Hacker News new | past | comments | ask | show | jobs | submit login

I've been looking into using Tailscale/Headscale but I've been struggling[0] to find in-depth information about what security risk the coordination server poses (should it get hacked). Yes, the node list can be locked but the ACL cannot(?) So if I, say, run the Headscale coordination server on one of the devices that are part of my Tailnet, wouldn't an attacker that controls the coordination server automatically get access to my entire Tailnet, including SSH access to every device? So is the conclusion

- Always lock your node list, whether you use Tailscale or Headscale.

- If you use Headscale, run the coordination server entirely separately from your Tailnet.

?

[0]: https://forum.tailscale.com/t/tailscale-security-what-if-the... )




Curious why you want to run Headscale? Is it purely to avoid the risks of the coordination server?


Yes, and because Tailscale requires me to use a third-party identity provider.


As of about a month ago, you can self-host your own OIDC identity provider; for example, Ory Hydra is open-source.

https://tailscale.com/blog/custom-oidc/


Thanks, I did read that blog post but adding yet another dependency to my stack just for authentication of a single user (me)? I don't know… Then I might as well just install Headscale.


Got it. Makes sense. A big part of why we're building Bowtie. https://bowtie.works . We stay out of the critical path.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: