jlelse
jlelse
My public VPS is now only accessible via SSH from my tailnet. One more possible attack vector less.In Alpine Linux I switched to the linux-lts kernel, installed Tailscale from the edge-community repository via repository pinning, removed the rule to allow SSH from the Hetzner cloud fire... jlelse.blog
|
Embed
pimoore
pimoore

@jlelse Tailscale is just incredible, I tried it out accessing my old MBA from my phone and it was flawless. Interesting idea around the ACL lockdown, do you have a link for what you followed to set that up?

|
Embed
In reply to
jlelse
jlelse

@pimoore I just set a tag for the VPS and only allowed access to all devices from my user. That somehow excludes tagged machines.

|
Embed
pimoore
pimoore

@jlelse That’s just awesome, I still have a DO account hanging around with some time left on it. Maybe I’ll have a play around with this.

|
Embed
jlelse
jlelse

@pimoore Have fun!

|
Embed