.log(version); // "OpenSSH_8.9p1"

Service Control

start()

Start the SSH service.

await $(SSH).start();

stop()

Stop the SSH service.

await $(SSH).stop();

restart()

Restart the SSH service. Required after configuration changes.

await $(SSH).restart();

isRunning()

Check if the SSH service is active. Returns boolean.

if (await $(SSH).isRunning()) {
  console.log('SSH is running');
}

Security Hardening

disablePasswordAuthentication(skipRestart?)

Disable password-based SSH login. Only key-based authentication will work. Restarts sshd automatically unless skipRestart is true.

// Disable and restart immediately
await $(SSH).disablePasswordAuthentication();

// Disable without restarting (useful when making multiple changes)
await $(SSH).disablePasswordAuthentication(true);
await $(SSH).restart(); // restart manually later

Sets PasswordAuthentication no in /etc/ssh/sshd_config.

enablePasswordAuthentication(skipRestart?)

Re-enable password-based SSH login.

await $(SSH).enablePasswordAuthentication();

testPasswordAuthentication()

Check whether password authentication is currently enabled.

const enabled = await $(SSH).testPasswordAuthentication();
console.log(enabled); // true or false

Common Patterns

Full SSH hardening setup

import $, { SSH, AuthorizedKeys } from 'nodevisor';

const $server = $.connect({ host: '10.0.0.10', username: 'root' });

// First, ensure SSH keys are in place
await $server(AuthorizedKeys).writeFromFile('~/.ssh/id_ed25519.pub');

// Then disable password authentication
await $server(SSH).disablePasswordAuthentication();

@nodevisor/authorized-keys

Manage SSH authorized_keys files for passwordless authentication.

@nodevisor/ufw

Manage the UFW (Uncomplicated Firewall) — install, configure rules, and control the firewall.

On this page

InstallQuick StartAPIInstallationinstall() / installPackage()uninstall() / uninstallPackage()isInstalled()getVersion()Service Controlstart()stop()restart()isRunning()Security HardeningdisablePasswordAuthentication(skipRestart?)enablePasswordAuthentication(skipRestart?)testPasswordAuthentication()Common PatternsFull SSH hardening setupRelated Packages