New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FR: double opt-in to add nodes to tailnets #8823
Labels
fr
Feature request
L2 Few
Likelihood
P2 Aggravating
Priority level
pending
T0 New feature
Issue type
Comments
https://tailscale.com/kb/1226/tailnet-lock/ is one way to address concerns about adding nodes to tailnets. |
DentonGentry
added
L2 Few
Likelihood
P2 Aggravating
Priority level
T0 New feature
Issue type
pending
and removed
needs-triage
labels
Aug 9, 2023
Dear Tailscale,
You have an excellent product! The feature I requested was with pairing of servers. A certain group of state sponsored anonymous hackers, have very powerful spying equipment - invisible microdrones capable of viewing, listening, whispering and even mind-reading. Based on the documentation and my trials with Tailscale, using either the AuthKey or the authentication URL methods, the hackers, if they got hold of the key / URL faster they would be able to get access to the server. The ACL's, locks etc... would reduce the damage if such a thing happens, but to prevent such an incident, two-way confirmation, more like mutual authentication would make sense. Moreover, 256-bit keys can be hacked in few hours.
Let me explain in detail:
If someone sees my URL and adds into their account and immediately runs some script, that particular server would be temporarily in their control. But if the feature I have requested can be implemented, no one else can add or even do any damage. Because, they are state sponsored hackers they can control other physical things like power outages, internet outages etc... If they get a server in their control and do a power / internet outage, small one person startups like mine would face a lot of trouble. On top of that in cloud based workloads for example they could probably do data theft in that time-window.
state sponsored hackers = India's spying organization = R&AW
One of them did illegal immigration, misrepresented, lied under oath and now identity theft and identity distortion for cover-up.
My country India - such a corrupted country!
-
Mr. Kanti Kalyan Arumilli
Founder & CEO
https://www.facebook.com/kanti.arumilli/
https://www.linkedin.com/in/kanti-kalyan-arumilli/
***@***.***
He/Him
B.Tech, M.B.A
+44-33-3303-1284 (Preferred if calling from U.K)
+44-07718-273-964 (Roaming charges)
+1-480-347-6849
+91-789-362-6688
ALight Technology And Services Limited
ALight Technologies USA Inc
https://www.alightservices.com/
https://www.simplepro.site/
***@***.***
…---- On Wed, 09 Aug 2023 15:29:25 +0530 Denton Gentry ***@***.***> wrote ---
https://tailscale.com/kb/1226/tailnet-lock/ is one way to address concerns about adding nodes to tailnets.
—
Reply to this email directly, #8823 (comment), or https://github.com/notifications/unsubscribe-auth/AWVQXDY5YSLXEFSIECIELI3XUNNP3ANCNFSM6AAAAAA3JQDXOE.
You are receiving this because you authored the thread.
This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. You cannot use or forward any attachments in the email. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. ALight Technology And Services Limited, 2 Frederick Street, Kings Cross, London, United Kingdom, WC1X 0ND, www.alightservices.com
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
fr
Feature request
L2 Few
Likelihood
P2 Aggravating
Priority level
pending
T0 New feature
Issue type
What are you trying to do?
More secure way of pairing servers
How should we solve this?
I think re-gistering servers should be 2 way i.e
In the website allow copying some random GUID (don’t show the GUID in plain text).
In the server after tailscale up, prompt for the GUID, treat the GUID like password, allow pasting but don’t echo the GUID.
Generate another unique GUID on the server and display.
User copies the server-side GUID and pastes in the website.
Now pair the servers
Even if someone somehow steals the first GUID and pastes in their server, the second GUID generated by their server would be different and can’t be paired.
If someone steals the second guid, their browser-side first guid associated with their account would be different and can’t be paired.
What is the impact of not solving this?
Some pranker can try to pair someone else's server, ofcourse there would be a small window for them to do any harm, but still little risky.
Anything else?
No response
The text was updated successfully, but these errors were encountered: