Tailscale SSH's check mode (https://tailscale.com/kb/1193/tailscale-ssh/#configure-tails...) is meant to address the issue of "rogue process starts an SSH connection". For truly sensitive applications, you can set the check period to be "1s" to always require it.
Hmm. If the problem is that Tailscale SSH doesn’t strongly associate the person authenticating with the connection being authenticated, asking the person to reauthenticate seems like a pretty weak solution.
Unless I'm misunderstanding something, the check solution creates that strong association. Logging in gives you a link you have to go to and auth, authing let's your session connect. Disconnect, and you have to do this again.
No check mode reuses the auth of the tailscale client, check mode authenticates the ssh connection itself
amluto|3 years ago
Jarwain|3 years ago
No check mode reuses the auth of the tailscale client, check mode authenticates the ssh connection itself