ZeroTrust Tunnel SSH via Browser

I have been trying for three days to get this to work, and it is driving me crazy.

I want to access my Raspberry Pi 4 behind a CG NAT. I set up a tunnel using this command:

cloudflared service install eyJhIjoi(Imaginefullkey)

The tunnel works so far. When I expose web services like Portainer, Nginx, or other stuff, it works. However, trying to SSH over the browser is making me want to hit my head against the wall.

I created a public hostname with proxy type “” service SSH localhost:22. I also created an application that points to and enabled selected browser render mode SSH. For the policy, I selected “allow,” a simple email, and required country Germany.

When I try to access, I need to identify myself with my email, and then I get an error window.

I am at a point where I don’t know what I should do anymore. Does someone have proper guidance that can help me get this working?

Is any other configuration necessary on the Raspberry Pi itself?

So is your Pi running Windows ? I noticed you’re using a .exe.

Nope, that was a typo. It is running the standard rasbian 64-bit CLI or so-called minimum distribution.

I’m using the command line configured tunnel, as opposed to the dashboard configured. My PC is off right now so I can’t get the config but I don’t mind sharing it with you. Would you care to do a screen sharing session later and we can compare notes? I’m willing to help someone else get this working because it was a huge pain for me. I’m in the Eastern USA timezone.

I would be very happy if someone could help me with this, as I’ve been driving myself crazy about it lately. I could then take the knowledge I gain and make it available to others, since the Cloudflare documentation isn’t particularly good in this regard.

I’m based in Germany, timezone UTC/GMT +2.

When are you approximately at home or on the computer, so I can keep an eye on the notifications here?

I am UTC-4 so that’s about 6 hours behind you. I will be home around 5:00PM local time, which should be 11:00PM for you. Are you on Discord? We could chat there if it would be easier. My name is skykingjwc #7371.

Yes im on discord i have send you a request.