You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When defining an Tailscale SSH ACL policy with the action set to check, an additional authentication against the OIDC endpoint is required, which grants access within an optional checkPeriod, defaulting to 12 hours and allowing to be set to always.
Add support for web client check mode #1623, where upstream reports about the availability of a web check mode in the Tailscale client, currently restricted to the upstream control plane.
The text was updated successfully, but these errors were encountered:
Why
Tailscale upstream supports SSH check mode.
We would like to use it with Headscale, too.
Description
When defining an Tailscale SSH ACL policy with the
action
set tocheck
, an additional authentication against the OIDC endpoint is required, which grants access within an optionalcheckPeriod
, defaulting to 12 hours and allowing to be set toalways
.References
This is related to, but not identical to:
check
modeThe text was updated successfully, but these errors were encountered: