cloudflare
One of Cloudflare's lesser-known features is its ability to act as a
proxy for OpenSSH connections,
which can be useful in situations where you need to connect to a remote server behind a firewall or not directly accessible from your network.
By routing your OpenSSH traffic through Cloudflare, you can bypass these restrictions and establish a secure connection to your server.
Setting up Cloudflare as a Proxy for OpenSSH
- Sign up for a Cloudflare account
- Add your domain to Cloudflare
- Create a new DNS record for your SSH server
- Go to the Firewall app in the Cloudflare dashboard and create a new firewall rule that allows traffic to your SSH server over port 22
- Install the Cloudflare command-line tool (cloudflared) on your local machine to connect to Cloudflare's Argo Tunnel service, which acts as a proxy for your OpenSSH traffic
- Start a new Argo Tunnel connection using the cloudflared tool by providing the domain name of your SSH server and Cloudflare account credentials
Potential Risks
it's important to keep in mind that adding an
additional link in the chain can increase the potential for failure.
If the Cloudflare proxy connection is ever broken or interrupted, your OpenSSH service may become inaccessible, even if your server is still up and running.