What is the name of the domain?
harshanu.space
What is the error number?
origin auth failed
What is the error message?
Received disconnect from 10.0.0.2 port 22:14: origin auth failed Disconnected from 10.0.0.2 port 22
What is the issue you’re encountering
Reigiously followed docs here :: Add an infrastructure application | Cloudflare Zero Trust docs
Nevertheless, cannot connect to remote server over private network with Cloudflare access. The application is of type Infrastructure, only SSH is said to be supported but it’s not working.
What steps have you taken to resolve the issue?
I am using browser based SSH for now as a workaround.
What are the steps to reproduce the issue?
Follow documentation here :: Add an infrastructure application | Cloudflare Zero Trust docs
Harshas-MBP:SystemConfiguration harshavmb$ ssh [email protected]
The authenticity of host ‘10.0.0.2 (10.0.0.2)’ can’t be established.
ED25519 key fingerprint is SHA256:blah-blah.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘10.0.0.2’ (ED25519) to the list of known hosts.
Received disconnect from 10.0.0.2 port 22:14: origin auth failed
Disconnected from 10.0.0.2 port 22
Also enabling debug on cloudflared/auth.log give not so helpful logs::
0000001",“originService”:“warp-routing”}
2024-11-14T18:02:23Z debug tcp tcp proxy stream finished successfully {“connIndex”:2,“destAddr”:“10.0.0.2:22”,“flowID”:“23cd6fe9c40000dcc44d6ab400000001”,“originService”:“warp-routing”}
2024-11-14T18:02:41Z debug tcp tcp proxy stream started {“connIndex”:2,“destAddr”:“10.0.0.2:22”,“flowID”:“23cd708e410000dcc44d6f9400000001”,“originService”:“warp-routing”}
2024-11-14T18:02:41Z debug tcp origin connection established {“connIndex”:2,“destAddr”:“10.0.0.2:22”,“flowID”:“23cd708e410000dcc44d6f9400000001”,“originService”:“warp-routing”}
2024-11-14T18:02:41Z debug tcp proxy stream acknowledged {“connIndex”:2,“destAddr”:“10.0.0.2:22”,“flowID”:“23cd708e410000dcc44d6f9400000001”,“originService”:“warp-routing”}
2024-11-14T18:02:43Z debug tcp upstream->downstream copy: read tcp 10.0.0.2:46590->10.0.0.2:22: use of closed network connection {“connIndex”:2,“destAddr”:“10.0.0.2:22”,“flowID”:“23cd708e410000dcc44d6f9400000001”,“originService”:“warp-routing”}
From /var/log/auth.log on target machine::
Nov 14 18:04:57 raspberrypi-dr sshd[1378877]: Disconnected from 10.0.0.2 port 57646 [preauth]
Nov 14 18:05:16 raspberrypi-dr sshd[1378883]: Received disconnect from 10.0.0.2 port 43508:11: cloudflare: client connection closed [preauth]
Nov 14 18:05:16 raspberrypi-dr sshd[1378883]: Disconnected from 10.0.0.2 port 43508 [preauth]
As said in sshd logs, it’s failing right in preauth, so authentication of ssh daemon isn’t yet started.
I spent several hours investigating this, but no luck. Not sure what’s wrong.
However, the same user could ssh with browser, so not related to access.
Your help is much appreciated.