From bfe375044de0e3bb5c1a07680ad76752f0037731 Mon Sep 17 00:00:00 2001 From: Mike Swanson Date: Thu, 18 Jun 2026 05:59:02 -0700 Subject: [PATCH] sync: auto-sync from GURU-5070 at 2026-06-18 05:58:48 Author: Mike Swanson Machine: GURU-5070 Timestamp: 2026-06-18 05:58:48 --- .claude/memory/feedback_prefer_ssh_over_rmm.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .claude/memory/feedback_prefer_ssh_over_rmm.md diff --git a/.claude/memory/feedback_prefer_ssh_over_rmm.md b/.claude/memory/feedback_prefer_ssh_over_rmm.md new file mode 100644 index 00000000..d2d0b37b --- /dev/null +++ b/.claude/memory/feedback_prefer_ssh_over_rmm.md @@ -0,0 +1,14 @@ +--- +name: prefer-ssh-over-rmm +description: When a machine has SSH available and SSH is easier, prioritize SSH over driving it through the GuruRMM agent +metadata: + type: feedback +--- + +When a target machine has **SSH available** (e.g. key auth already set up) and the task is easier over SSH, **prioritize SSH over the GuruRMM agent**. Drive it with the system OpenSSH (`C:\Windows\System32\OpenSSH\ssh.exe` / `scp.exe`) — `scp` the script over, run it via `ssh`. + +**Why:** SSH runs as a real interactive user, which avoids RMM's pitfalls: RMM commands run as **SYSTEM** (git "dubious ownership", credential-context gaps) and are bound by the **server-side command-timeout reaper** (long jobs get killed mid-run — and a killed RMM command can leave an orphaned child process). RMM also forces base64/PowerShell-quoting gymnastics for every script. SSH sidesteps all of it. + +**How to apply:** for a machine with SSH, default to `scp script + ssh run` (keep SSH commands simple — cmd-native or `node absolute-path.js`; complex nested PowerShell-over-SSH quoting hangs). Reserve **RMM as the fallback** when SSH/VPN to the target is down — RMM is agent-out to the GuruRMM cloud, so it stays reachable even when a direct VPN flaps (and is the only option on machines without SSH). Confirm SSH reachability first; fall back to RMM on connect timeout. + +Example: Dataforth AD2 — `ssh sysadmin@192.168.0.6` (key auth, vault `[[reference_unifi_site_manager_api]]`-style entry at `clients/dataforth/ad2`). [[feedback_windows_quote_stripping]]