From 7ad636f5b747a2535e1e92c05f9fcfe607abc55d Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Sun, 30 Oct 2022 19:56:19 -0700 Subject: [PATCH] cmd/tailscale/cli: flesh out "tailscale ssh" CLI docs Per user feedback. Fixes #5877 Change-Id: Ib70ad57ec2507244fc54745f4e43c0ce13f51e9c Signed-off-by: Brad Fitzpatrick --- cmd/tailscale/cli/ssh.go | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/cmd/tailscale/cli/ssh.go b/cmd/tailscale/cli/ssh.go index 9d3022043..f1da52093 100644 --- a/cmd/tailscale/cli/ssh.go +++ b/cmd/tailscale/cli/ssh.go @@ -28,7 +28,23 @@ Name: "ssh", ShortUsage: "ssh [user@] [args...]", ShortHelp: "SSH to a Tailscale machine", - Exec: runSSH, + LongHelp: strings.TrimSpace(` + +The 'tailscale ssh' command is an optional wrapper around the system 'ssh' +command that's useful in some cases. Tailscale SSH does not require its use; +most users running the Tailscale SSH server will prefer to just use the normal +'ssh' command or their normal SSH client. + +The 'tailscale ssh' wrapper adds a few things: + +* It resolves the destination server name in its arugments using MagicDNS, + even if --accept-dns=false. +* It works in userspace-networking mode, by supplying a ProxyCommand to the + system 'ssh' command that connects via a pipe through tailscaled. +* It automatically checks the destination server's SSH host key against the + node's SSH host key as advertised via the Tailscale coordination server. +`), + Exec: runSSH, } func runSSH(ctx context.Context, args []string) error {