> If you're using only key-auth and have password auth disabled, I'm not sure wh... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gabeio 5 months ago \| parent \| context \| favorite \| on: Tailscale is pretty useful > If you're using only key-auth and have password auth disabled, I'm not sure why unauthorized attempts are a problem. See xz vulnerability for more details. It’s about not trusting people with any of my ports/software (directly).

papichulo2023 5 months ago [–]

Did you vet all Tailgate infra? Because now your attack surface is way higher. Wouldnt surprise the xz is somewhere there as well.

gabeio 5 months ago | [–]

> Did you vet all Tailgate infra?

> I use the tailscale lock feature so not even tailscale themselves can add nodes to my network.

https://tailscale.com/blog/tailnet-lock

https://tailscale.com/kb/1226/tailnet-lock

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact