SSH web - ERR: "not a http service"

Hello there,

I am getting used to this technology, recently I configured a test argo tunnel for exposing SSH as a web-browser app.

Upon following the steps in the official How-To at: https://developers.cloudflare.com/cloudflare-one/tutorials/ssh

I found no issues following the guide, however whenever I try to open the application from my app launcher, I reach out to an ERROR 502 Bad gateway.

When I check the server, it will show this lines:

2021-06-10T23:08:46Z ERR localhost:22 is not a http service
2021-06-10T23:08:46Z ERR error=“Not a http service” cfRay=65d64376ebff0178-MIA ingressRule=0 originService=localhost:22
2021-06-10T23:08:47Z ERR localhost:22 is not a http service
2021-06-10T23:08:47Z ERR error=“Not a http service” cfRay=65d643799ff50178-MIA ingressRule=0 originService=localhost:22

I am unsure what the http service error is related to. I made sure SSHD is using TCP22, restarted the service and tested it within the LAN my server is sitting on.

Haven’t found much about that type of error so I am recurring to your knowledge here,

Thanks!

Do you have Access enabled for that hostname? I had the same issue with it when I had an Access Policy set to Bypass for my home IP address, plus an Allow for my email address. If I removed the Bypass, I’d trigger the Allow login page and the web interface worked.

1 Like

Hi there,

I am a first time poster here on Cloudflare forum, please let me know if I need to change anything or create a new thread for my issue.

I am experiencing the exact same issue setting up my friend’s Cloudflare Access. I looked over my configurations and the hostname have Access enabled. Access Policy is set to Allow. I setup my own SSH Web Rendering without any problem. I tried to compare my config with my friend’s config and they are similar. Everything else works like SSH tunnel, config.yml, CNAME is set up, and Short-lived certificate is set up too.

Do you know what is the cause for this error? Is it a caching issue (I cannot find anywhere else that would go wrong)? I know 502 is a server error but based on the cloudflared logs (exact same error as PO), it looks like we are accessing http://ssh.DOMAIN.com directly which is not my intention. Shouldn’t Cloudflare intercept that HTTP request and make a ssh request to the server? Because again, my ingress only stated the following,

ingress:

  • hostname: ssh.DOMAIN.com
    service: ssh://localhost:22
  • service: http_status:404

and none of them is HTTP protocol other than the fallback 404. This will make cloudflared throw localhost:22 is not a http service no questions there, but I am wondering how did that HTTP request get to cloudflared in the first place?

Please let me know if you have any idea on where the problem is.

Thank you

I believe you should already configure the Access Policy if you followed the steps of the link that you provided.

But did you enable this:

image

1 Like

I am having the same issue as OP. If I toggle “Enable browser rendering” to On then save upon refresh it is toggled back to off again.

Try a different browser or device. I toggled mine a few times and it’s staying on through Forced reloads of the page.

Right, I followed step by step the guide, and reviewed the mentioned configuration at app level, but whenever I try to reach out the target URL, I get a 502 bad gateway despite of the browser/device I am trying from…

2021-06-11T14:30:30Z ERR localhost:22 is not a http service
2021-06-11T14:30:30Z ERR error=“Not a http service” cfRay=65db89a5fd482278-MIA ingressRule=0 originService=localhost:22

The web wont render the SSH at all. I will try to re-do the whole configuration and start from scratch.
Also, I am not experiencing that toggle problem. I can change the SSH browser option and it will keep showing the same 502 and “ERR localhost:22 is not a http service”