From a830b835b93e13a09ceaa57103e6ab106ad3369f Mon Sep 17 00:00:00 2001 From: "Alex Ellis (OpenFaaS Ltd)" Date: Sun, 20 Oct 2024 08:53:35 +0100 Subject: [PATCH] Mention IP filtering is available in inlets-cloud Signed-off-by: Alex Ellis (OpenFaaS Ltd) --- blog/_posts/2024-10-17-ssh-with-inlets-cloud.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/blog/_posts/2024-10-17-ssh-with-inlets-cloud.md b/blog/_posts/2024-10-17-ssh-with-inlets-cloud.md index d9b9cd7..3f9a242 100644 --- a/blog/_posts/2024-10-17-ssh-with-inlets-cloud.md +++ b/blog/_posts/2024-10-17-ssh-with-inlets-cloud.md @@ -190,7 +190,7 @@ Access is completely private, there is no way to decrypt the SSH traffic, and it **IP filtering/allow list** -For taking things further, sshmux also supports an IP allow list, which will be available in inlets-cloud shortly, or which you can use already today with the self-hosted version of inlets-pro. +For taking things further, sshmux also supports an IP allow list, which is available for inlets-cloud and self-hosted tunnels. If the IP for your mobile hotspot was 35.202.222.154, you could write the following to restrict access to `nuc.example.com` to only yourself: @@ -202,6 +202,8 @@ upstreams: - 35.202.222.154 ``` +Then just add a `--proxy-protocol` argument to the `inlets-pro sshmux` command before restarting the command. You can use `v1` or `v2` as the argument, just make sure it is the same as the one you selected for the tunnel server. + Watch a video walk-through of this tutorial: {% include youtube.html id="ws3-VlL2884" %}