In-browser SSH terminal

Task

Finally, in this lab of section 1, we will use Cloudflare Access to render an SSH terminal in a web browser.

Cloudflare’s browser-based terminal renders a fully functional SSH terminal console.
This lets you verify that users meet Zero Trust rules before gaining remote server access.
Cloudflare will accelerate the connection, control what data transfers can occur, and record the session for audit purposes.

Navigate back to Access ‣ Tunnels and open your tunnel configuration by clicking the three dots on the right:

Under the Public hostname section, add a new public hostname with Subdomain ssh, Type SSH and URL localhost:22

Return to the Access ‣ Applications panel and create a new Self-hosted application
Set Subdomain to match the one you created for your public hostname in the previous step, i.e. ssh

Create basic allow policy like you did for the other applications
Click Next and in the final Setup page, turn on Enable automatic cloudflared authentication and select SSH under Browser rendering to instruct Cloudflare to render the SSH terminal in the browser

In your local web browser (the browser you’re using to read this lab guide), plug in ssh.<your_domain>
When prompted, enter the Username and Password for your Ubuntu server:

⚙️ nocopy ⚙️
username: cloudflare
password: #Savetheinternet

Ubuntu server credentials

If you’re doing this lab as part of a Cloudflare University course, run the following command to get your completion token:

curl "https://lab.cfiq.io/zt/v1/seed" -H 'X-Get-Token: tw7SkSlr9vyOAgYYK18R, {LAB_SLUG}'

If successful, the output should look like this:

$ curl "https://lab.cfiq.io/zt/v1/seed" -H 'X-Get-Token: tw7SkSlr9vyOAgYYK18R, ancient-uncle'

Enter this token in the 301 Zero Trust e-learning course:
🟨completion-token-will-be-here