SSH server with cloudflared - user login issue

Zero Trust Cloudflare Tunnel
1

Greetings,

I have been using Cloudflare Tunnel for a while and it’s been working fine with both HTTP and HTTPS servers.

However, when trying to follow the instructions on to " Connect to SSH server with cloudflared access" from the doc:

:yellow_circle: :yellow_circle: :yellow_circle: :yellow_circle:

​​1. Connect the server to Cloudflare

  1. Create a Cloudflare Tunnel by following our dashboard setup guide.
  2. In the Public Hostnames tab, choose a domain from the drop-down menu and specify any subdomain (for example, ssh.example.com).
  3. For Service, select SSH and enter localhost:22. If the SSH server is on a different machine from where you installed the tunnel, enter <server IP>:22.
  4. Select Save hostname.
  5. (Recommended) Add a self-hosted application to Cloudflare Access in order to manage access to your server.

​​2. Connect as a user

Users can connect from their device by authenticating through cloudflared, or from a browser-rendered terminal.

:yellow_circle: :yellow_circle: :yellow_circle: :yellow_circle:

​​Rendering in the browser

Browser-rendered applications can be set for domains and subdomains, but cannot be set for paths.

Cloudflare can render certain non-web applications in your browser without the need for client software or end-user configuration changes. Cloudflare currently supports rendering a terminal for SSH and VNC connections in a user’s browser.

To enable browser rendering:

  1. In Zero TrustOpen external link, go to Access > Applications.
  2. Locate the SSH or VNC application you created when connecting the server to Cloudflare. Select Configure.
  3. In the Policies tab, ensure that only Allow or Block policies are present. Bypass and Service Auth are not supported for browser-rendered applications.
  4. In the Settings tab, scroll down to Browser rendering.
  5. Choose SSH or VNC.

Once enabled, when users authenticate and visit the URL of the application, Cloudflare will render a terminal in their browser.

:yellow_circle: :yellow_circle: :yellow_circle: :yellow_circle:

I am able to hit the server on the web browser when typing:

https://ssh-server.domain.com

and able to authenticate on the policy to access from the portal.

However, when it prompts me with a user name and password, it keeps failing!

not sure which user and password is asking here.

Screenshot 2023-07-04 at 9.52.38 AM
Screenshot 2023-07-04 at 9.52.38 AM1238Γ—713 33.5 KB

Screenshot 2023-07-04 at 9.42.31 AM
Screenshot 2023-07-04 at 9.42.31 AM950Γ—589 9.89 KB

Screenshot 2023-07-04 at 9.43.42 AM
Screenshot 2023-07-04 at 9.43.42 AM835Γ—574 16.6 KB

:yellow_circle: :yellow_circle: :yellow_circle: :yellow_circle:

Also, this video is old and is no longer valid:

:yellow_circle: :yellow_circle: :yellow_circle: :yellow_circle:

I already tried different things, service tokens and actual users from the users lists, nothing worked.

Any advise.

Thanks

4

Update:

I figured out the issue here.

The user and password is actually the SSH server and password.

Issue is fixed.

Screenshot 2023-07-04 at 1.09.41 PM
Screenshot 2023-07-04 at 1.09.41 PM1079Γ—650 88.7 KB

2 Likes