Enterprise & fleets

Bulk-update & patch a whole fleet of Linux servers

A CVE drops on Friday afternoon and you need the patch on every box before the weekend. With AI Commander you describe it once — "update openssl on all production servers and tell me the version on each" — and your AI client runs it across the fleet, streaming results back so you can see exactly what landed where.

The job

This is the bread and butter of RMM and patch-management tools: apply updates across a scattered fleet, then prove it took. AI Commander does the ad-hoc version of that without a heavyweight platform. Each machine runs an outbound-only agent and is saved under an alias; the AI client addresses them as a group:

Apply security updates everywhere: apt-get update && apt-get -y upgrade (or dnf upgrade).
Patch one package fleet-wide and pin it.
Verify the resulting version on every host and flag the stragglers.
Find which machines need a reboot and report them, rather than rebooting blindly.

What it looks like

Claude — MCP

You: update openssl on web-1, web-2, web-3 and tell me each version + if a reboot is needed Claude: running on 3 machines… web-1 > apt-get -y install --only-upgrade openssl && openssl version OpenSSL 3.0.13 ✓ no reboot needed web-2 > … OpenSSL 3.0.13 ⚠ reboot recommended (libssl in use) web-3 > OpenSSL 3.0.13 ✓ Claude: All three on 3.0.13. web-2 has a service still linking the old libssl — schedule a restart there.

How "all machines" works. AI Commander operates one machine per session code. To act on a fleet, you save each machine under an alias in your account; the AI client then calls remote_exec for each alias in turn and aggregates the results. There's no inbound access to any of them.

Why AI Commander for fleet patching

	AI Commander	Ansible	RMM suite	SSH loop
Describe it in plain language	✓ via AI	YAML	console	scripts
No inbound port per host	✓	needs SSH	agent	needs SSH
Verifies & summarizes results	✓ AI reads output	recap	dashboard	manual
Setup weight	1 install per host	inventory + playbooks	full platform	keys everywhere

Honest scope. For large, policy-driven, scheduled patch programs, a dedicated RMM or Ansible pipeline is the right backbone. AI Commander shines for fast, conversational, "do this across these boxes now and tell me what happened" work — and for letting an AI agent carry it out end to end.

Set it up

On every server (Linux), install the agent:

curl -fsSL https://aicommander.dev/install | sudo bash

Sign in and give each machine an alias (e.g. web-1…web-n) so the AI client can address the whole group. Then connect your client and describe the update.

FAQ

How do I update software on all my computers at once?

Install the agent on each machine and save them under aliases in your account. Then ask your AI client to run the update across the group — it calls remote_exec on each machine, streams output back, and can verify versions in the same pass.

Is this an RMM alternative for patch management?

It covers the ad-hoc, describe-it-in-words side: apply updates across a fleet and confirm they landed, driven by an AI client over a real shell. It's lighter than a full RMM suite (no dashboard or policy engine) but has no inbound ports and no per-machine login.

Can the AI verify the patch actually applied everywhere?

Yes. Output streams back as text, so the AI client re-queries the installed version on each machine after updating and reports which succeeded, which need a reboot, and which failed.

Patch the whole fleet in one sentence

Install the agent on each server, alias them, and ask Claude to update and verify them all.

Install the agent Set up aliases