Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.neo.projectdiscovery.io/llms.txt

Use this file to discover all available pages before exploring further.

SSH connections let Neo connect to remote hosts you own or are authorized to test, such as a bastion, jump box, scanner VM, or staging server. After a host is saved, you can refer to it by name in a task and ask Neo to run commands through that connection.

Sandboxes and SSH

Sandboxes and SSH connections are used for different kinds of execution:
  • A Neo sandbox is a Neo-managed isolated environment where Neo normally runs tools, scripts, scans, and file operations.
  • A remote SSH connection is a user-provided machine. When Neo uses SSH, commands run on that remote host, not inside the Neo sandbox.
Use the sandbox for general security work. Use SSH when you need to run from a specific place in your network or need host-level access, such as checking logs, running a scan from a private subnet, or validating a fix on a server.

Setup

  1. Open Settings > SSH.
  2. Click Add SSH Host.
  3. Enter the host name, user@host, port, and authentication method.
  4. Choose Generate new key, Use existing private key, or Password.
  5. If using a generated key, run the setup command on the remote host.
  6. Click Test connection before using it in a task.
Generate new key lets Neo create a new SSH key pair for the connection. Run the setup command on the remote host to allow Neo to connect. Use existing private key lets you use a private key you already have, such as a .pem file for a cloud VM, bastion host, scanner VM, or staging server. Add the private key and, if required, its passphrase. Password uses an SSH password for the connection. After Neo connects to the remote host, commands run on that host. If the host has access to private networks, Neo can run from that network position.

Example prompts

Use the prod-bastion SSH connection to check which internal web services are reachable from that subnet.

SSH into staging-app-01 and collect auth logs, listening ports, running services, and recent deploy metadata.

Use scanner-vm to run nuclei against the authorized internal inventory. Stay within the provided scope.

Common workflows

  • Internal recon from a trusted scanner VM or jump box
  • Incident response evidence collection from an affected host
  • Post-remediation checks for patches, firewall rules, service config, and package versions
  • Segmentation testing from a real subnet position
  • Kubernetes or container host inspection from an authorized admin machine
  • Red team workflows that require an authorized foothold or bastion
Only save hosts that Neo is allowed to access. Commands run over SSH affect the remote machine you configured.