SSH for Customer Access

Hi Cloudflare. I just got started with Clouflare and am trying to figure out the best approach for ssh access. Here is the scenario - external customers need occasional/random ssh access to internal users need daily ssh access to - for the external users I would like to keep ssh access as smooth as possible so this excludes enrolling them in any sort of zero trust infrastructure. would spectrum be the way to go, and does that require any work on the customer side?

Welcome to the Cloudflare Community. :logodrop:

Spectrum appears to meet your desired outcome for not requiring any change on the external customer portion.

I approach this differently and use an additional unproxied domain for ssh access.

With a matching A record configured on another domain and set to :grey: DNS Only, can be accessed via ssh at