SSH with Termux

2025-10-14 termuxsshcloudflare

I found the easiest way to access my Macbook from an Android phone. Recently, I was searching for ways to look at my training logs when I was away from my laptop. However, I cannot carry the laptop everywhere, especially in crowded areas like temples & metro. I discovered a useful app called Termux for Android, which allows me to SSH into my Mac.

When both the devices are on the same network, you can use the IP address of the LAN and what is called port forwarding. But when they aren't on the same network (as in my case), there are several methods to SSH into a remote machine. I found the easiest way using the Cloudflared tunnel.

Step 1 : Install termux and create a ssh key pair

# 1. update & install OpenSSH
pkg update && pkg upgrade -y
pkg install openssh -y

# 2. generate a ssh key pair
ssh-keygen -t ed25519
cat ~/.ssh/id_ed25519.pub
brace yourself; the ssh key and environment issues are coming

Enable SSH (remote login) and paste the ssh string in the mac terminal.

mkdir -p ~/.ssh
chmod 700 ~/.ssh

# open config file and paste the pub key 
nano ~/.ssh/config  

# secure the file
chmod 600 ~/.ssh/config

Confirm macOS firewall allows SSH: System Settings → Network → Firewall (or pf), or just test from another device on LAN.

Step 2 : Install cloudflared and create a tunnel

I installed Cloudflare Tunnel on both devices and connected them using an SSH key that we created. This enables me to utilise the Cloudflare Tunnel service, which is entirely free. This is what reverse tunneling is.

brew install cloudflared  # for Mac
cloudflared tunnel login  # select any domain (doesn't matter, just required for authentication)
cloudflared tunnel create <name> # create a tunnel with a <name>

On Mac, create the config file nano ~/.cloudflared/config.yml and paste:

tunnel: <name>
credentials-file: /Users/<macbook_username>/.cloudflared/<name>.json

ingress:
  - hostname: ssh.<name>
    service: ssh://localhost:22
  - service: http_status:404

Then create a DNS record with cloudflared tunnel route dns <name> <name>. Next, run the tunnel with cloudflared tunnel run <name>. This gives you a hostname like <name>-xxxxx.cfargotunnel.com – your persistant secure hostname for SSH access to your Macbook.

I also configured termux for easy login. On android, nano ~/.ssh/config, then modify as desired:

Host <name>
    HostName <name>-xxxxx.cfargotunnel.com
    User <macbook_username>
    IdentityFile ~/.ssh/id_ed25519
    ProxyCommand cloudflared access ssh --hostname %h

This is all one time setup. From the next time, just run ssh <name> in termux. Before that, make sure tunnel is running on the mac. You can use tmux to log into the same shell and take control of the mac. Now, I can easily view my training map and don’t have to carry my laptop everywhere I go.

PS: I used my domain name instead of the default one provided by cloudflare.

← Back to all posts