Cloudflared Tunnel | SSH and 2-FA


how is it possible to secure SSH access via Cloudflared Tunnel with the Google Authenticator?

I am asked for a username and password, but there is no third field where I can enter a Token/TAN.

Thanks in advance

Are you trying to use browser rendered SSH or via cloudflared access ssh ...?


We use browser rendered SSH.

I’m guessing it’s not supported. Given the way that you have to set up openssh-server to use 2FA, Cloudflare is unable to complete the process. What you could try is short-lived certs which means all authentication is done with Cloudflare so you would use 2FA with your IDP.

1 Like