AUTH-2114: Uses short lived cert auth for outgoing client connection

2025-07-27 17:19:58 +00:00 · 2019-10-09 16:56:47 -05:00
parent 4d2583edf5
commit 95704b11fb
5 changed files with 221 additions and 79 deletions
--- a/cmd/cloudflared/tunnel/cmd.go
+++ b/cmd/cloudflared/tunnel/cmd.go
@@ -395,8 +395,8 @@ func StartServer(c *cli.Context, version string, shutdownC, graceShutdownC chan
 			uploadManager.Start()
 		}

-		sshServerAddress := "127.0.0.1:" + c.String(sshPortFlag)
-		server, err := sshserver.New(logManager, logger, version, sshServerAddress, shutdownC, c.Duration(sshIdleTimeoutFlag), c.Duration(sshMaxTimeoutFlag))
+		localServerAddress := "127.0.0.1:" + c.String(sshPortFlag)
+		server, err := sshserver.New(logManager, logger, version, localServerAddress, c.String("hostname"), shutdownC, c.Duration(sshIdleTimeoutFlag), c.Duration(sshMaxTimeoutFlag))
 		if err != nil {
 			msg := "Cannot create new SSH Server"
 			logger.WithError(err).Error(msg)
@@ -411,7 +411,7 @@ func StartServer(c *cli.Context, version string, shutdownC, graceShutdownC chan
 			// TODO: remove when declarative tunnels are implemented.
 			close(shutdownC)
 		}()
-		c.Set("url", "ssh://"+sshServerAddress)
+		c.Set("url", "ssh://"+localServerAddress)
 	}

 	if host := hostnameFromURI(c.String("url")); host != "" {