mirror of
https://github.com/juanfont/headscale.git
synced 2026-01-11 20:00:28 +01:00
Tailnet Lock Feature request #462
Open
opened 2025-12-29 01:29:42 +01:00 by adam
·
16 comments
No Branch/Tag Specified
main
update_flake_lock_action
gh-pages
kradalby/release-v0.27.2
dependabot/go_modules/golang.org/x/crypto-0.45.0
dependabot/go_modules/github.com/opencontainers/runc-1.3.3
copilot/investigate-headscale-issue-2788
copilot/investigate-visibility-issue-2788
copilot/investigate-issue-2833
copilot/debug-issue-2846
copilot/fix-issue-2847
dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0
dependabot/go_modules/github.com/docker/docker-28.3.3incompatible
kradalby/cli-experiement3
doc/0.26.1
doc/0.25.1
doc/0.25.0
doc/0.24.3
doc/0.24.2
doc/0.24.1
doc/0.24.0
kradalby/build-docker-on-pr
topic/docu-versioning
topic/docker-kos
juanfont/fix-crash-node-id
juanfont/better-disclaimer
update-contributors
topic/prettier
revert-1893-add-test-stage-to-docs
add-test-stage-to-docs
remove-node-check-interval
fix-empty-prefix
fix-ephemeral-reusable
bug_report-debuginfo
autogroups
logs-to-stderr
revert-1414-topic/fix_unix_socket
rename-machine-node
port-embedded-derp-tests-v2
port-derp-tests
duplicate-word-linter
update-tailscale-1.36
warn-against-apache
ko-fi-link
more-acl-tests
fix-typo-standalone
parallel-nolint
tparallel-fix
rerouting
ssh-changelog-docs
oidc-cleanup
web-auth-flow-tests
kradalby-gh-runner
fix-proto-lint
remove-funding-links
go-1.19
enable-1.30-in-tests
0.16.x
cosmetic-changes-integration
tmp-fix-integration-docker
fix-integration-docker
configurable-update-interval
show-nodes-online
hs2021
acl-syntax-fixes
ts2021-implementation
fix-spurious-updates
unstable-integration-tests
mandatory-stun
embedded-derp
prtemplate-fix
v0.28.0-beta.1
v0.27.2-rc.1
v0.27.1
v0.27.0
v0.27.0-beta.2
v0.27.0-beta.1
v0.26.1
v0.26.0
v0.26.0-beta.2
v0.26.0-beta.1
v0.25.1
v0.25.0
v0.25.0-beta.2
v0.24.3
v0.25.0-beta.1
v0.24.2
v0.24.1
v0.24.0
v0.24.0-beta.2
v0.24.0-beta.1
v0.23.0
v0.23.0-rc.1
v0.23.0-beta.5
v0.23.0-beta.4
v0.23.0-beta3
v0.23.0-beta2
v0.23.0-beta1
v0.23.0-alpha12
v0.23.0-alpha11
v0.23.0-alpha10
v0.23.0-alpha9
v0.23.0-alpha8
v0.23.0-alpha7
v0.23.0-alpha6
v0.23.0-alpha5
v0.23.0-alpha4
v0.23.0-alpha4-docker-ko-test9
v0.23.0-alpha4-docker-ko-test8
v0.23.0-alpha4-docker-ko-test7
v0.23.0-alpha4-docker-ko-test6
v0.23.0-alpha4-docker-ko-test5
v0.23.0-alpha-docker-release-test-debug2
v0.23.0-alpha-docker-release-test-debug
v0.23.0-alpha4-docker-ko-test4
v0.23.0-alpha4-docker-ko-test3
v0.23.0-alpha4-docker-ko-test2
v0.23.0-alpha4-docker-ko-test
v0.23.0-alpha3
v0.23.0-alpha2
v0.23.0-alpha1
v0.22.3
v0.22.2
v0.23.0-alpha-docker-release-test
v0.22.1
v0.22.0
v0.22.0-alpha3
v0.22.0-alpha2
v0.22.0-alpha1
v0.22.0-nfpmtest
v0.21.0
v0.20.0
v0.19.0
v0.19.0-beta2
v0.19.0-beta1
v0.18.0
v0.18.0-beta4
v0.18.0-beta3
v0.18.0-beta2
v0.18.0-beta1
v0.17.1
v0.17.0
v0.17.0-beta5
v0.17.0-beta4
v0.17.0-beta3
v0.17.0-beta2
v0.17.0-beta1
v0.17.0-alpha4
v0.17.0-alpha3
v0.17.0-alpha2
v0.17.0-alpha1
v0.16.4
v0.16.3
v0.16.2
v0.16.1
v0.16.0
v0.16.0-beta7
v0.16.0-beta6
v0.16.0-beta5
v0.16.0-beta4
v0.16.0-beta3
v0.16.0-beta2
v0.16.0-beta1
v0.15.0
v0.15.0-beta6
v0.15.0-beta5
v0.15.0-beta4
v0.15.0-beta3
v0.15.0-beta2
v0.15.0-beta1
v0.14.0
v0.14.0-beta2
v0.14.0-beta1
v0.13.0
v0.13.0-beta3
v0.13.0-beta2
v0.13.0-beta1
upstream/v0.12.4
v0.12.4
v0.12.3
v0.12.2
v0.12.2-beta1
v0.12.1
v0.12.0-beta2
v0.12.0-beta1
v0.11.0
v0.10.8
v0.10.7
v0.10.6
v0.10.5
v0.10.4
v0.10.3
v0.10.2
v0.10.1
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.1
v0.7.0
v0.6.1
v0.6.0
v0.5.2
v0.5.1
v0.5.0
v0.4.0
v0.3.6
v0.3.5
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
v0.2.2
v0.2.1
v0.2.0
v0.1.1
v0.1.0
Labels
Clear labels
CLI
DERP
DNS
Nix
OIDC
SSH
bug
database
documentation
duplicate
enhancement
faq
good first issue
grants
help wanted
might-come
needs design doc
needs investigation
no-stale-bot
out of scope
performance
policy 📝
pull-request
question
regression
routes
stale
tags
tailscale-feature-gap
