Get the most out of your Centmin Mod LEMP stack
Become a Member

Cloudflare Best SSH configuration with Cloudflare?

Discussion in 'System Administration' started by deltahf, Jul 3, 2018.

Tags:
  1. deltahf

    deltahf Premium Member Premium Member

    320
    147
    43
    Jun 8, 2014
    Ratings:
    +234
    Local Time:
    7:09 AM
    I've just enabled Cloudflare, and quickly realized it will require me to change how I use SSH, as they block port 22 and the other custom SSH port I was using.

    It seems I have a few options. I could:
    What do you guys do? Which would you recommend?

    The bottom option seems like the best one to me.
     
  2. eva2000

    eva2000 Administrator Staff Member

    39,832
    8,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,528
    Local Time:
    9:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Cloudflare only covers HTTP/HTTPS ports (80/443) and doesn't touch SSH and other non-HTTP/HTTPS ports so shouldn't have any issues. Never has
     
  3. deltahf

    deltahf Premium Member Premium Member

    320
    147
    43
    Jun 8, 2014
    Ratings:
    +234
    Local Time:
    7:09 AM
    So why did ssh connections fail as soon as I enabled Cloudflare?
     
  4. eva2000

    eva2000 Administrator Staff Member

    39,832
    8,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,528
    Local Time:
    9:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    How you SSH in ? I alway use server IP for SSH logins
     
  5. deltahf

    deltahf Premium Member Premium Member

    320
    147
    43
    Jun 8, 2014
    Ratings:
    +234
    Local Time:
    7:09 AM
    I just use the domain.
    Code (Text):
    ssh [email protected]


    Guess I will have to start using the IP now. Too bad I already locked myself out of my server while trying to change the SSH port on my box... :rolleyes: not sure what I did wrong. And now ReliableSite's KVM access isn't working... Fun times.
     
    • Informative Informative x 1
  6. eva2000

    eva2000 Administrator Staff Member

    39,832
    8,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,528
    Local Time:
    9:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    I have always SSH in via IP address :)
     
    • Like Like x 1
  7. wmtech

    wmtech Active Member

    103
    28
    28
    Jul 22, 2017
    Ratings:
    +75
    Local Time:
    1:09 PM
    No matter if domain or ip address (is the same, domain just takes some milliseconds longer), this has nothing to do with Cloudflare.
     
  8. deltahf

    deltahf Premium Member Premium Member

    320
    147
    43
    Jun 8, 2014
    Ratings:
    +234
    Local Time:
    7:09 AM
    Except that you can't connect via SSH using the domain if you're using Cloudflare.
     
  9. wmtech

    wmtech Active Member

    103
    28
    28
    Jul 22, 2017
    Ratings:
    +75
    Local Time:
    1:09 PM
    True if the hostname of your server is the same as the domain name of your web site.
     
  10. deltahf

    deltahf Premium Member Premium Member

    320
    147
    43
    Jun 8, 2014
    Ratings:
    +234
    Local Time:
    7:09 AM
    Doesn't that run the risk of exposing your server's real IP though?

    Is there a way to query all the A records of a TLD, so you could see all its subdomains? Or does each unique subdomain have to be queried from the root name servers directly?
     
  11. eva2000

    eva2000 Administrator Staff Member

    39,832
    8,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,528
    Local Time:
    9:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    • Agree Agree x 1
..