Remote shell backend
What you'll find here
The auditable boundary for SSH or equivalent remote command execution — the target record, required controls, and security boundary.
Boundary, not connection.
The helper does not open connections or execute commands. It records and evaluates a decision.
Target
RemoteShellTarget stores non-secret target metadata:
Host reference
Optional user & port references
External auth reference name
Non-secret metadata
References, not values.
References point to configuration or secret tooling — never raw usernames with passwords, bearer tokens, SSH private keys, or credential values.
Required controls
Sandbox backend
Kind remote_shell · isolation remote.
Declared shell.remote.execute capability
With run operation.
Remote target id
External auth reference name
Policy envelope id
Capability grant id
Receipt id
Redaction controls
For persisted metadata.
Denied and allowed decisions preserve the backend id, target id, command reference, receipt id when present, decision reason, and required controls.
Security boundary
Command references, not inline strings.
Inline SSH commands, pipes, chained commands, and command substitution are denied before dispatch. Remote shell backends should be used only for trusted, policy-approved targets. They do not provide container isolation, local filesystem protection, network egress filtering, or credential brokering.
Store SSH keys, passwords, tokens, and host secrets outside Craik configuration and refer to them by auth reference name.