You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access.mdx
+19-12Lines changed: 19 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -215,22 +215,27 @@ As an end user, run [`warp-cli target list`](/cloudflare-one/applications/non-ht
215
215
216
216
- If the target does not appear in the list, your Access policies concerning the target machine must be audited for potential misconfigurations that may be blocking access.
217
217
218
+
To review if an Access policy is causing connection issues:
219
+
218
220
:::note
219
221
220
222
You will need Cloudflare dashboard access and log view [permissions](/cloudflare-one/roles-permissions/) to proceed with this step.
221
223
222
224
:::
223
225
224
-
To review if an Access policy is causing connection issues:
226
+
1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Logs** > **Access**.
227
+
228
+
2. Select the application you are testing or filter _Infrastructure_ as the App Type.
229
+
230
+
3. Review the **Decision**. If the **Decision** is `Access denied`, select the application and copy the name under App.
225
231
226
-
1. Log in to [Zero Trust](https://one.dash.cloudflare.com/).
227
-
2. Go to **Logs** > **Access**.
228
-
3. Select the application you are testing or filter by _Infrastructure_ App Type.
229
-
4. Review the **Decision**. If the **Decision** is not Access granted, select the application and copy the name under App.
230
-
5. Go to **Access** > **Applications**.
231
-
6. Input the app name in the search bar and select the application.
232
-
7. Select **Configure**.
233
-
8. Go to **Policies** to review what criteria may be blocking the user.
232
+
4. Go to **Access** > **Applications**.
233
+
234
+
5. Input the app name in the search bar and select the application.
235
+
236
+
6. Select **Configure**.
237
+
238
+
7. Go to **Policies** to review what criteria may be blocking the user.
234
239
235
240
By editing a [policy](/cloudflare-one/policies/access/) that is explicitly blocking the user or adding a new policy to explicitly allow the user, the connection issue should be resolved. After saving your policy changes, attempt to connect to the target machine as the end user.
236
241
@@ -253,9 +258,11 @@ To check the status of your Tunnel:
253
258
254
259
If the status of your Tunnel is Inactive, you must install and run the Tunnel on your server as described in [step 1: Connect the server to Cloudflare](#1-connect-the-server-to-cloudflare).
255
260
256
-
If the status of your Tunnel is Down, the server could be turned off or the server was connected to Cloudflare at one point but is now no longer connected. This could be due to various changes on the server side, like firewalls, load balancers, or other network devices blocking `cloudflared` connections. Refer to the [Tunnel with Firewall](/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-with-firewall/#test-connectivity) or [Troubleshooting Tunnel documentation](/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/) for more information.
261
+
If the status of your Tunnel is Down, the server could be turned off or the server was connected to Cloudflare at one point but is now no longer connected. This could be due to various changes on the server side, like firewall configuration, load balancer interference, or other network devices blocking `cloudflared` connections.
262
+
263
+
Refer to the [Tunnel with Firewall](/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-with-firewall/#test-connectivity) or [Troubleshooting Tunnel documentation](/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/) for more information.
257
264
258
-
After you have vertified that there are no issues with your Tunnel's health, continue to verifying the user's existence on the target machine.
265
+
After you have vertified that there are no issues with your Tunnel's health, continue to verifying the user's existence on the target SSH server.
259
266
260
267
### 3. Confirm user existence on the target server
261
268
@@ -265,7 +272,7 @@ If the user exists on the target machine, continue to debugging the `sshd_config
265
272
266
273
### 4. Debug `sshd_config` file misconfiguration
267
274
268
-
Failure to connect to your SSH endpoint could be the result of multiple variables. One reason might be the result of a misconfigured `sshd_config` file.
275
+
One reason a user is failing to connect to your SSH endpoint might be the result of a misconfigured `sshd_config` file. Follow the steps below to audit your `sshd_config` file for misconfigurations.
0 commit comments