-
Notifications
You must be signed in to change notification settings - Fork 10k
Changelog entries for SSH with Access for Infrastructure and Logpush support for SSH command logs #23497
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
nikitacano
merged 2 commits into
cloudflare:production
from
asamborski:asamborski_ssh_changelogs
Jul 10, 2025
Merged
Changelog entries for SSH with Access for Infrastructure and Logpush support for SSH command logs #23497
Changes from 1 commit
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
18 changes: 18 additions & 0 deletions
18
src/content/changelog/access/2024-10-01-ssh-with-access-for-infrastructure.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| --- | ||
| title: Eliminate long-lived credentials and enhance SSH security with Cloudflare Access for Infrastructure | ||
| description: Use short-lived SSH certificates and fine-grained policy to secure access to your SSH servers. | ||
| date: 2024-10-01T6:00:00Z | ||
| --- | ||
|
|
||
| Organizations can now eliminate long-lived credentials from their SSH setup and enable strong multi-factor authentication for SSH access, similar to other Access applications, all while generating access and command logs. | ||
|
|
||
| SSH with [Access for Infrastructure](/cloudflare-one/applications/non-http/infrastructure-apps/) uses short-lived SSH certificates from Cloudflare, eliminating SSH key management and reducing the security risks associated with lost or stolen keys. It also leverages a common deployment model for Cloudflare One customers: [WARP-to-Tunnel](/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-warp-to-tunnel/). | ||
|
|
||
| SSH with Access for Infrastructure enables you to: | ||
| - **Author fine-grained policy** to control who may access your SSH servers, including specific ports, protocols, and SSH users. | ||
| - **Monitor infrastructure access** with Access and SSH command logs, supporting regulatory compliance and providing visibility in case of security breach. | ||
| - **Preserve your end users' workflows.** SSH with Access for Infrastructure supports native SSH clients and does not require any modifications to users’ SSH configs. | ||
|
|
||
|  | ||
|
|
||
| To get started, see [SSH with Access for Infrastructure](/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access/). | ||
13 changes: 13 additions & 0 deletions
13
src/content/changelog/access/2025-01-15-ssh-logs-and-logpush.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| --- | ||
| title: Export SSH command logs with Access for Infrastructure using Logpush | ||
| description: Easily configure automatic export of SSH command logs to third-party storage destinations or to security information and event management (SIEM) tools. | ||
| date: 2025-01-15T6:00:00Z | ||
| --- | ||
|
|
||
| :::note[Availability] | ||
| Only available on Enterprise plans. | ||
| ::: | ||
|
|
||
| Cloudflare now allows you to send SSH command logs to storage destinations configured in [Logpush](/logs/about/), including third-party destinations. Once exported, analyze and audit the data as best fits your organization! For a list of available data fields, refer to the [SSH logs dataset](/logs/reference/log-fields/account/ssh_logs/). | ||
|
|
||
| To set up a Logpush job, refer to [Logpush integration](/cloudflare-one/insights/logs/logpush/). |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.