Ask HN: How do you safely give LLMs SSH/DB access?

I have been using Claude Code for DevOps style tasks like SSHing into servers, grepping logs, inspecting files, and querying databases

Overall it's been great. However, I find myself having to review every single command, a lot of which are repetitive. It still saves me a ton of time, but it's quickly becoming a bit tedious

I wish I could give the agent some more autonomy. Like giving it a list of pre-approved commands or actions that it is allowed to run over ssh

For example:

    OK: ls, grep, cat, tail
    Not OK: rm, mv, chmod, etc
    OK: SELECT queries
    Not OK: INSERT, DELETE, DROP, TRUNCATE

Has anyone successfully or satisfactorily solved this?

What setups have actually worked for you, and where do you draw the line between autonomy and risk?

Comments URL: https://news.ycombinator.com/item?id=46620990

Points: 22

# Comments: 50

Ask HN: How do you safely give LLMs SSH/DB access?

Related Articles from hnrss.org

Sun Position Calculator

The Influentists: AI hype without proof

Wind power slashed 4.6B euros off electricity bills in Spain last year

Claude Cowork Exfiltrates Files

Show HN: Harmony – AI notetaker for Discord

Why every country should set 16 as the minimum age for social media accounts