I’ve been enjoying accessing my server using my phone through a VPN. I can interface with any service on my phone, which is convenient since I don’t have to carry my laptop around. However, there are times when I need my laptop, whether for SSH or to open a VNC connection to machines I have hosted at home. Is there a secure way to access my server from any machine without installing my VPN, sharing SSH keys, or even installing a VNC client? I understand that accessing from any machine securely is contradictory, but I’m interested in your opinions.
I use the browser-based Cloudflare SSH, which is secured with two-factor authentication.
Brett said:
I use the browser-based Cloudflare SSH, which is secured with two-factor authentication.
I see these convenient Cloudflare solutions mentioned a lot. What’s the catch? How is it free? Are we paying with our data?
@Avi
It’s just marketing. They want me to use their services while developing solutions for clients.
Brett said:
@Avi
It’s just marketing. They want me to use their services while developing solutions for clients.
Good point. Thanks!
Brett said:
@Avi
It’s just marketing. They want me to use their services while developing solutions for clients.
Good point. Thanks!
Always a valid concern with ‘free’ services!
Brett said:
@Avi
It’s just marketing. They want me to use their services while developing solutions for clients.
It’s limited and not private from a self-hosted perspective. Cloudflare handles TLS termination, which means they can see your traffic. They are reliable, but it’s a trade-off if self-hosting.
@Merritt
That’s why I support free, open-source options that can be self-hosted, like OpenZiti (https://openziti.io/).
@Avi
Check out Cloudflare’s free plan details here: Why Cloudflare offers a free plan · Cloudflare Fundamentals docs
How can they provide these services for free?
It’s mostly free for basic use, which works for many home users. Businesses will likely gravitate towards paid tiers.
Dev said:
@Avi
How can they provide these services for free?
It’s mostly free for basic use, which works for many home users. Businesses will likely gravitate towards paid tiers.
[deleted]
@Sal
But self-hosters would typically be considered “pro users” meant to be enticed into their paid offerings. Their free plan has features suited for average users.
@Avi
Cloudflare has a blog explaining their business model. They make money even from free customers without selling user data.
@Avi
Why is there such a strong following for Cloudflare?
True said:
@Avi
Why is there such a strong following for Cloudflare?
[deleted]
Each service has privacy and dependence issues. For example, their service for SSH: https://blog.cloudflare.com/intro-access-for-infrastructure-ssh/, and they’re known to protect unscrupulous sites.
@Auden
Care to elaborate? I’m curious.
Finlo said:
@Auden
Care to elaborate? I’m curious.
Of course. There are various articles discussing these issues. Basically, they want to intercept SSH data…
https://blog.cloudflare.com/intro-access-for-infrastructure-ssh/
They protect harmful sites and are not easily accountable for abuse reporting. Their push to make DNS-over-HTTPS standard through collaboration with Mozilla raises privacy concerns. Stripping geographic data limits CDNs processing capabilities.
As a for-profit business in a Five Eyes country, they handle all data—even encrypted traffic—presumably without restrictions. If they monopolize services, we will face privacy issues controlled by profit-driven motives.
Their push for DNS-over-HTTPS breaks split-horizon DNS, but not only Cloudflare or Firefox is to blame for this; all major browsers act similarly.
I dislike this shift, but it’s more about convenience for users, even if it complicates DNS configurations.
@Auden
Your concerns are valid but pale compared to the benefits they provide. They are not responsible for the negative aspects of the internet; their focus is on improving security, costs, and user experiences. Having one trusted authority is more reassuring than dealing with multiple potentially malicious entities.