Try free on Pangolin Cloud
Fastest way to get started with Pangolin using the hosted control plane. No credit card required.
Only available in Pangolin Cloud and Enterprise Edition.

How It Works
- You assign a FQDN on a domain managed in Pangolin.
- The user completes public resource authentication in the browser (platform SSO, identity providers, access rules, and so on).
- Depending on the SSH configuration you chose, the user may be prompted for a second credential step or proceed directly into the terminal.
- Pangolin renders the session and proxies traffic to the backend through a site connector.
Site and Host Configuration
SSH public resources do not use targets. Instead, you:- Select which sites can route to the resource.
- Enter the backend host and port—unless you selected Pangolin SSH mode, which executes sessions on the site connector host and does not require a host or port.
SSH Configuration
The SSH settings on a public resource use the same options as private SSH resources. Mode, authentication method, and auth daemon location are configured identically in the dashboard. See SSH Access for a full explanation of each option, setup instructions, and an example for every configuration combination.How Public SSH Differs from Private SSH
| Public SSH | Private SSH | |
|---|---|---|
| Access | Web browser at a public FQDN | Pangolin CLI: pangolin ssh <alias> |
| Client required | No | Yes — user must be connected with the Pangolin client |
| First auth layer | Public resource authentication — login page, SSO, access rules | Identity from the active client connection; private resource access rules |
| Hostname | Public FQDN on your Pangolin domain | Alias on the private resource |

