How to ssh to my VPS when Cloudflare is enabled?

What is the name of the domain?

example.com

Related to

Cloudflare Tunnel

What is the issue you’re encountering

Can’t understand instructions for setting up ssh access to my VPS when Cloudflare is enabled

What steps have you taken to resolve the issue?

I know nearly nothing about networks, I just code web pages. I used to ssh into my VPS, but ever since enabling Cloudflare on my domain, my Terminal says “ssh: connect to host example.com [my actual domain there] port 22: Operation timed out”. I presume this is because my Terminal is trying to connect to Cloudflare rather than to my server. I tried to follow the Cloudflare documentation but it’s unhelpfully highly technical and presumes much networking knowledge, the instructions don’t always match what I see on the screen, and the Cloudflare control panel interface is daunting to a non-networking user.

The Cloudflare docs seem to suggest I need to set up a tunnel through Zero Trust. So, following the instructions, I logged into Cloudflare, went to Zero Trust, gave the “team” (whatever that is) a name, went to Networks > Tunnels > Add a Tunnel (named it), followed the instructions on the web page to run commands in the Terminal, the Connector showed up on the Cloudflare panel, then on the next page I was prompted to make a selection from a dropdown (I chose “ssh”) and enter a url (I entered my domain name). I clicked Submit or Next or Continue or whatever, but nothing seemed to happen. I clicked again and it said something about a record already being set up. I clicked around and now I can’t get back to that page with the dropdown to choose “ssh” and enter the url. When I try to ssh into my server, I still get the timeout, so apparently I didn’t succeed in setting up the tunnel.

Welcome to the Cloudflare Community. :logodrop:

You certainly can use Cloudflare Zero Trust, but you can also create a :grey: DNS Only hostname instead and just use it with your SSH client.

That’s you and any collaborators you may add.

You may need cloudflared or Warp running on your device if you are trying to connect with your usual SSH client. Which of the four Cloudflare Zero Trust SSH methods are you using?

1 Like

Thank you for your reply. I’m afraid I don’t understand any of it. I can’t stress enough how little I understand about networking in general and Cloudflare specifically. I’ve tried to read the docs, including the one you posted, but they’re all Greek to me.

Specifically to your reply, I do know that cloudflared was installed on my computer through then Terminal commands that the Cloudflare website directed me to enter, but that’s pretty much all I know. I don’t know how to “create a DNS Only hostname instead”, but that sounds like the easiest way to accomplish what I want and if so then I’d love to do that if I could find out how. I don’t know what Warp is and I doubt it’s installed on my comuter. I don’t know “which of the four Cloudflare Zero Trust SSH methods” I’m using, or how to find out.

Just updating because I contacted my webhost and they provided the solution: When using ssh in the Terminal, instead of specifying my website’s domain name, use either the server’s hostname or the server’s IP address. I didn’t see that suggested anywhere in Cloudflare’s voluminous documentation. I know this will be obvious to those who know networking, but not everybody does.

1 Like

My suggestion to add a hostname set to :grey: DNS Only delivers the same result while still allowing you to use an easy to remember name instead of the IP.

No matter. I am glad to hear that you have a solution that works for you.

Except, as I said, I have no idea what that even means, much less how to set it up.

Assuming that you have a hostname of www, you would simply add one named ssh using the same IP as www.

You then click its :orange: to turn it :grey:

2 Likes

Thank you. I actually don’t have a hostname of www, but I don’t think that affects your instructions. I was able to follow them, adding an A record with a hostname starting with ssh., and turning off Proxied so it now reads DNS only. After that, my initial “ssh [email protected]” timed out when I tried it, but after waiting five minutes it now works and I’m able to log into my server. Thank you again very much for your help.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.