well described ❤️
wontfix
Mirrored from GitHub Pull Request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: starred/headscale#462
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @lyc8503 on GitHub (Apr 2, 2023).
Feature request
The official Tailscale server introduced https://tailscale.com/blog/tailnet-lock/ feature.
I think implementing this feature could protect my private tailnet from being accessed even if the hosting server was compromised or there were undiscovered vulnerabilities in my setup. The feature can further improve the security and privacy of our tailnets through cryptographic means.
@loprima-l commented on GitHub (Apr 28, 2023):
Hi, I think that's not the priority now, plus adding this type of key is useful if you can't trust the server, but you can't trust the client, as you are using your own Headscale instance, if your server is compromised probably your clients are compromised too, because if you secure your network well the risk is almost none.
@codethief commented on GitHub (May 7, 2023):
@loprima-l I'm afraid I can't follow you. Would you mind rephrasing your comment?
Back to the topic at hand: I agree with @lyc8503, Tailscale Lock would be great. Otherwise, IIUC if the Headscale server gets compromised, the entire Tailnet will be, too. (Unless, of course, you've deployed further authentication measures beyond Tailscale.)
@loprima-l commented on GitHub (May 7, 2023):
My point is : Yes it'll be an enhancement. But Headscale is not actually suitable for a sensitive environnement, and even if the point is to avoid security issues, securing more the product is not the current step. We can't take tail scale as an example, they introduced it only recently.
Maybe this would be a nice feature when Headscale is stabilized as for now the performances don't made it suitable for a large/sensitive environment. Headscale is fun to experiment or if you don't actually have the choice, your network shouldn't be exposed only by connecting to your instance, it's always necessary to have a secure infrastructure at all the levels.
@juanfont commented on GitHub (May 8, 2023):
I might do this at a later stage, as I am very curious about the implementation of Tailnet Lock. Because of this curiosity-driven development, for the time being I won't be accepting contributions on it.
Please consider Tailscale's SaaS if your use-case really requires this kind of security feature.
@nokados commented on GitHub (Oct 5, 2024):
@juanfont So, a year and a half later, are there any plans to implement this critical feature in the near future?
And it is really important, because in a private network, where all devices do not have a public IP and access from the outside, the coordinating server is the most vulnerable part. Moreover, many people have it located in a VPS (https://github.com/juanfont/headscale/issues/1072 ) that have root access to all their virtual machines. Without the ability to sign nodes, the network is completely open to the VPS provider and all his "friends", not to mention the possible hacking of the server itself through any vulnerabilities.
If you are still not ready to implement it yourself, maybe you will give it to contributors?
@juanfont commented on GitHub (Oct 10, 2024):
@nokados I have to admit that some of my (happy) life events prevent me from spending time on this.
If anyone is interested, please proceed with a design doc proposal + subsequent implementation? 😄
@cchance27 commented on GitHub (Dec 2, 2024):
Glad to hear your having good life events, hopefully someone can take this up as its a huge missing feature currently for headscale
@kradalby commented on GitHub (Dec 2, 2024):
A response to:
and
I think this is a bit exaggerated, Tailnet Lock is a featured designed by Tailscale to be able to not trust that the managed service as they do not allow you to self-host.
Since Headscale is a self-hosted service which you deploy on your own infra, the whole idea is that you use it because you trust yourself.
