ASSH

Agent Secure Shell

CLAI shell over SSH. Bukan protocol baru — CLAI pipeline + SSH transport + interactive shell. Tanpa prefix, langsung CLAI commands.

Arsitektur

ASSH Client (CLAI shell) ──SSH──▶ ASSHD Server (target machine)
     │                                    │
     ├─ interactive mode                   ├─ Receive CLAI commands
     ├─ one-shot mode                      ├─ Execute CLAI pipeline
     └─ script mode                        ├─ MZ envelope detection
                                           ├─ Sandbox mode
                                           └─ Auth (keys/tokens/IP)

ASSH Client

CLAI shell — interactive shell dengan CLAI commands, tanpa prefix. Mengirim perintah ke remote server via SSH.

ASSHD Server

Daemon di target server yang menerima CLAI commands, mengeksekusi pipeline, dan mengembalikan structured result (MZ+ADN).

3 Mode Operasi

Interactive

Shell interaktif — ketik CLAI commands langsung, dapat output real-time. Cocok untuk eksplorasi dan debugging.

$ assh user@server
ASSH> ls /var/log
ASSH> cat app.log --grep error
ASSH> exit

One-Shot

Jalankan satu CLAI command dan langsung dapat result. Output MZ+ADN passthrough — agent-readable.

$ assh user@server \
    "ls /var/log --json"

Script

Jalankan file script berisi multiple CLAI commands. Cocok untuk automation dan batch operations.

$ assh user@server \
    --script deploy.assh

ASSHD Server Features

MZ Envelope Detection

Deteksi MarkZero envelope (М/О) untuk multiline payload. Structured output dalam format MZ+ADN.

Sandbox Mode

Keamanan berlapis: allowed paths, blocked commands, dan timeout. Mencegah eksekusi berbahaya di server target.

Authentication

Multi-layer auth: SSH keys, tokens, dan IP whitelist. Kontrol akses siapa yang bisa mengirim CLAI commands.

Structured Output

Interactive mode → MZ+ADN → ASCII table (human-readable). One-shot → MZ+ADN passthrough (agent-readable).

Flow Diagram

User/Agent
  │
  ▼
ASSH Client (CLAI shell)
  │  ── CLAI command ──
  ▼
SSH Transport (encrypted)
  │
  ▼
ASSHD Server (remote)
  ├─ Auth check (SSH key / token / IP)
  ├─ Sandbox validation (paths, commands, timeout)
  ├─ MZ envelope detection (multiline payload)
  ├─ Execute CLAI pipeline
  │    transport(input) → entity → [filter] → transport(output)
  │
  └─ Return structured result
       ├─ Interactive → MZ+ADN → ASCII table
       └─ One-shot   → MZ+ADN passthrough

CLAI Pipeline di ASSH

ASSH bukan protocol baru — ini CLAI pipeline yang berjalan di atas SSH transport.

Agent → CLAI → transport(ssh) → entity → [filter] → transport(ssh) → result

Transport Layer

I/O via SSH, local, HTTP, stdout, file. ASSH menambahkan SSH transport ke CLAI pipeline.

Entity Layer

Data format: env, pm2, json. Entity selalu bergantung ke filter safety.

Filter Layer

Transform: --json, --grep, --redact, --temp, --backup, --hitl.

Safety Contract

env → temp (transactional backup). write → backup (history backup). HITL gate via --hitl.

Quick Start

# Install ASSH
maintenis add assh

# Interactive mode
assh user@server

# One-shot command
assh user@server "ls /var/log --json"

# Script mode
assh user@server --script deploy.assh