Manage your Linux servers directly from Claude using natural language. Ask Claude to check system status, manage packages, configure services, transfer files, and more — across one server or an entire fleet.
The ManageLM Claude Code extension connects Claude to your infrastructure through the MCP (Model Context Protocol). Once connected, Claude can manage your servers using natural language — no scripts, no SSH, no context switching.
You describe what you need in plain English. Claude selects the right skill, sends the instruction to the agent running on your server, and returns the result — all within the conversation.
Describe tasks in plain English. Claude picks the right skill, agent, and parameters automatically.
Packages, services, users, network, security, files, Docker, databases, certificates, VPN, Kubernetes, and more.
Target a single server, a group, or broadcast to all agents. Claude handles multi-server responses.
Upload and download files (text and binary) between your local machine and remote servers through Claude.
Run security audits, search findings across your fleet, and remediate issues — all conversationally.
Review what changed, inspect file diffs, and revert any task that modified server configuration.
Claude communicates with the ManageLM portal via MCP. The portal dispatches tasks to agents over WebSocket. Agents execute tasks using a local LLM and report results back. No SSH, no inbound ports on your servers.
claude plugin install managelm
Add to your Claude Code settings (~/.claude/settings.json) or project .mcp.json:
{
"mcpServers": {
"managelm": {
"type": "url",
"url": "https://app.managelm.com/mcp"
}
}
}
Self-hosted users: Replace app.managelm.com with your own portal URL.
claude --plugin-dir ./path/to/managelm-claude
ManageLM uses OAuth 2.0 with PKCE. On first connection, Claude opens your browser to authorize access.
Create a ManageLM account if you don't have one
Go to Settings > MCP Credentials in the portal and enable them
When Claude connects for the first time, a browser window opens for authorization
Approve access — tokens are managed automatically from here
Access tokens expire after 30 minutes and are refreshed automatically. You should never need to re-authenticate manually.
Legacy auth: Header-based authentication (X-MCP-Id / X-MCP-Secret) is also supported for programmatic use, but OAuth with PKCE is recommended.
Each skill accepts a target (hostname, group, or "all") and a free-text instruction describing what you want done. Claude selects the appropriate skill automatically based on your request.
| Skill | Description |
|---|---|
base | Core read-only utilities — read files, search content, check system info, monitor resources, network diagnostics |
system | System administration — OS info, performance tuning, hostname, timezone, kernel parameters, reboot |
packages | Package management — install, remove, update, search across apt/dnf/yum/pacman/zypper/apk |
services | Service and process management — systemd units, cron jobs, logs, process control |
users | User and access management — accounts, groups, SSH keys, sudo, password policies |
network | Network management — interfaces, routes, DNS, ports, connectivity testing, traffic analysis |
security | Security hardening — audits, fail2ban, SSH hardening, SELinux/AppArmor, SSL/TLS, auth logs |
files | File management — read, write, upload, download files (text and binary) |
Additional skills can be imported from the built-in catalog using the available_skills tool:
| Skill | Description |
|---|---|
firewall | Firewall management — iptables, nftables, firewalld, ufw |
docker | Docker and Podman — containers, images, compose, volumes, networks |
apache | Apache HTTP Server — virtual hosts, modules, SSL, configuration |
nginx | Nginx — server blocks, reverse proxy, SSL, load balancing |
mysql | MySQL/MariaDB — databases, users, queries, backups, replication |
postgresql | PostgreSQL — databases, roles, queries, backups, extensions |
backup | Backup management — create, schedule, restore, verify backups |
certificates | SSL/TLS certificates — Let's Encrypt, self-signed, inspection, renewal |
git | Git operations — clone, pull, status, log on remote servers |
dns | DNS server management — zones, records, BIND, systemd-resolved |
vpn | VPN management — WireGuard, OpenVPN configuration |
kubernetes | Kubernetes — pods, deployments, services, logs, kubectl operations |
Tip: Ask Claude "What skills are available for web-prod-01?" and it will use list_agent_skills to show you exactly what's assigned and what can be imported.
These tools let Claude explore your infrastructure, check task status, and manage operations:
| Tool | Description |
|---|---|
list_agents | List all servers with status, OS, health metrics, and groups |
agent_info | Detailed info for a single server: health, skills, recent tasks |
list_agent_skills | See assigned and available skills for a server |
available_skills | Discover skills not yet imported into your account |
account_info | Check account plan, usage limits, and current consumption |
search_agents | Filter servers by CPU/memory/disk usage, OS, status, or group |
search_inventory | Search installed packages, running services, containers across all servers |
search_security | Search security audit findings across all servers |
get_task_status | Check status of a running or completed task |
get_task_history | Review recent tasks for a server |
task_changes | View file changes made by a task |
revert_task | Revert file changes from a previous task |
Every skill-based tool accepts a target parameter that determines which server(s) to run the task on:
| Target | Behavior | Example |
|---|---|---|
| Hostname | Run on a single server | web-prod-01 |
| Group name | Run on all servers in the group | production |
"all" | Broadcast to every server you have access to | all |
Claude automatically resolves targets. If you say "Check disk usage on all production servers", Claude uses the group name production as the target.
The extension includes two user-invocable skills you can trigger directly:
/managelm:setupWalk through connecting Claude to your ManageLM portal. Guides you through configuring the MCP endpoint, authenticating, and verifying the connection.
/managelm:troubleshootDiagnose connection issues, task failures, and agent problems. Works through connection checks, agent status, task errors, and tool availability in order.
Just describe what you need in natural language. Claude handles skill selection, targeting, and execution:
# System info > Check disk usage on web-prod-01 > Which servers have CPU usage above 80%? > Show me the last 50 lines of /var/log/syslog on monitoring-1 # Package management > Install nginx on all servers in the staging group > What packages are installed on web-prod-01 that match "python"? > Update all packages on db-primary # File operations > Upload my local config.yml to /etc/myapp/config.yml on db-primary > Show me the contents of /etc/nginx/nginx.conf on lb-01 # Security > Run a security audit on all production servers > Search for any security findings related to SSH across all servers > Harden SSH configuration on web-prod-01 # Services > Restart nginx on lb-01 > Show me all failed systemd units on db-primary # Infrastructure discovery > List all my servers and their status > Which servers are running Docker? > Search for any server with PostgreSQL installed
base skill has no write commands. Mutating skills must be explicitly assigned by an admin.MCP credentials may not be generated yet. Go to your ManageLM portal Settings > MCP Credentials and generate them. If they exist, try removing and re-adding the MCP server configuration to force re-authentication.
Verify the portal URL in your MCP configuration is correct and reachable. The endpoint should be https://your-portal.com/mcp.
Either no agents are enrolled, or your account role restricts agent visibility. Check the portal dashboard to verify agents are enrolled and your user has access.
Ensure the MCP server is configured with "type": "url" (not "stdio"). Check that your Claude Code version is 1.0.33 or later.
Use list_agent_skills to see what's assigned. Skills must be assigned to agents by an admin in the portal. Use available_skills to discover importable skills from the catalog.
Regular tasks have a default timeout (configurable in portal settings). File transfers have a 300-second timeout. For large operations, break the task into smaller steps.
The MCP connection may not be established. Check the MCP status in Claude Code. Try /managelm:troubleshoot for guided diagnostics, or run /reload-plugins to refresh.