The complexity of the feature and more importantly the risk and impact of it being implemented wrongly means that having some random contributor would be quite concerning to me. I do not think I (nor Juan) is knowledgeable enough on these kind of topics to even review such a contribution.
Anyways, we would of course not block such a contribution, but I cannot really imagine how we would be comfortable reviewing and accepting it and all the responsibility that entails.
My personal opinion is that I think in general that the need for this feature is exaggerated in this thread and if you do not trust your own infra, then that seem like a problem to tackle before needing this feature.
@lyc8503 commented on GitHub (Dec 2, 2024):
I use Google Cloud Platform myself and I trust their VPS, the probability of an infra being compromised is really low when configured correctly. But as someone mentioned above, it is possible that some people are using VPS products from unknown/suspicious vendors for hosting tailnet for budgetary reasons. (For the price of a one-month VPS at GCP you can buy a one-year VPS with the same performance at these vendors.) If we can put all the trusts on the client, we can confidently deploy Headscale anywhere, without having to constantly worry about “will my hosting provider access / hack into my private network”.
I agree with you, it's annoying to have to rebuild the whole tailnet if I get locked out due to a configuration/implementation error. Perhaps the risks of doing this could be stated in the documentation, or label it as a BETA feature at first.
@codethief commented on GitHub (Dec 2, 2024):
(emphasis mine)
The whole point is that Tailnet Lock would allow one to tackle the problem of not trusting one's own infra. :)
Either way, I think the Lock feature would be very valuable since the security implications of an attacker taking over the Headscale server could be quite severe from what I've been able to tell? (Related: https://github.com/juanfont/headscale/issues/1432)
@echobom commented on GitHub (Mar 7, 2025):
This is a very important security feature. I hope some contributors can support this feature. I appreciate it very much.
@lynatic1337 commented on GitHub (Apr 8, 2025):
From what I've figured while reading through the whitepaper the entire point of Tailnet lock seems to be that this is mainly a thing bootstrapped and enforced by the nodes while the control planes only role is distributing updates signed by the nodes, the verification magic has to happen at the client level.
Tailnet lock builds on AUMs (Authority update messages). These are in essence comparable to signed git commits that contain info which public keys are allowed to be in the Tailnet and which TLKs (tailnet lock key, each node has their own for signing AUMs) are allowed to author/sign "commits". A AUM will only be accepted by a node if it is signed by a TLK that the was listed as a trusted key in the previous AUM.
Basically it looks like we just have to make the control plane be able to distribute AUMs, everything cryptographically more complicated that happens with those AUMs should be handled by the nodes/clients (for which Tailscale Inc. already does provide secure implementations).
Say if someone wanted to reverse engineer how the AUM distribution works and hack that into headscale for testing purposes, what would be the most efficient way to reverse engineer Tailscale for that? MITMing network traffic?
@unusualevent commented on GitHub (Sep 13, 2025):
I can see about building this. I'll need some guinea pigs to try out the feature on windows and iOS though.
@zaid-marji commented on GitHub (Sep 24, 2025):
The point of self-hosting is indeed that you trust your own infrastructure more than other service providers. Moreover, the point of using VPNs or VPN-like products is to keep your infrastructure behind firewalls.
Headscale by necessity needs to be publicly exposed, and so, by necessity it is much more exposed and vulnerable than other services. Therefore, whether Headscale is hosted in a DMZ inside your infrastructure or a VPS (which is a respectable place to host such a service), Tailnet Lock is useful and arguably necessary feature. Many ISPs also use CGNAT which is another use-case that Tailscale/Headscale is designed to help with, which makes the use of VPS a requirement (or pay extra for a dedicated IP).
Either way, there are legitimate reasons why people may need the additional security that Tailnet lock provides, either because they host the Headscale server outside of their infrastructure, or in an inherently less secure DMZ.
@warnspread commented on GitHub (Nov 21, 2025):
Just to step in here: I would love to use Headscale over Tailscale, but since tailnet lock is not available i will not use it. Sadly, since its free, this is not an agument for the developers to implement it, but just to show how important the feature is for some people.
I want to trust the devices in my home not the device in someones datacenter.
@CloudmarkGIT commented on GitHub (Dec 21, 2025):
Hello everyone,
It has been over two years since this feature request was opened, but the value of a Zero Trust control plane remains high.
I would like to request a re-evaluation of this feature's feasibility. To facilitate this, I have prepared a technical specification for a "lightweight" implementation. The proposed architecture minimizes server-side complexity by adopting an "Agnostic Storage" approach - delegating validation logic to the clients and treating Headscale primarily as a reliable transport for TKA messages.
Please find the design document attached for a quick assessment of the implementation complexity: Headscale-Tailnet-Lock-Design_Implementation.pdf
Thank you for your time and for all the hard work on Headscale!