🩺 VPS Vital Signs Monitor — read-only SSH diagnostics with root-cause analysis
Project description
vitals-vps
Read-only SSH server diagnostics with plain-English guidance.
Connect to any Linux VPS with your root credentials, get a full colourised report on what's wrong — CPU spikes, brute-force attacks, memory pressure, disk full, zombie processes — and exact commands to fix each issue.
✅ 100% read-only. No files are created, modified, or deleted. No services are restarted. You can share root credentials safely knowing the tool cannot cause harm.
Install
pip install vitals-vps
Requirements: Python 3.8+, paramiko, rich
Usage
CLI
# Prompt for password (recommended)
vitals 192.168.1.10 --ask-pass
# Use SSH key
vitals 192.168.1.10 --key ~/.ssh/id_rsa
# Non-standard port or user
vitals 192.168.1.10 --port 2222 --user ubuntu --ask-pass
# Also show raw process lists, log excerpts, port table
vitals 192.168.1.10 --ask-pass --verbose
Python API (works in scripts, Jupyter, and Google Colab)
import vitals
# Full styled report printed to screen
vitals.info("your.server.ip", password="mypass")
# Key-based auth
vitals.info("your.server.ip", user="ubuntu", key="~/.ssh/id_rsa")
# Silent — returns Finding objects for scripting
findings = vitals.scan("your.server.ip", password="mypass")
critical = [f for f in findings if f.severity.value == "critical"]
for f in critical:
print(f.title)
Google Colab
!pip install vitals-vps
import vitals
vitals.info("your.server.ip", password="mypass")
What It Checks
| Category | What it looks for |
|---|---|
| CPU | Load average vs core count, CPU %, I/O wait (iowait), runaway processes |
| Memory | RAM %, available memory, swap usage, OOM killer events |
| Disk | Partitions > 80% full, inode exhaustion, largest directories, I/O stats |
| Network | Connection floods, top remote IPs, TIME_WAIT buildup, open ports |
| Security | SSH brute-force attack count, top attacking IPs, fail2ban status, firewall presence, extra UID-0 accounts, active sessions |
| Processes | Zombie processes, D-state (I/O-blocked) processes, failed systemd services |
| Logs | dmesg kernel errors, systemd journal errors, web server errors, MySQL errors |
Sample Output
╭─────────────────────────────────────────────╮
│ System Identity │
│ Host my-server.example.com │
│ OS Ubuntu 22.04.3 LTS │
│ Kernel 5.15.0-89-generic │
│ Uptime up 12 days, 4 hours │
│ CPU Intel Xeon E5-2670 v2 │
│ Cores 4 │
╰─────────────────────────────────────────────╯
┌──────────────────────────────────────────────┐
│ Diagnostic Scorecard │
│ Category Status Findings │
│ CPU ● CRITICAL 1 issue(s) │
│ Memory ● CRITICAL 2 issue(s) │
│ Disk ✅ OK All clear │
│ Network ⚠ WARNING 1 issue(s) │
│ Security ● CRITICAL 2 issue(s) │
└──────────────────────────────────────────────┘
── CPU ──────────────────────────────────────────
🔴 Extreme load average: 8.4 on 4 core(s)
📋 1-min load=8.4, 5-min=6.2, 15-min=4.1. With 4 cores,
the system has ~2x more runnable work than it can handle.
💡 What to do: Identify the runaway process(es)…
📌 Commands:
ps aux --sort=-%cpu | head -15
top -b -n1 | head -20
── Security ─────────────────────────────────────
🔴 Active brute-force attack: 47,312 SSH login failures
📋 47,312 failed SSH login attempts found in auth log.
💡 What to do:
1. Install fail2ban immediately to auto-ban attackers.
2. Change SSH to a non-standard port (e.g. 2222).
3. Disable password login — use SSH keys only.
📌 Commands:
apt install fail2ban -y
systemctl enable --now fail2ban
Safety Guarantees
- Every SSH command runs through a blocklist filter. If the command string contains anything resembling a write, delete, kill, or install operation, it raises a
ValueErrorbefore sending it. - The SSH client uses
AutoAddPolicyfor convenience but logs the host key. In a production hardened setup, you can supplyknown_hosts. - No data is stored. The tool runs, prints, and exits.
Roadmap
-
--output jsonflag for piping into alerting pipelines -
--watchmode: re-scan every N seconds - HTML report export
- Docker container support (scan via
docker exec) - Comparison mode: scan baseline vs current and diff the findings
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vitals_vps-0.2.0.tar.gz.
File metadata
- Download URL: vitals_vps-0.2.0.tar.gz
- Upload date:
- Size: 37.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
eb8c219bf3c0616d03f8ea34bdc5e441a6bcd60a4efd235ab9f550b91df0c3d7
|
|
| MD5 |
4fb22a386630b141c169b5f659d88714
|
|
| BLAKE2b-256 |
38201cbb4380e0f401050c444c1a052d3d9edee2ebfda5c1be6ceb84cb508147
|
File details
Details for the file vitals_vps-0.2.0-py3-none-any.whl.
File metadata
- Download URL: vitals_vps-0.2.0-py3-none-any.whl
- Upload date:
- Size: 35.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d8bfeaef925586411061e28ae0876883348e70355733007940c4cda995863803
|
|
| MD5 |
d501c59a69611d0342df0a0582c6c58d
|
|
| BLAKE2b-256 |
8ecc773a8d77df3e1d0ae67f7e43c022eca15952c3f25d9a9be1f4aaf72ae5a9
|