After following the various tutorials, I’ve been unable to get an SSH connection working, failing on the above error.
The setup is as follows:
- an EC2 instance in AWS with inbound security group rules enabled, running an Argo Tunnel as a service under Ubuntu. It is within a private network on AWS.
- Client has configured the DNS servers per the instructions, is running the WARP client. However, I do get the same error when attempting to SSH to the server when connected via our existing VPN to the private network or when connected only via the WARP client (or neither).
- The SSH client has had the config modified to use ProxyCommand /usr/local/bin/cloudflared access ssh --hostname %
- I’ve created a site, setup the application (self-hosted) and created a CNAME record pointing to the tunnel UUID.cftunnel.com
Setting the tunnel to debug log level reports nothing that seems relevant to this error.
How should I think about debugging this? Based on community posts I’ve tried reauthenticating after all the policies etc are configured, but that doesn’t seem to make a difference.
SSL is set to flexible, but I’ve also tried Full with the same result. The cert.pem that was generated by Cloudflared login is copied to /etc/cloudflared and explicitly referenced in the config.yml.