Connect to sftp via cloudflare tunnel

I’m trying to setup an sftp server on my raspberry pi accessible from the internet through Cloudflare tunnel. I have created a tunnel from the cli and added a dns route to it.
The following is my config.yml:

tunnel: <tunnel-id>
credentialsfile: /root/.cloudflared/<tunnel-id>.json
ingress:
- hostname: subdomain.mydomain.extension
  service: tcp://localhost:22
- service: http_status:404

While I can access the sftp through local address sftp://192.168.0.100 that I have assigned to my rpi, I cannot access it through sftp://subdomain.mydomain.extension. Any idea on what I’m doing wrong or is it impossible to route sftp traffic through Cloudflare tunnel?

To clarify: When I attempt to connect to sftp://subdomain.mydomain.extension, I get a ‘connection timed out’ error

You need to have cloudflared install locally on the client machine that you are trying to accessing the Pi from.

Okay. And then what? Access sftp like usual?

You’ll need to run something like

from the client cloudflared access tcp --hostname sftp.site.com --url localhost:2222 then sftp://localhost:2222 it should work.

Docs: https://developers.cloudflare.com/cloudflare-one/applications/non-http/arbitrary-tcp/#2-connect-to-the-resource

2 Likes

Thanks a lot! It worked!!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.