16 Aug 2024 |
K900 | If you have Tailscale on a machine, you can just enable SSH access to it | 15:17:09 |
K900 | And it goes through the Tailscale network | 15:17:17 |
Aurora Ennie Seidr (she / her) | In reply to @nzbr:nzbr.de LLMs output just tends to be long and that makes the conversation less easy to follow Yeah I get that too when you point it out like that. I can see it from your perspective | 15:17:26 |
nzbr (they/it) | tailscale ssh makes the tailscale login your authentication method for the SSH server | 15:17:49 |
K900 | See https://tailscale.com/kb/1193/tailscale-ssh | 15:17:35 |
K900 | Oh wait, sorry | 15:18:06 |
K900 | It does not actually work on Windows yet | 15:18:11 |
K900 | Only Linux and OSX | 15:18:17 |
nzbr (they/it) | it's pretty neat, but I found it quite annoying when connecting to a remote builder through it | 15:18:16 |
K900 | The client side works, but not the server | 15:18:25 |
Aurora Ennie Seidr (she / her) | In reply to @k900:0upti.me Only Linux and OSX Crap! | 15:21:22 |
Aurora Ennie Seidr (she / her) | Crap crap crap crap | 15:21:34 |
K900 | You can still do normal SSH over Tailscale | 15:21:39 |
K900 | Just not the magic tailscale ssh thing | 15:21:45 |
Aurora Ennie Seidr (she / her) | So now I'm confused. | 15:21:59 |
K900 | tailscale ssh basically makes the Tailscale app itself act as the SSH server for other things on your tailnet | 15:22:26 |
K900 | You can't have that on Windows | 15:22:34 |
Aurora Ennie Seidr (she / her) | If I install this, it's not going to let me in unless I mess with my router to do nat just like I was trying to avoid then? | 15:22:41 |
K900 | But you can have a normal SSH server | 15:22:41 |
K900 | It will connect just fine | 15:22:52 |
Aurora Ennie Seidr (she / her) | In reply to @k900:0upti.me But you can have a normal SSH server The one you linked? | 15:22:58 |
K900 | But you'll have to install an SSH server yourself | 15:23:02 |
K900 | Yes | 15:23:03 |
Aurora Ennie Seidr (she / her) | Okay.... I think I get it | 15:23:39 |
nzbr (they/it) | Tailscale can route any traffic that can go over a WireGuard tunnel, so for example a regular SSH server
Tailscale ssh is where the Tailscale daemon runs it's own ssh server on the VPN interface specifically to enable the magic auth through the Tailscale account | 15:24:03 |
Aurora Ennie Seidr (she / her) | I'm not sure what wireguard is to be honest | 15:24:38 |
Aurora Ennie Seidr (she / her) | I thought ssh was it's own protocol | 15:24:56 |
Aurora Ennie Seidr (she / her) | And was encrypted with rsa | 15:25:05 |
K900 | Wireguard is just an implementation detail here really | 15:25:35 |
K900 | You don't need to think about it | 15:25:56 |