Would it be unwise to make my file server (SSH only) machine (also runs a Minecraft server, And From time to time runs RSTS/E under simh) a tailscale router node to allow my traveling notebood access to the network when I am away?
Would it be unwise to make my file server (SSH only) machine (also runs a Minecraft server, And From time to time runs RSTS/E under simh) a tailscale router node to allow my traveling notebood access to the network when I am away?
Perhaps I will need to print from time to time, and I may want to access my desktop machine.
If I can use 2FA, especially a time-based one-time password That will be good. I have authy on my phone.
The traveling machine is going to be a Linux machine which will have a strong login password.
So the server as a talescale router set up to only accept a routing connection from my traveling laptop with 2fa. My server’s other services only accepting connections from my network. Do I have the basic concepts correct?
Sounds right to me. Here’s a link to some useful Tailscale documentation that helped me when setting up my own home lab: Tailscale Lockdown UFW
Thanks! That does look useful! Why does Tailscale use the 100.x.y.z range of IP addresses? Aren’t those also normal routable addresses?
That’s just the block of addresses that they have been allocated by ICANN.
@waspentalive @Lettuceeatlettuce https://tailscale.com/kb/1015/100.x-addresses
From the above for those who find it TTDU, This block of addresses is set aside for internally routed nodes inside ISPs.
( *TTDU Too technical didn’t understand )