It's very different, CF tunnel is a reverse proxy to your service, Tailscale SSH manages authentication to machines inside your VPN. I can't see any resemblance, personally.
First of all, for CF, it manages the authentication part of ssh with SSO support (personally I used github)
Secondly, it has clients (on iOS it is called Cloudflare One) which can act as a VPN service as well. You can access any IP addresses (if you setup the vpc correctly [0]) directly accessible to cloudflared daemons.
My understanding is that only Tailscale is end-to-end-encrypted, though both ensure that all traffic is encrypted on the wire. I don’t claim this as fact because, unlike the Cloudflare docs, Tailscale’s claim (yell) that there is no way for them to decrypt.
I’d be pleased to be proven wrong (and jgrahamc is def ITT) as I use a bunch of CF services already and it would be great to have one less PaaS in my life.
I have been using Cloudflare's cloudflared tunnels. It was great for tunneling ssh traffic behind firewalls. And it starts free.
[0] https://developers.cloudflare.com/cloudflare-one/connections...