Would it be unwise to make my file server (SSH only) machine (also runs a Minecraft server, And From time to time runs RSTS/E under simh) a tailscale router node to allow my traveling notebood access to the network when I am away?
Would it be unwise to make my file server (SSH only) machine (also runs a Minecraft server, And From time to time runs RSTS/E under simh) a tailscale router node to allow my traveling notebood access to the network when I am away?
Perhaps I will need to print from time to time, and I may want to access my desktop machine.
If I can use 2FA, especially a time-based one-time password That will be good. I have authy on my phone.
The traveling machine is going to be a Linux machine which will have a strong login password.
So the server as a talescale router set up to only accept a routing connection from my traveling laptop with 2fa. My server’s other services only accepting connections from my network. Do I have the basic concepts correct?
Sounds right to me. Here’s a link to some useful Tailscale documentation that helped me when setting up my own home lab: Tailscale Lockdown UFW
Thanks! That does look useful! Why does Tailscale use the 100.x.y.z range of IP addresses? Aren’t those also normal routable addresses?
@waspentalive @Lettuceeatlettuce https://tailscale.com/kb/1015/100.x-addresses
From the above for those who find it TTDU, This block of addresses is set aside for internally routed nodes inside ISPs.
( *TTDU Too technical didn’t understand )
That’s just the block of addresses that they have been allocated by ICANN.