I’m exposing SSH over an Argo tunnel using a local cloudflared instance with the following ingress stanza:
ingress: - hostname: ssh.example.com service: ssh://localhost:22
Using the following proxycommand (in PuTTY on Win) works just fine:
cloudflared.exe access ssh --hostname %host
So invoking an SSH session connects just fine and looking at
last on the host I can see the connection has been made from localhost (i.e. from the local cloudflared process) so all is well in the world and everything is working as expected.
BUT, as soon as go into the Teams Dashboard and try to apply an Access Application rule matching
ssh.example.com, my client won’t connect. Doesn’t matter if the Rule is based on user, country etc.,nothing allows the proxy to connect.
Is there a special ‘Application type’ of SSH or something I need to use which I’m not seeing in my GUI? Presently I’m just creating a ‘Self-hosted application’ and maybe that’s confusing things by making the tunnel ‘webby’ instead of for SSH?
Does anyone have a working Access Policy documented I can try?