Skip to content

[CF1] ZTIA troubleshooting guide final step #26207

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: production
Choose a base branch
from
Open

[CF1] ZTIA troubleshooting guide final step #26207

wants to merge 1 commit into from
+93 −45

Conversation

@deadlypants1973
Copy link
Contributor

@deadlypants1973 deadlypants1973 commented Oct 31, 2025

Summary

PCX-19900

Screenshots (optional)

Documentation checklist

  • Is there a changelog entry (guidelines)? If you don't add one for something awesome and new (however small) — how will our customers find out? Changelogs are automatically posted to RSS feeds, the Discord, and X.
  • The change adheres to the documentation style guide.
  • If a larger change - such as adding a new page- an issue has been opened in relation to any incorrect or out of date information that this PR fixes.
  • Files which have changed name or location have been allocated redirects.

@deadlypants1973 deadlypants1973 requested review from a team, nikitacano and ranbel as code owners October 31, 2025 10:16
@github-actions
Copy link
Contributor

github-actions bot commented Oct 31, 2025

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/docs/cloudflare-one/networks/connectors/cloudflare-tunnel/ @nikitacano, @ranbel, @cloudflare/pcx-technical-writing
/src/content/docs/cloudflare-one/team-and-resources/devices/ @ranbel, @cloudflare/pcx-technical-writing
* @cloudflare/pcx-technical-writing

@github-actions
Copy link
Contributor

github-actions bot commented Oct 31, 2025

Preview URL: https://3dc3d3ed.preview.developers.cloudflare.com
Preview Branch URL: https://kate-fixes-sshd-finals.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/warp/troubleshooting/troubleshooting-guide/ https://kate-fixes-sshd-finals.preview.developers.cloudflare.com/cloudflare-one/team-and-resources/devices/warp/troubleshooting/troubleshooting-guide/
https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/ https://kate-fixes-sshd-finals.preview.developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access/

lgmugnier
lgmugnier reviewed Nov 4, 2025
View reviewed changes
...dflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access.mdx
### 3. Confirm user existence on the server

To verify the existence of the end user on the server, run the `id <USERNAME>` command on the server to verify that the end user's username exists. If the username does not exist, you must add the user to the server.
To verify the existence of the UNIX user on the server, run the `id <USERNAME>` command on the server to verify that the UNIX username exists. If the username does not exist, you must add the user to the server.
Copy link
Contributor

@lgmugnier lgmugnier Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should call it UNIX user because people can also SSH in to Windows machines

Copy link
Contributor

@lgmugnier lgmugnier Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

although, I guess that would also be another process, so then my recommendation is just to make it clear that these are instructions for a unix server

lgmugnier
lgmugnier reviewed Nov 4, 2025
View reviewed changes
src/content/partials/cloudflare-one/warp/support-ticket-best-practices.mdx

{props.sshMode ? (
<>
<p>On October 30, 2025, at approximately 3:45 PM UTC, Alice attempted to SSH into 10.116.0.3 (target hostname: prod-db-01) using Access for Infrastructure. The SSH client returned <code>Permission denied (publickey)</code> despite her email being included in the Access policy.</p>
Copy link
Contributor

@lgmugnier lgmugnier Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The most likely error is "Permission denied (none)"

lgmugnier
lgmugnier reviewed Nov 4, 2025
View reviewed changes
...dflare-one/networks/connectors/cloudflare-tunnel/use-cases/ssh/ssh-infrastructure-access.mdx
### 3. Confirm user existence on the server

To verify the existence of the end user on the server, run the `id <USERNAME>` command on the server to verify that the end user's username exists. If the username does not exist, you must add the user to the server.
To verify the existence of the UNIX user on the server, run the `id <USERNAME>` command on the server to verify that the UNIX username exists. If the username does not exist, you must add the user to the server.
Copy link
Contributor

@lgmugnier lgmugnier Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
To verify the existence of the UNIX user on the server, run the `id <USERNAME>` command on the server to verify that the UNIX username exists. If the username does not exist, you must add the user to the server.
To verify the existence of a user on a UNIX server, run the `id <USERNAME>` command on the server to verify that the username exists. If the username does not exist, you must add the user to the server.

deadlypants1973
deadlypants1973 commented Nov 4, 2025
View reviewed changes
src/content/partials/cloudflare-one/warp/support-ticket-best-practices.mdx

{props.sshMode ? (
<>
<p>On October 30, 2025, at approximately 3:45 PM UTC, Alice attempted to SSH into 10.116.0.3 (target hostname: prod-db-01) using Access for Infrastructure. The SSH client returned <code>Permission denied (publickey)</code> despite her email being included in the Access policy.</p>
Copy link
Contributor Author

@deadlypants1973 deadlypants1973 Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
<p>On October 30, 2025, at approximately 3:45 PM UTC, Alice attempted to SSH into 10.116.0.3 (target hostname: prod-db-01) using Access for Infrastructure. The SSH client returned <code>Permission denied (publickey)</code> despite her email being included in the Access policy.</p>
<p>On October 30, 2025, at approximately 3:45 PM UTC, Alice attempted to SSH into 10.116.0.3 (target hostname: prod-db-01) using Access for Infrastructure. The SSH client returned <code>Permission denied (none)</code> despite her email being included in the Access policy.</p>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nikitacano nikitacano Awaiting requested review from nikitacano nikitacano is a code owner

@ranbel ranbel Awaiting requested review from ranbel ranbel is a code owner

1 more reviewer

@lgmugnier lgmugnier lgmugnier left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@nikitacano nikitacano

@ranbel ranbel

Labels

October 2025 product:cloudflare-one size/m

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@deadlypants1973 @lgmugnier @nikitacano @ranbel