pam
headscale
pam | headscale | |
---|---|---|
2 | 222 | |
139 | 20,069 | |
0.7% | - | |
0.0 | 9.3 | |
over 1 year ago | 4 days ago | |
Rust | Go | |
BSD 3-clause "New" or "Revised" License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pam
-
Tailscale SSH
> I know it says it's linux-only right now, but is that client side or server only? Can my Windows users TailSSH into linux boxes?
Linux-only on the server right. macOS support is kinda there (in git) but not entirely done and not included in the GUI builds. Windows server support is tracked in https://github.com/tailscale/tailscale/issues/4697.
You can use any SSH client from any OS.
> Would be cool if somehow it could wedge into sudo auth so you could login as a a user and sudo without password if allowed by ACLs
Some of the start of that is in https://github.com/tailscale/pam
> One thing that has prevented me from trying Tailscale, despite the great word on the street, is I can't figure out pricing, despite contacting sales. I'd like to run it on ~120 dev+stg+prod VMs, with 10 people (devs, testers, ops). I'd like every box to talk over tailscale directly, as an overlay network, but servers I hope aren't users, that'd get expensive fast. But I need more devices than 10/user. I presume "custom" would help with that but I got no reply from sales. We are probably too small fry. Now that I'm typing this, I realize I guess we could just buy ~15-20 users despite needing only 10.
You only pay for unique humans, not tagged role account devices. I wonder if your email got eaten as spam or something. Email me (username at tailscale) and copy sales@ and I'll make sure somebody replies. But I don't think you need a custom plan.
> I think I've resolved myself to setting up Nebula for the server overlay network, and using Tailscale for physical users, with a traditional firewall bridging them.
Hey, if you've got something that works, stick with it. :)
- The Surreal Horror of Pam
headscale
-
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
headscale - Open source implementation of Tailscale control server. Can be used with Tailscale's official open source client. Written in Go.
-
Building a Managed Service Provider Business With Open Source
Headscale
-
Russia has started indiscriminately blocking all OpenVPN/WireGuard connections
You can always use headscale. https://github.com/juanfont/headscale
-
Securely Accessing Private AWS Resources from GitHub Actions with TailScale
One more thing, you can host Tailscale Control Server yourself if you want, which is a plus.
-
A word of caution about Tailscale
https://github.com/juanfont/headscale not to mention but Tailscale has a very good culture, I’m sure they would give notice if they pull the rug. There are also many alternatives such as Zerotier and more are showing up every day and open source options.
- Is HTTPS necessary?
-
Connecting several hundreds IoT (raspberry pi's) devices with a VPN
How about self-hosted Tailscale, known as Headscale
-
Tailscale Kubernetes Operator
Would be nice if https://github.com/juanfont/headscale can be managed by the Tailscale operator.
-
Mullvad on Tailscale: Privately browse the web
You can run your own "head scale" control server and use their clients with it: https://github.com/juanfont/headscale
Requires a lot more setup, but it is an option. I've been self-hosting headscale for some time and it is quite stable.
-
Netbirdio/netbird: Connect devices into a single private WireGuard mesh network
There's an alternative to tailscale service called headscale https://github.com/juanfont/headscale (CLI only server compatible with official tailscale clients)
What are some alternatives?
if-then-else - !!Con West 2019 talk
tailscale - The easiest, most secure way to use WireGuard and 2FA.
gossm - đź’»Interactive CLI tool that you can connect to ec2 using commands same as start-session, ssh in AWS SSM Session Manager
Netmaker - Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
addon-tailscale - Tailscale - Home Assistant Community Add-ons
zero-ui - ZeroUI - ZeroTier Controller Web UI - is a web user interface for a self-hosted ZeroTier network controller.
netbird - Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls.
ZeroTier - A Smart Ethernet Switch for Earth
Nebula - A scalable overlay networking tool with a focus on performance, simplicity and security
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.
innernet - A private network system that uses WireGuard under the hood.
docker-cloudflare-ddns - A small amd64/ARM/ARM64 Docker image that allows you to use CloudFlare as a DDNS / DynDNS Provider.