DevelopersDevOpsDevSecOpsFeaturedLet's TalkSecurityVideo

Tailscale SSH Aims To Simplify And Secure Remote Connections | Maya Kaczorowski


Tailscale is a way to create a mesh network between your devices using end-to-end encryption. The company has recently announced Tailscale SSH, which allows you to have SSH (Secure Shell or Secure Socket Shell) connections that are done over Tailscale. Instead of using SSH which then has to be distributed to every host or certificates that have to be installed in every location, Tailscale SSH uses the fact that the devices are already on Tailscale, allowing you to manage the authentication of your SSH connection based on your SSO (Single Sign-On).

In this episode of TFiR Let’s Talk, Swapnil Bhartiya sits down with Maya Kaczorowski, Product Manager at Tailscale, to discuss Tailscale SSH in beta and how it simplifies remote connections, taking away the need for SSH keys. She explains the motivation behind creating Tailscale SSH and what sticking points it is tackling.

Key highlights of this video interview are:

  • Tailscale has recently released Tailscale SSH, which allows you to have an SSH connection that is done over Tailscale. It encrypts the connection and authorizes it based on your access controls in Tailscale. Kaczorowski explains how Tailscale SSH is different from traditional SSH and the benefits of their offering.
  • Kaczorowski explains the steps to set up Tailscale SSH.
  • The setup and experience for the admin are different since you do not need to generate a key pair or get the private key onto your device. Kaczorowski describes how the experience is different for a user and what remains unchanged.
  • Access controls are defined in the ACLs in Tailscale, and the ACL is pushed to each device individually and that device then enforces access locally to incoming traffic. Kaczorowski explains how access control on Tailscale SSH works similarly and how you can revoke access.
  • Kaczorowski shares the three main motivations behind Tailscale SSH. Firstly, the company’s own frustrations at managing SSH keys; secondly, from looking at their user base and wanting to improve their SSH experience; and also, wanting to create a similar solution for SSH as with WireGuard.
  • Tailscale SSH is available in beta in all their plans, both paid and free. However, Kaczorowski clarifies some instances where the ACLs would be limited.

Connect with Maya Kaczorowski (LinkedIn, Twitter)

Learn more about Tailscale (LinkedIn, Twitter)

The summary of the show is written by Emily Nicholls.

Read Transcript

Don't miss out great stories, subscribe to our newsletter.

Smallstep Certificate Manager Toolkit Helps Developers Secure Their Infrastructure

Previous article

Koverse Data Platform 4.0 Enforces Zero Trust For Data With Attribute-Based Access Controls

Next article
Login/Sign up