Cannot SSH via cloudflare tunnel

Hi, I have set up a self host & cloudflare tunnel with following config:
ufw status
Status: active
To Action From


Nginx HTTP ALLOW Anywhere
Nginx HTTPS ALLOW Anywhere
80/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere
Nginx HTTP (v6) ALLOW Anywhere (v6)
Nginx HTTPS (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)

config.yml
tunnel:
credentials-file: /root/.cloudflared/.json
ingress:

  • hostname: ssh.mydomain .com
    service: ssh://localhost:22
  • hostname: mydomain .com
    service: http://localhost:80
  • service: http_status:404

SSH Config
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
Include /etc/ssh/sshd_config.d/*.conf
Port 22 (not commented)

~/.ssh/config
Host ssh.mydomain .com
User myusername
ProxyCommand /usr/local/bin/cloudflared access ssh --hostname %h

and when I ssh to my server:
ssh [email protected]
ssh: connect to host ssh.mydomain.com port 22: Operation timed out

You have an extra space there.

I place an extra space due to my account cannot create a topic with 4 url. in my configuration it has no space

I don’t think I’ve ever seen SSH through a tunnel mention Port 22.

Try ssh -v

It should tell you more about what’s going on. Right now, it doesn’t seem to be paying much attention to your config file.


this is the result when I run command ssh -v. Is there anything should I edit or check?

Sorry, I meant add a -v to your SSH command, so you get a verbose output as it attempts your connection.

Below is what I got after run: ssh [email protected] -v
OpenSSH_9.6p1 Ubuntu-3ubuntu13, OpenSSL 3.0.13 30 Jan 2024
debug1: Reading configuration data /home/fox/.ssh/config
debug1: /home/fox/.ssh/config line 1: Applying options for ssh.mydomain.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Executing proxy command: exec cloudflared access ssh --hostname ssh.mydomain.com
debug1: identity file /home/fox/.ssh/id_rsa type -1
debug1: identity file /home/fox/.ssh/id_rsa-cert type -1
debug1: identity file /home/fox/.ssh/id_ecdsa type -1
debug1: identity file /home/fox/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/fox/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/fox/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/fox/.ssh/id_ed25519 type -1
debug1: identity file /home/fox/.ssh/id_ed25519-cert type -1
debug1: identity file /home/fox/.ssh/id_ed25519_sk type -1
debug1: identity file /home/fox/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/fox/.ssh/id_xmss type -1
debug1: identity file /home/fox/.ssh/id_xmss-cert type -1
debug1: identity file /home/fox/.ssh/id_dsa type -1
debug1: identity file /home/fox/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535