Conversation
|
@fmoledina @jshufro Can you take a quick look at this? |
|
|
||
|  | ||
|
|
||
| It is suggested to [disable key expiry](https://tailscale.com/kb/1028/key-expiry) to prevent the need to periodically re-authenticate. |
There was a problem hiding this comment.
specify only to do this for the node
|
|
||
| It is suggested to [disable key expiry](https://tailscale.com/kb/1028/key-expiry) to prevent the need to periodically re-authenticate. | ||
|
|
||
| You should now be able to `exit` the SSH session to your node on your client, and SSH into your node again through Tailscale using `ssh your.user@rocketnode`. |
There was a problem hiding this comment.
this kind of assumes magicdns is enabled, but the guide doesn't say to enable it
There was a problem hiding this comment.
Agreed with this. I think the guide should be clear about this. Perhaps something like
...
If you would like to access your node using a memorable hostname such asrocketnode, you can do so by enabling MagicDNS in the Tailscale settings.
...
| sudo ufw allow 41641/udp | ||
| ``` | ||
|
|
||
| Remove the SSH port added before from the firewall (for example, if you used the default port of 22): |
There was a problem hiding this comment.
should leave 22 open to lan, otherwise tailscale becomes a single point of failure
|
|
||
| ```shell | ||
| sudo ufw allow in on tailscale0 comment | ||
| sudo ufw allow 41641/udp |
There was a problem hiding this comment.
Although the Tailscale UFW article provides this example command, their firewall and ports guides indicate that forwarding 41641/udp is not required unless you're dealing with a problematic NAT environment.
FWIW, I haven't had to forward any ports for Tailscale to just work on the handful of local machines (Linux, Windows) and remote VPS instances that I've used it with.
I think the guide should avoid suggesting that this port be forwarded and instead it could become a support item if people are encountering issues with connectivity.
|
|
||
| It is suggested to [disable key expiry](https://tailscale.com/kb/1028/key-expiry) to prevent the need to periodically re-authenticate. | ||
|
|
||
| You should now be able to `exit` the SSH session to your node on your client, and SSH into your node again through Tailscale using `ssh your.user@rocketnode`. |
There was a problem hiding this comment.
Agreed with this. I think the guide should be clear about this. Perhaps something like
...
If you would like to access your node using a memorable hostname such asrocketnode, you can do so by enabling MagicDNS in the Tailscale settings.
...
|
Picked up this PR in #224 |
6 participants
Built off the work initially done by @Grok13 in PR #82
Split out into its own page and added to the menu system, made a few updates as well as reference images.