Cloudflared, Cloudflare Access, and Putty in Windows

We’re working on implementing Cloudflare Teams, but I’m running into an issue with SSH access.

We’re a Windows shop primarily, and often use Putty or SFTP software to access our servers over SSH. I have no problem getting some SSH devices setup in Teams/Access, and I can access the devices no problem using the web rendered SSH client.

The problem I’m having is finding a good solution to access these systems over SSH/SFTP on a Windows system, since you can’t do the ProxyCommand deal in your ssh config file as you can on linux.

I found an old post talking about running " cloudflared.exe access ssh --hostname --url localhost:4380" on the client, then connecting to the server over putty, however I’m unable to get this to work. Maybe I’m doing it wrong?

I’m assuming: is the public CNAME record that points to my Access tunnel ID?
localhost SHOULD be left as localhost?

I’ve tried running this. Then I try to connect putty to both and localhost:4380, as well as localhost, and I can’t connect to either. Connecting to localhost:4380 gives me a password prompt, however no password works, so I’m not entirely sure what exactly that’s connecting me to…not the SSH device it seems.

How can you get this working on a Windows system to be able to SSH into a system using Putty?

With Windows 10, you can install natively install the OpenSSH Client. Is is probably going to be the quickest to get it to work.

While that might work, I’d really like to be able to get this with Windows tools our techs are used to using. I know it SHOULD work with the cloudflared command I posted - the older thread I found about this said the guy got it to work this way. The post just didn’t go into enough detail so I know I have to be missing something.

If you are using PuTTY, there’s a tool called Plink that should work, using the -nc switch thus:

plink -nc

That should open a connection via the proxy, and allow you to open an ssh session.

You can also configure putty to connect this way in the gui: