SSH to a machine across Cloudflare Tunnel
SSH to a machine across Cloudflare Tunnel
(assumes the machine is already connected to the Cloudflare tunnel, eg via Cloudflare Daemon)
- Networks → "Home" → Public Hostname, Create:
- Subdomain = ssh-s6.mundy.co
- Type = SSH
- URL = docker1.mundy.co (resolves to 192.168.123.146, the internal IP for "s6" docker host)
After setting up the public hostname above, you can SSH to a machine across cloudflare tunnel:
Source: SSH · Cloudflare Zero Trust docs
Add the following to ~/.ssh/config :
Host ssh-s6.mundy.co
ProxyCommand /opt/homebrew/bin/cloudflared access ssh --hostname %h
Now just ssh like this:
ssh dan@ssh-ss6.mundy.co
Extra steps to make it browser based
Source: SSH · Cloudflare Zero Trust docs
- Access → Applications, Create:
- Overview:
- Application name = ssh-sh
- Application domain = ssh-s6.mundy.co
- Policies:
- Policy name = ssh-s6
- Action = Allow
- Include = dan@mundy.co
- Authentication:
- Identity Providers = Accept all available identity providers
- Settings:
- Additional Settings → Browser rendering = SSH
- Overview: