this post was submitted on 08 Apr 2025
34 points (97.2% liked)

Selfhosted

46168 readers
388 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
34
Using Tailscale As A Traditional VPN (lemmy.world)
submitted 2 weeks ago by irmadlad@lemmy.world to c/selfhosted@lemmy.world
18 comments fedilink hide all child comments
 

I am toying with the idea of using one of my Tailscale instances as traditional VPN, using the exit node features. I think I have that part down to a note as far as what has to be done in order for this to happen.

My question is if there are any security risks or security provisions that need to be made to keep the envelope secure. I am the only user of my Tailscale network, so I don't have to worry about another user jacking things up. However, I am concerned about the implications of the visibility of the exit node I would be connecting to.

you are viewing a single comment's thread
view the rest of the comments
[–] F04118F 4 points 2 weeks ago (2 children)

The way I understand it, there's 2 use cases for a VPN, with different concerns and providers:

  • having access to your private home network from anywhere, through an encrypted tunnel (Tailscale, Wireguard on the router, etc)
  • having your outgoing traffic to the internet go through an anonymized exit node so that your ISP can not watch or sell what you are doing (ProtonVPN, Mullvad VPN, etc)

Is Tailscale fit for the second? I thought not, as the exit node is not an anonymized VPN server but one of your own machines.

[–] effward@lemmy.world 8 points 2 weeks ago (1 children)

If you create little solar-powered micro computers and toss them onto the roof of a bunch of random businesses with public Wi-Fi, then run them as exit nodes then you could bounce your connection around through a random set.

I didn't come up with this, I think it was a plot point in some novel I read.

[–] F04118F 2 points 2 weeks ago

That's crazy and genius!

"I don't do cloud computing, I do solar computing"

[–] just_another_person@lemmy.world 2 points 2 weeks ago

Yes, OP understand that, which is why he is asking about security to the exit node on a Tailnet.