We found that we were unable to establish a tunnel using the Balena CLI successfully to forward port 22222 as standard to localhost or SSH even though SSH keys were provided in the Balena UI prior to connecting.
The error received was "Permission denied (publickey).
To fix this we manually edited config.json in /mnt/boot/ and could then connect, however this was a manual process so can’t be repeated if keys need to be changed across fleets etc.
Is this a bug or should config.json have been updated automatically after provision of the keys in the Balena UI? It would appear so but we found it wasn’t the case.
Looks like this feature isn’t quite available via the Balena UI (adding SSH keys to config.json using keys added to Balena in the cloud via preferences).