Tailscale SSH
I finally got around to using Tailscale SSH. I’ve been using Tailscale for over a year to access my servers via SSH (my VPS is even available via Tailscale only), but I haven’t used the new Tailscale SSH feature yet.
But actually, that was a bit silly of me. After all, this new feature is just as great as the rest of Tailscale.
The SSH feature now allows you to not have to worry about SSH keys anymore. I was even able to delete the SSH keys from my machines because now Tailscale does the authentication.
All I had to do was to add a --ssh
to the tailscale up
command and to adjust the ACLs so that the connection also works from my mobile and to my VPS, which has a (Tailscale) tag:
{
"ssh": [
{
"action": "accept",
"src": ["autogroup:members"],
"dst": ["autogroup:self", "tag:public"],
"users": ["autogroup:nonroot", "root"],
},
],
}
What I have adjusted here is the action
which I changed from check
to accept
and I added tag:public
to dst
.
Good job, Tailscale team! 👍
Tags: Tailscale