/** * SSH sandbox — executes commands on a remote host via OpenSSH. */ import type { ExecuteOptions } from './base.js'; import { PosixShellSandbox } from './posix-shell.js'; import type { ExecutionResult, StreamChunk } from './types.js'; import type { Tool } from '../tools/tool.js'; /** * Options for constructing an {@link SshSandbox}. */ export interface SshSandboxOptions { /** SSH destination (e.g., `"user@host"`, `"192.168.1.10"`). */ host: string; /** Working directory on the remote host. */ workingDir: string; /** Path to SSH private key file. */ identityFile?: string; /** SSH port. Defaults to 22. */ port?: number; /** Additional SSH options passed as `-o` flags. */ sshOptions?: string[]; /** * Allow connections to hosts with unknown or changed SSH keys. * * When `false` (default), uses `StrictHostKeyChecking=accept-new` — trusts on * first connect but rejects if the key changes. * When `true`, uses `StrictHostKeyChecking=no` — disables host key verification. */ allowUnknownHosts?: boolean; /** * Bypass the SSH option allowlist. * * When `false` (default), unknown options throw at construction time. * When `true`, all options are passed through without validation. */ allowUnsafeSshOptions?: boolean; } /** * Execute commands on a remote host via SSH. * * Stateless — each {@link executeStreaming} call spawns a fresh `ssh` process. * All sessions use `BatchMode=yes` — interactive prompts are disabled and * authentication must be key-based. */ export declare class SshSandbox extends PosixShellSandbox { readonly host: string; readonly workingDir: string; private readonly _identityFile; private readonly _port; private readonly _allowUnknownHosts; private readonly _sshOptions; constructor(options: SshSandboxOptions); executeStreaming(command: string, options?: ExecuteOptions): AsyncGenerator; getTools(): Tool[]; } //# sourceMappingURL=ssh.d.ts.map