Fixed Cloudflare tunnel public hostname ssh did not work

tianlang 发布于2025年05月19日10:38

Issue

I configured a public hostname in a Cloudflare Tunnel for SSH access to ssh.tianlang.tech. The domain is pingable:

ping ssh.tianlang.tech
PING ssh.tianlang.tech(2606:4700:3034::6815:1e5f (2606:4700:3034::6815:1e5f)) 56 data bytes
64 bytes from 2606:4700:3034::6815:1e5f (2606:4700:3034::6815:1e5f): icmp_seq=1 ttl=52 time=187 ms
64 bytes from 2606:4700:3034::6815:1e5f

However, attempting to connect via SSH results in a timeout error:

ssh ssh.tianlang.tech
ssh: connect to host ssh.tianlang.tech port 22: Connection timed out

Solution

To resolve this, I added the following configuration to my ~/.ssh/config file:

Host ssh.tianlang.tech
Hostname ssh.tianlang.tech
ProxyCommand cloudflared access ssh --hostname %h

Replace ssh.tianlang.tech with your own domain as needed.

Root Cause

The issue occurs because the SSH connection is routed through a Cloudflare Tunnel, which requires cloudflared to act as a proxy for authentication and routing.

Developed with Rust, Open source on Github
Copyright ©2020-2030

粤公网安备 44030702003166号
豫ICP备20022745号