Which Cloudflare product does this pertain to?

Cloudflare One

Existing documentation URL(s)

https://developers.cloudflare.com/cloudflare-one/tutorials/ssh/

Section that requires update

Browser-rendered terminal

What needs to change?

This section does not give any indication on how the ssh service the application is connecting to has to be configured.
Any common hardened ssh service config will lead to an application error message when trying to load the browser-rendered terminal.
The application logs give no indication about the problem and these limitations are not documented elsewhere.

Here is part an example configuration for any Debian 10 or newer server running openssh as ssh service. This configuration will lead to said issue.

KexAlgorithms diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,curve25519-sha256,[email protected]
HostbasedAcceptedKeyTypes ssh-ed25519
HostKeyAlgorithms ssh-ed25519
Ciphers [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
MACs [email protected],[email protected],[email protected]

There is no direct documentation for the browser rendering feature from what I have found so this is the closest to include that in the documentation with.

How should it change?

This section needs to include the required/supported ssh service configuration for the host, mainly:

• Host Key Types
• Key Exchange Algorithms
• Encryption Ciphers
• Message Authentication Codes

Additional information

No response